Integrate an OAuth2 provider #27
Comments
|
Oh, sounds good this :) |
tboerger
added
type/feature
|
Should this be integrated as "The" login-handler, or as an optional dependency? (i.e. build tag) |
|
I think we can always integrate it but add an option for admins to disable it |
|
No build tag but default is closed until admin open it. |
|
Nice idea 👍 |
It adds a brand new importer for Gitea! This is a continuation of !6945 started by @bkc. Gitea aims to be 100% GitHub-compatible but there's a few differences: - Gitea is not an OAuth provider (yet): go-gitea/gitea#27 - This means we cannot map Gitea users given an assignee ID => assignees are not set on imported issues and merge requests - No releases API for now: go-gitea/gitea#330 - API version is `v1` (GitHub is `v3`) - The IID field for milestones is `id` compared to `number` in GitHub. - Issues, PRs, milestones, labels don't have a `url` field (the importer now fallback to `''` in that case) **Known issues:** - Comments are not imported because comments JSON always have a blank `html_url`/`issue_url`/`pull_request_url`, so the IID cannot be extracted and the issuable cannot be found... :( This is tracked in go-gitea/gitea#401, and solved by gogs/gogs#3624 but this needs to be submitted / merged in Gitea. This is noted in the documentation. ## Are there points in the code the reviewer needs to double check? 1. I've made `Import::GiteaController` inherit from `Import::GithubController` since both controllers should be identical in the long-term and their current differences are small. 1. I've added a base `IssuableFormatter` class from which `IssueFormatter` & `PullRequestFormatter` inherit 1. I've added shared examples for GitHub/Gitea importer classes 1. I've made `Gitlab::ImportSources` more robust and tested! 🎄 1. I've added routing specs for import routes! 🎄 Closes #22348 See merge request !8116
|
+1, this would be awesome!!! |
|
is there an ETA for this? Would make life easier. |
|
I think this one could be good option to integrate into gitea - https://github.com/coreos/dex |
|
@lafriks Looks good, but it requires go1.8 I think. |
|
Here's another Go based alternative: https://github.com/ory/hydra
It seems quite easy to set up. Here's a nice tutorial: https://www.ory.am/run-oauth2-server-open-source-api-security.html? |
|
@mikehaertl Hydra does not support JWT and from what I understand even if added they won't be in community edition - https://ory.gitbooks.io/hydra/content/faq.html#is-jwt-supported |
|
JWT is a must have for drone integration |
|
Remotely related, but would it also be possible to extend gitea so that gitea can listen on a second interface over which every access is granted automatically? The idea is to allow tooling without OAuth2 authentication capabilities, like Hydra, to fetch data over, e.g., the loopback interface. |
|
https://github.com/ory/fosite looks like a promising library to integrate this feature. It is used by hydra AFAIK. |
|
@ekozan You can create a seperate PR for the UI, this may improve the review speed. |
|
so, what library decided to use? i don't find any pr about oauth2 server in gitea |
|
I'm waiting for this one as well. Definitely looking forward to it! |
|
Is there a branch or PR related to this change? or we're still in the discussion phase. |
|
@JohnTheodore no people are working on this. |
|
That's unfortunate |
|
@ekozan mentioned a PR, I wasn't sure if that happened. |
|
@lunny it sounds like dex would be the library to use for resolving this issue? Are there changes to dex that are necessary for it to be the way you want? In general how does the go-gitea project deal with something like a 'design document'. So if you, tboerger, lafriks, bkcsoft, etc all agree on a design with say dex, is that design written down somewhere? This way if someone wants to work on it, they'll do it in a way the project maintainers want. |
|
We ever want to create a design process but in fact we haven't obey that because it's unnecessary for most features. We depend on Pull Requests approvals to control the quality of the codes. Any PR some maintainers against will be discussed more until two maintainers agreed and no maintainers against. A big PR of course should be required write the design detail on the PR's description. As an oauth provider, it's a mature technology.I think what we need to do is to find a maintained-well library and follow it's design. |
|
i'm totaly busy .... :/ i havent finish the work |
|
@ekozan never mind. :) |
|
If anyone is interested in working on this, I wrote an adapter for https://github.com/go-oauth2/oauth2 that allows use of XORM https://github.com/techknowlogick/go-oauth2-xorm Next would be to add the routes to handle oauth. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions. |
|
There should be a way to mark this as "keep open", since there is clearly still demand for this. |
|
There is a open PR too. |
|
@lafriks Mind tagging this one as reviewed too? :) |
lafriks
added
the
issue/confirmed
|
Looking forward to this |
* add get tags info method for releases * composite variable decleare
To make it easier for other applications to hook into Gitea we should integrate an OAuth2 provider, that way tools like Drone CI can authenticate against Gitea much easier. A good library for that can be https://github.com/RangelReale/osin.
Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.
The text was updated successfully, but these errors were encountered: