Support for Oauth in API

Question

Support for Oauth in API

raphink opened this issue 9 years ago · 5 comments

Authentication tokens cannot be passed using standard OAuth2.

The following code returns a 401 HTTP error, but passes by adding ?token=<mytoken> to the URL:

package main

import ( 
  "fmt"
  "golang.org/x/oauth2"
)

func main() { 
  ts := oauth2.StaticTokenSource(
    &oauth2.Token{AccessToken: "<mytoken>"},
  ) 
  tc := oauth2.NewClient(oauth2.NoContext, ts)

  a, _ := tc.Get("http://localhost:3000/api/v1/repos/<user>/<repo>/issues")
  fmt.Printf("%v", a)
}

Answer 1 · 2016-04-28T14:15:14.000Z

If this was supported, then https://github.com/google/go-github would work with gogs by just overriding the BaseURL property of a client.

Answer 2 · 2016-05-02T01:26:17.000Z

Gogs had OAuth-support a while back but was removed since no-one wanted to maintain it.

And no, google/go-github wouldn't work since Gogs has a slightly different json-schema 😞

Answer 3 · 2017-04-22T00:44:46.000Z

@bkcsoft is there a link to the old commit for oauth2 that was working? there might be some someone interested in looking at or maintaining oauth2. I want to point them to the right resources.

also @unknwon what was wrong with the previous oauth2 implementation? what mistakes would a new maintainer have to avoid to get oauth2 added?

Answer 4 · 2017-05-10T03:04:29.000Z

Anyone looking for this feature may benefit from reading these two issues:
#1304
go-gitea/gitea#26

Answer 5 · 2017-05-10T05:06:20.000Z

@stevegt thanks for the comment! go-gitea has login/authn oauth2, and commit status apis just merged. I think once you can generate scoped oauth2 tokens that can have read only access to the repo and update commit status, go-gitea would integrate with drone in a similar way that drone integrates with github or bitbucket. exciting!