aboutsummaryrefslogtreecommitdiff
path: root/routers
diff options
context:
space:
mode:
authorzeripath2023-02-20 21:28:44 +0000
committerGitHub2023-02-20 15:28:44 -0600
commitd2128b44f714fcaacdc88865e62f6f9dd8216577 (patch)
treef6697bf42a61acc7f31b378882124e764281106b /routers
parent330b16642305458339d12222eea2ee9a1bbb3b64 (diff)
Add scopes to API to create token and display them (#22989)
The API to create tokens is missing the ability to set the required scopes for tokens, and to show them on the API and on the UI. This PR adds this functionality. Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers')
-rw-r--r--routers/api/v1/user/app.go13
1 files changed, 11 insertions, 2 deletions
diff --git a/routers/api/v1/user/app.go b/routers/api/v1/user/app.go
index 7b2f0d8c3..f89d53945 100644
--- a/routers/api/v1/user/app.go
+++ b/routers/api/v1/user/app.go
@@ -9,6 +9,7 @@ import (
"fmt"
"net/http"
"strconv"
+ "strings"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/context"
@@ -62,6 +63,7 @@ func ListAccessTokens(ctx *context.APIContext) {
ID: tokens[i].ID,
Name: tokens[i].Name,
TokenLastEight: tokens[i].TokenLastEight,
+ Scopes: tokens[i].Scope.StringSlice(),
}
}
@@ -82,9 +84,9 @@ func CreateAccessToken(ctx *context.APIContext) {
// - name: username
// in: path
// description: username of user
- // type: string
// required: true
- // - name: userCreateToken
+ // type: string
+ // - name: body
// in: body
// schema:
// "$ref": "#/definitions/CreateAccessTokenOption"
@@ -111,6 +113,13 @@ func CreateAccessToken(ctx *context.APIContext) {
return
}
+ scope, err := auth_model.AccessTokenScope(strings.Join(form.Scopes, ",")).Normalize()
+ if err != nil {
+ ctx.Error(http.StatusBadRequest, "AccessTokenScope.Normalize", fmt.Errorf("invalid access token scope provided: %w", err))
+ return
+ }
+ t.Scope = scope
+
if err := auth_model.NewAccessToken(t); err != nil {
ctx.Error(http.StatusInternalServerError, "NewAccessToken", err)
return