mirror of https://github.com/go-gitea/gitea
Make SSPI auth mockable (#27036)
Before, the SSPI auth is only complied for Windows, it's difficult to test and it breaks a lot. Now, make the SSPI auth mockable and testable.pull/27080/head^2
parent
47b878858a
commit
8531ca0837
@ -1,10 +0,0 @@ |
||||
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
//go:build !windows
|
||||
|
||||
package v1 |
||||
|
||||
import auth_service "code.gitea.io/gitea/services/auth" |
||||
|
||||
func specialAdd(group *auth_service.Group) {} |
@ -1,19 +0,0 @@ |
||||
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
package v1 |
||||
|
||||
import ( |
||||
"code.gitea.io/gitea/models/auth" |
||||
auth_service "code.gitea.io/gitea/services/auth" |
||||
) |
||||
|
||||
// specialAdd registers the SSPI auth method as the last method in the list.
|
||||
// The SSPI plugin is expected to be executed last, as it returns 401 status code if negotiation
|
||||
// fails (or if negotiation should continue), which would prevent other authentication methods
|
||||
// to execute at all.
|
||||
func specialAdd(group *auth_service.Group) { |
||||
if auth.IsSSPIEnabled() { |
||||
group.Add(&auth_service.SSPI{}) |
||||
} |
||||
} |
@ -1,10 +0,0 @@ |
||||
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
//go:build !windows
|
||||
|
||||
package web |
||||
|
||||
import auth_service "code.gitea.io/gitea/services/auth" |
||||
|
||||
func specialAdd(group *auth_service.Group) {} |
@ -1,19 +0,0 @@ |
||||
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
package web |
||||
|
||||
import ( |
||||
"code.gitea.io/gitea/models/auth" |
||||
auth_service "code.gitea.io/gitea/services/auth" |
||||
) |
||||
|
||||
// specialAdd registers the SSPI auth method as the last method in the list.
|
||||
// The SSPI plugin is expected to be executed last, as it returns 401 status code if negotiation
|
||||
// fails (or if negotiation should continue), which would prevent other authentication methods
|
||||
// to execute at all.
|
||||
func specialAdd(group *auth_service.Group) { |
||||
if auth.IsSSPIEnabled() { |
||||
group.Add(&auth_service.SSPI{}) |
||||
} |
||||
} |
@ -0,0 +1,30 @@ |
||||
// Copyright 2023 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
//go:build !windows
|
||||
|
||||
package auth |
||||
|
||||
import ( |
||||
"errors" |
||||
"net/http" |
||||
) |
||||
|
||||
type SSPIUserInfo struct { |
||||
Username string // Name of user, usually in the form DOMAIN\User
|
||||
Groups []string // The global groups the user is a member of
|
||||
} |
||||
|
||||
type sspiAuthMock struct{} |
||||
|
||||
func (s sspiAuthMock) AppendAuthenticateHeader(w http.ResponseWriter, data string) { |
||||
} |
||||
|
||||
func (s sspiAuthMock) Authenticate(r *http.Request, w http.ResponseWriter) (userInfo *SSPIUserInfo, outToken string, err error) { |
||||
return nil, "", errors.New("not implemented") |
||||
} |
||||
|
||||
func sspiAuthInit() error { |
||||
sspiAuth = &sspiAuthMock{} // TODO: we can mock the SSPI auth in tests
|
||||
return nil |
||||
} |
@ -0,0 +1,19 @@ |
||||
// Copyright 2023 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
//go:build windows
|
||||
|
||||
package auth |
||||
|
||||
import ( |
||||
"github.com/quasoft/websspi" |
||||
) |
||||
|
||||
type SSPIUserInfo = websspi.UserInfo |
||||
|
||||
func sspiAuthInit() error { |
||||
var err error |
||||
config := websspi.NewConfig() |
||||
sspiAuth, err = websspi.New(config) |
||||
return err |
||||
} |
Loading…
Reference in new issue