Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: http authentication & lfs endpoints #346

Merged
merged 4 commits into from
Jul 28, 2023
Merged

feat: http authentication & lfs endpoints #346

merged 4 commits into from
Jul 28, 2023

Conversation

aymanbagabas
Copy link
Member

@aymanbagabas aymanbagabas commented Jul 24, 2023
edited
Loading

Generate jwt tokens using ssh host key jwk
Implement git-lfs-authenticate to generate tokens through ssh
Authenticate user using HTTP
Push repositories over HTTP
Support Git LFS over HTTP (batch & basic APIs)

TODO:

@aymanbagabas aymanbagabas changed the title feat: http authentication feat: http authentication & lfs endpoints Jul 24, 2023
@aymanbagabas aymanbagabas mentioned this pull request Jul 24, 2023
Merged
3 tasks
@codecov
Copy link

codecov bot commented Jul 25, 2023
edited
Loading

Codecov Report

Merging #346 (d9a682f) into lfs-ssh (60c503d) will decrease coverage by 5.67%.
The diff coverage is 4.19%.

❗ Current head d9a682f differs from pull request most recent head bb96848. Consider uploading reports for the commit bb96848 to get more accurate results

@@             Coverage Diff             @@
##           lfs-ssh     #346      +/-   ##
===========================================
- Coverage    47.32%   41.66%   -5.67%     
===========================================
  Files          120      131      +11     
  Lines         9325    10475    +1150     
===========================================
- Hits          4413     4364      -49     
- Misses        4596     5790    +1194     
- Partials       316      321       +5
Files Changed Coverage Δ
server/access/context.go 0.00% <0.00%> (ø)
server/backend/auth.go 0.00% <0.00%> (ø)
server/backend/collab.go 80.00% <0.00%> (-5.72%) ⬇️
server/backend/hooks.go 0.00% <0.00%> (ø)
server/backend/lfs.go 25.00% <0.00%> (-0.50%) ⬇️
server/config/ssh.go 0.00% <0.00%> (ø)
server/db/errors.go 31.57% <ø> (ø)
server/db/migrate/migrations.go 50.00% <ø> (ø)
server/git/lfs.go 1.89% <0.00%> (-0.23%) ⬇️
server/git/lfs_auth.go 0.00% <0.00%> (ø)
... and 20 more

@aymanbagabas aymanbagabas force-pushed the http-auth branch 2 times, most recently from 907b110 to 17d498d Compare July 25, 2023 14:56
@aymanbagabas aymanbagabas marked this pull request as ready for review July 25, 2023 20:32
@aymanbagabas aymanbagabas requested a review from toby July 25, 2023 20:32
@aymanbagabas
feat(web): implement git auth and lfs
bb96848 
Generate jwt tokens
Implement git-lfs-authenticate to generate tokens through ssh
Authenticate user using HTTP

fix: git lfs endpoint auth

feat: git lfs locks

Implement git lfs locks endpoints

fix: tests

fix: access tokens migration

add expires_at

fix: lint errors

fix: cleanup

Revert "fix: cleanup"

This reverts commit 728173f.

fix(db): don't drop tables
@aymanbagabas
feat: support user access tokens
69c6ebd 
Users now can generate access tokens and use them to authenticate with
Soft Serve HTTP Git server. It supports basic username & password,
generated access tokens, and JWT tokens.

As of now there is no way the user can set a password. This will be
implemented in a separate PR.

Access tokens hashes are stored in the database along with an optional
expiry date.

Access tokens can be used as the Git user or password in a HTTP clone
URL e.g. `https://<token>@git.example.com/repo.git`

fix: lint errors

fix: ensure default branch on http push

fix: address carlos comments
@aymanbagabas
feat: add lfs config and tests
a9dbce5 
Enable/disable LFS endpoints
Enable/disable SSH LFS transfer

fix: lfs request validation

chore: add jwt, lfs, and http tests

fix: tests race

feat: more tests

fix: return 403 on bad creds
@aymanbagabas
feat: use gorilla/mux
2e315ed
@aymanbagabas aymanbagabas merged commit 62292d9 into lfs-ssh Jul 28, 2023
11 of 15 checks passed
@aymanbagabas aymanbagabas deleted the http-auth branch July 28, 2023 15:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@caarlos0 caarlos0 caarlos0 approved these changes

@toby toby Awaiting requested review from toby

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aymanbagabas @caarlos0