|
|
@ -43,35 +43,38 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.Context) { |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
// CommonRoutes provide endpoints for most package managers (except containers - see below)
|
|
|
|
func verifyAuth(r *web.Route, authMethods []auth.Method) { |
|
|
|
// These are mounted on `/api/packages` (not `/api/v1/packages`)
|
|
|
|
|
|
|
|
func CommonRoutes(ctx gocontext.Context) *web.Route { |
|
|
|
|
|
|
|
r := web.NewRoute() |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
r.Use(context.PackageContexter(ctx)) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
authMethods := []auth.Method{ |
|
|
|
|
|
|
|
&auth.OAuth2{}, |
|
|
|
|
|
|
|
&auth.Basic{}, |
|
|
|
|
|
|
|
&nuget.Auth{}, |
|
|
|
|
|
|
|
&conan.Auth{}, |
|
|
|
|
|
|
|
&chef.Auth{}, |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
if setting.Service.EnableReverseProxyAuth { |
|
|
|
if setting.Service.EnableReverseProxyAuth { |
|
|
|
authMethods = append(authMethods, &auth.ReverseProxy{}) |
|
|
|
authMethods = append(authMethods, &auth.ReverseProxy{}) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
authGroup := auth.NewGroup(authMethods...) |
|
|
|
authGroup := auth.NewGroup(authMethods...) |
|
|
|
|
|
|
|
|
|
|
|
r.Use(func(ctx *context.Context) { |
|
|
|
r.Use(func(ctx *context.Context) { |
|
|
|
var err error |
|
|
|
var err error |
|
|
|
ctx.Doer, err = authGroup.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) |
|
|
|
ctx.Doer, err = authGroup.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
log.Error("Verify: %v", err) |
|
|
|
log.Error("Failed to verify user: %v", err) |
|
|
|
ctx.Error(http.StatusUnauthorized, "authGroup.Verify") |
|
|
|
ctx.Error(http.StatusUnauthorized, "authGroup.Verify") |
|
|
|
return |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
ctx.IsSigned = ctx.Doer != nil |
|
|
|
ctx.IsSigned = ctx.Doer != nil |
|
|
|
}) |
|
|
|
}) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// CommonRoutes provide endpoints for most package managers (except containers - see below)
|
|
|
|
|
|
|
|
// These are mounted on `/api/packages` (not `/api/v1/packages`)
|
|
|
|
|
|
|
|
func CommonRoutes(ctx gocontext.Context) *web.Route { |
|
|
|
|
|
|
|
r := web.NewRoute() |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
r.Use(context.PackageContexter(ctx)) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
verifyAuth(r, []auth.Method{ |
|
|
|
|
|
|
|
&auth.OAuth2{}, |
|
|
|
|
|
|
|
&auth.Basic{}, |
|
|
|
|
|
|
|
&nuget.Auth{}, |
|
|
|
|
|
|
|
&conan.Auth{}, |
|
|
|
|
|
|
|
&chef.Auth{}, |
|
|
|
|
|
|
|
}) |
|
|
|
|
|
|
|
|
|
|
|
r.Group("/{username}", func() { |
|
|
|
r.Group("/{username}", func() { |
|
|
|
r.Group("/cargo", func() { |
|
|
|
r.Group("/cargo", func() { |
|
|
@ -401,24 +404,9 @@ func ContainerRoutes(ctx gocontext.Context) *web.Route { |
|
|
|
|
|
|
|
|
|
|
|
r.Use(context.PackageContexter(ctx)) |
|
|
|
r.Use(context.PackageContexter(ctx)) |
|
|
|
|
|
|
|
|
|
|
|
authMethods := []auth.Method{ |
|
|
|
verifyAuth(r, []auth.Method{ |
|
|
|
&auth.Basic{}, |
|
|
|
&auth.Basic{}, |
|
|
|
&container.Auth{}, |
|
|
|
&container.Auth{}, |
|
|
|
} |
|
|
|
|
|
|
|
if setting.Service.EnableReverseProxyAuth { |
|
|
|
|
|
|
|
authMethods = append(authMethods, &auth.ReverseProxy{}) |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
authGroup := auth.NewGroup(authMethods...) |
|
|
|
|
|
|
|
r.Use(func(ctx *context.Context) { |
|
|
|
|
|
|
|
var err error |
|
|
|
|
|
|
|
ctx.Doer, err = authGroup.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session) |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
|
|
|
|
log.Error("Failed to verify user: %v", err) |
|
|
|
|
|
|
|
ctx.Error(http.StatusUnauthorized, "Verify") |
|
|
|
|
|
|
|
return |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
ctx.IsSigned = ctx.Doer != nil |
|
|
|
|
|
|
|
}) |
|
|
|
}) |
|
|
|
|
|
|
|
|
|
|
|
r.Get("", container.ReqContainerAccess, container.DetermineSupport) |
|
|
|
r.Get("", container.ReqContainerAccess, container.DetermineSupport) |
|
|
|