/
github_token_credential.go
84 lines (71 loc) · 2.68 KB
/
github_token_credential.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
// Copyright 2024 Stacklok, Inc
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Package credentials provides the implementations for the credentials
package credentials
import (
"net/http"
"github.com/go-git/go-git/v5"
githttp "github.com/go-git/go-git/v5/plumbing/transport/http"
"github.com/google/go-containerregistry/pkg/authn"
"golang.org/x/oauth2"
provifv1 "github.com/stacklok/minder/pkg/providers/v1"
)
// GitHubTokenCredential is a credential that uses a token
type GitHubTokenCredential struct {
token string
}
// Ensure that the GitHubTokenCredential implements the GitHubTokenCredential interface
var _ provifv1.GitHubCredential = (*GitHubTokenCredential)(nil)
// NewGitHubTokenCredential creates a new GitHubTokenCredential from the token
func NewGitHubTokenCredential(token string) *GitHubTokenCredential {
return &GitHubTokenCredential{
token: token,
}
}
// SetAuthorizationHeader sets the authorization header on the request
func (t *GitHubTokenCredential) SetAuthorizationHeader(req *http.Request) {
req.Header.Set("Authorization", "Bearer "+t.token)
}
// GetAsContainerAuthenticator returns the token as a container registry authenticator
func (t *GitHubTokenCredential) GetAsContainerAuthenticator(owner string) authn.Authenticator {
return &authn.Basic{
Username: owner,
Password: t.token,
}
}
// AddToPushOptions adds the credential to the git push options
func (t *GitHubTokenCredential) AddToPushOptions(options *git.PushOptions, owner string) {
options.Auth = &githttp.BasicAuth{
Username: owner,
Password: t.token,
}
}
// AddToCloneOptions adds the credential to the git clone options
func (t *GitHubTokenCredential) AddToCloneOptions(options *git.CloneOptions) {
options.Auth = &githttp.BasicAuth{
// the username can be anything, but it can't be empty
Username: "minder-user",
Password: t.token,
}
}
// GetCacheKey returns the cache key used to look up the REST client
func (t *GitHubTokenCredential) GetCacheKey() string {
return t.token
}
// GetAsOAuth2TokenSource returns the token as an OAuth2 token source
func (t *GitHubTokenCredential) GetAsOAuth2TokenSource() oauth2.TokenSource {
return oauth2.StaticTokenSource(
&oauth2.Token{AccessToken: t.token},
)
}