Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Integrate an OAuth2 provider #27

Closed
tboerger opened this Issue Nov 3, 2016 · 44 comments

Comments

@tboerger
Copy link
Member

tboerger commented Nov 3, 2016

To make it easier for other applications to hook into Gitea we should integrate an OAuth2 provider, that way tools like Drone CI can authenticate against Gitea much easier. A good library for that can be https://github.com/RangelReale/osin.


Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

@tboerger tboerger added this to the 1.2.0 milestone Nov 3, 2016

@joubertredrat

This comment has been minimized.

Copy link
Contributor

joubertredrat commented Nov 3, 2016

Oh, sounds good this :)

@bkcsoft

This comment has been minimized.

Copy link
Member

bkcsoft commented Nov 4, 2016

Should this be integrated as "The" login-handler, or as an optional dependency? (i.e. build tag)

@tboerger

This comment has been minimized.

Copy link
Member Author

tboerger commented Nov 4, 2016

I think we can always integrate it but add an option for admins to disable it

@lunny

This comment has been minimized.

Copy link
Member

lunny commented Nov 4, 2016

No build tag but default is closed until admin open it.

@joubertredrat

This comment has been minimized.

Copy link
Contributor

joubertredrat commented Nov 4, 2016

Nice idea 👍

@bkcsoft

This comment has been minimized.

Copy link
Member

bkcsoft commented Nov 7, 2016

@tboerger @lunny I was more wondering if all Authentication should be handled by OAuth, therefore removing the old auth-module

dbalexandre pushed a commit to gitlabhq/gitlabhq that referenced this issue Dec 21, 2016

Merge branch '22348-gitea-importer' into 'master'
It adds a brand new importer for Gitea!

This is a continuation of !6945 started by @bkc.

Gitea aims to be 100% GitHub-compatible but there's a few differences:

- Gitea is not an OAuth provider (yet): go-gitea/gitea#27
  - This means we cannot map Gitea users given an assignee ID => assignees are not set on imported issues and merge requests
- No releases API for now: go-gitea/gitea#330
- API version is `v1` (GitHub is `v3`)
- The IID field for milestones is `id` compared to `number` in GitHub.
- Issues, PRs, milestones, labels don't have a `url` field (the importer now fallback to `''` in that case)

**Known issues:**

- Comments are not imported because comments JSON always have a blank `html_url`/`issue_url`/`pull_request_url`, so the IID cannot be extracted and the issuable cannot be found... :( This is tracked in go-gitea/gitea#401, and solved by gogs/gogs#3624 but this needs to be submitted / merged in Gitea.

This is noted in the documentation.

## Are there points in the code the reviewer needs to double check?

1. I've made `Import::GiteaController` inherit from `Import::GithubController` since both controllers should be identical in the long-term and their current differences are small.
1. I've added a base `IssuableFormatter` class from which `IssueFormatter` & `PullRequestFormatter` inherit
1. I've added shared examples for GitHub/Gitea importer classes
1. I've made `Gitlab::ImportSources` more robust and tested! 🎄 
1. I've added routing specs for import routes! 🎄 

Closes #22348

See merge request !8116

dreampet pushed a commit to dreampet/gitlab that referenced this issue Dec 22, 2016

Merge branch '22348-gitea-importer' into 'master'
It adds a brand new importer for Gitea!

This is a continuation of !6945 started by @bkc.

Gitea aims to be 100% GitHub-compatible but there's a few differences:

- Gitea is not an OAuth provider (yet): go-gitea/gitea#27
  - This means we cannot map Gitea users given an assignee ID => assignees are not set on imported issues and merge requests
- No releases API for now: go-gitea/gitea#330
- API version is `v1` (GitHub is `v3`)
- The IID field for milestones is `id` compared to `number` in GitHub.
- Issues, PRs, milestones, labels don't have a `url` field (the importer now fallback to `''` in that case)

**Known issues:**

- Comments are not imported because comments JSON always have a blank `html_url`/`issue_url`/`pull_request_url`, so the IID cannot be extracted and the issuable cannot be found... :( This is tracked in go-gitea/gitea#401, and solved by gogs/gogs#3624 but this needs to be submitted / merged in Gitea.

This is noted in the documentation.

## Are there points in the code the reviewer needs to double check?

1. I've made `Import::GiteaController` inherit from `Import::GithubController` since both controllers should be identical in the long-term and their current differences are small.
1. I've added a base `IssuableFormatter` class from which `IssueFormatter` & `PullRequestFormatter` inherit
1. I've added shared examples for GitHub/Gitea importer classes
1. I've made `Gitlab::ImportSources` more robust and tested! 🎄 
1. I've added routing specs for import routes! 🎄 

Closes #22348

See merge request !8116

@lunny lunny referenced this issue Feb 23, 2017

Open

Gitea hosted Gitea #1029

9 of 10 tasks complete

@lunny lunny modified the milestones: 1.3.0, 1.2.0 Apr 6, 2017

@JohnTheodore

This comment has been minimized.

Copy link

JohnTheodore commented May 2, 2017

+1, this would be awesome!!!

@femaref

This comment has been minimized.

Copy link

femaref commented Jun 9, 2017

is there an ETA for this? Would make life easier.

@lafriks

This comment has been minimized.

Copy link
Member

lafriks commented Sep 4, 2017

I think this one could be good option to integrate into gitea - https://github.com/coreos/dex

@lunny

This comment has been minimized.

Copy link
Member

lunny commented Sep 5, 2017

@lafriks Looks good, but it requires go1.8 I think.

@mikehaertl

This comment has been minimized.

Copy link

mikehaertl commented Sep 5, 2017

Here's another Go based alternative: https://github.com/ory/hydra

ORY Hydra is not an identity provider (user sign up, user log in, password reset flow), but connects to your existing identity provider through a consent app.

It seems quite easy to set up. Here's a nice tutorial: https://www.ory.am/run-oauth2-server-open-source-api-security.html?

@lafriks

This comment has been minimized.

Copy link
Member

lafriks commented Sep 5, 2017

@mikehaertl Hydra does not support JWT and from what I understand even if added they won't be in community edition - https://ory.gitbooks.io/hydra/content/faq.html#is-jwt-supported

@tboerger

This comment has been minimized.

Copy link
Member Author

tboerger commented Sep 5, 2017

JWT is a must have for drone integration

@lunny lunny modified the milestones: 1.3.0, 1.x.x Oct 10, 2017

@ts468

This comment has been minimized.

Copy link

ts468 commented Dec 15, 2017

Remotely related, but would it also be possible to extend gitea so that gitea can listen on a second interface over which every access is granted automatically?

The idea is to allow tooling without OAuth2 authentication capabilities, like Hydra, to fetch data over, e.g., the loopback interface.

@ekozan

This comment has been minimized.

Copy link

ekozan commented Jun 26, 2018

@tarelda Oauth2 is realy simple protocol integrate an external library is just pointless, and many required library is already present in Gitea - 60% of the oauth or OIDC provider is the UI :)

I'll make the PR next week i had no time for finish the UI this week

@jonasfranz

This comment has been minimized.

Copy link
Member

jonasfranz commented Jun 30, 2018

@ekozan You can create a seperate PR for the UI, this may improve the review speed.

@vtolstov

This comment has been minimized.

Copy link

vtolstov commented Aug 13, 2018

so, what library decided to use? i don't find any pr about oauth2 server in gitea

@xdevs23

This comment has been minimized.

Copy link

xdevs23 commented Aug 13, 2018

I'm waiting for this one as well. Definitely looking forward to it!

@go-gitea go-gitea deleted a comment from cutec-chris Aug 19, 2018

@JohnTheodore

This comment has been minimized.

Copy link

JohnTheodore commented Aug 22, 2018

Is there a branch or PR related to this change? or we're still in the discussion phase.

@lunny

This comment has been minimized.

Copy link
Member

lunny commented Aug 23, 2018

@JohnTheodore no people are working on this.

@xdevs23

This comment has been minimized.

Copy link

xdevs23 commented Aug 23, 2018

That's unfortunate

@JohnTheodore

This comment has been minimized.

Copy link

JohnTheodore commented Aug 24, 2018

@ekozan mentioned a PR, I wasn't sure if that happened.

@JohnTheodore

This comment has been minimized.

Copy link

JohnTheodore commented Sep 5, 2018

@lunny it sounds like dex would be the library to use for resolving this issue? Are there changes to dex that are necessary for it to be the way you want?

In general how does the go-gitea project deal with something like a 'design document'. So if you, tboerger, lafriks, bkcsoft, etc all agree on a design with say dex, is that design written down somewhere? This way if someone wants to work on it, they'll do it in a way the project maintainers want.

@lunny

This comment has been minimized.

Copy link
Member

lunny commented Sep 6, 2018

We ever want to create a design process but in fact we haven't obey that because it's unnecessary for most features. We depend on Pull Requests approvals to control the quality of the codes. Any PR some maintainers against will be discussed more until two maintainers agreed and no maintainers against. A big PR of course should be required write the design detail on the PR's description. As an oauth provider, it's a mature technology.I think what we need to do is to find a maintained-well library and follow it's design.

@ekozan

This comment has been minimized.

Copy link

ekozan commented Oct 7, 2018

i'm totaly busy .... :/ i havent finish the work

@lunny

This comment has been minimized.

Copy link
Member

lunny commented Oct 21, 2018

@ekozan never mind. :)

@techknowlogick

This comment has been minimized.

Copy link
Member

techknowlogick commented Nov 13, 2018

If anyone is interested in working on this, I wrote an adapter for https://github.com/go-oauth2/oauth2 that allows use of XORM https://github.com/techknowlogick/go-oauth2-xorm Next would be to add the routes to handle oauth.

@stale

This comment has been minimized.

Copy link

stale bot commented Jan 13, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

@stale stale bot added the stale label Jan 13, 2019

@AfroThundr3007730

This comment has been minimized.

Copy link

AfroThundr3007730 commented Jan 13, 2019

There should be a way to mark this as "keep open", since there is clearly still demand for this.

@stale stale bot removed the stale label Jan 13, 2019

@jonasfranz

This comment has been minimized.

Copy link
Member

jonasfranz commented Jan 13, 2019

There is a open PR too.

@AfroThundr3007730

This comment has been minimized.

Copy link

AfroThundr3007730 commented Jan 21, 2019

@lafriks Mind tagging this one as reviewed too? :)

@lafriks lafriks modified the milestones: 1.x.x, 1.8.0 Jan 21, 2019

@xdevs23

This comment has been minimized.

Copy link

xdevs23 commented Feb 2, 2019

Looking forward to this

lunny added a commit to lunny/gitea that referenced this issue Feb 7, 2019

Add get tags info method for releases (go-gitea#27)
* add get tags info method for releases

* composite variable decleare
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.