mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2026-05-14 06:50:25 +00:00
1ddd5faa5c
Currently authentication methods return information in two forms: they return who was authenticated as a `*user_model.User`, and then they insert key-values into `ctx.Data` which has critical impact on how the authenticated request is treated. This PR changes the authentication methods to return structured data in the form of an `AuthenticationResult`, with all the key-value information in `ctx.Data` being moved into methods on the `AuthenticationResult` interface. Authentication workflows in Forgejo are a real mess. This is the first step in trying to clean it up and make the code predictable and reasonable, and is both follow-up work that was identified from the repo-specific access tokens (where the `"ApiTokenReducer"` key-value was added), and is pre-requisite work to future JWT enhancements that are [being discussed](https://codeberg.org/forgejo/forgejo/issues/3571#issuecomment-13268004). ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests for Go changes - I added test coverage for Go changes... - [ ] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - All changes, at least in theory, are refactors of existing logic and are not expected to have functional deviations -- existing regression tests are the only planned testing. - I ran... - [x] `make pr-go` before pushing ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change. - [x] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12202 Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
32 lines
905 B
Go
32 lines
905 B
Go
package method
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGrantAdditionalScopes(t *testing.T) {
|
|
tests := []struct {
|
|
grantScopes string
|
|
expectedScopes string
|
|
}{
|
|
{"openid profile email", ""},
|
|
{"openid profile email groups", ""},
|
|
{"openid profile email all", "all"},
|
|
{"openid profile email read:user all", "read:user,all"},
|
|
{"openid profile email groups read:user", "read:user"},
|
|
{"read:user read:repository", "read:user,read:repository"},
|
|
{"read:user write:issue public-only", "read:user,write:issue,public-only"},
|
|
{"openid profile email read:user", "read:user"},
|
|
{"read:invalid_scope", ""},
|
|
{"read:invalid_scope,write:scope_invalid,just-plain-wrong", ""},
|
|
}
|
|
|
|
for _, test := range tests {
|
|
t.Run(test.grantScopes, func(t *testing.T) {
|
|
result := grantAdditionalScopes(test.grantScopes)
|
|
assert.Equal(t, test.expectedScopes, result)
|
|
})
|
|
}
|
|
}
|