mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2026-05-30 06:02:22 +00:00
cdd35458a9
The goal is to enable access to Git LFS resources with Authorized Integrations JWTs. Blocker that needed to be resolved is that adding the `AuthorizedIntegration` auth method would conflict with the LFS tokens, which are handed out during git ssh clones to allow access to LFS resources -- `AuthorizedIntegration` would mark these as `AuthenticationAttemptedIncorrectCredential`, and therefore the requests would 401 before they got to the LFS-specific token validation routines. The fix is to move LFS token authentication into an authentication group so that it could be resolved at the same time as the authorized integration, rather than doing it inside the LFS server routines. Refactors for LFS tokens are covered by refreshed test automation. Authorized integrations LFS Access has been manually tested, and will be further covered in an end-to-end integration test (https://code.forgejo.org/forgejo/end-to-end/pulls/1954). ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests for Go changes - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I ran... - [ ] `make pr-go` before pushing ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change. - [x] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12725 Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org> Reviewed-by: Gusted <gusted@noreply.codeberg.org> |
||
|---|---|---|
| .. | ||
| forgejo | ||
| actions.go | ||
| admin.go | ||
| admin_auth.go | ||
| admin_auth_ldap.go | ||
| admin_auth_ldap_test.go | ||
| admin_auth_oauth.go | ||
| admin_auth_oauth_test.go | ||
| admin_auth_pam.go | ||
| admin_auth_pam_test.go | ||
| admin_auth_smtp.go | ||
| admin_regenerate.go | ||
| admin_user.go | ||
| admin_user_change_password.go | ||
| admin_user_create.go | ||
| admin_user_delete.go | ||
| admin_user_generate_access_token.go | ||
| admin_user_generate_authorized_integration.go | ||
| admin_user_list.go | ||
| admin_user_must_change_password.go | ||
| admin_user_reset_mfa.go | ||
| cert.go | ||
| cmd.go | ||
| cmd_test.go | ||
| doctor.go | ||
| doctor_convert.go | ||
| doctor_test.go | ||
| dump.go | ||
| dump_repo.go | ||
| dump_test.go | ||
| embedded.go | ||
| generate.go | ||
| hook.go | ||
| hook_test.go | ||
| keys.go | ||
| mailer.go | ||
| main.go | ||
| main_test.go | ||
| manager.go | ||
| manager_logging.go | ||
| migrate.go | ||
| migrate_storage.go | ||
| migrate_storage_test.go | ||
| restore_repo.go | ||
| serv.go | ||
| web.go | ||
| web_acme.go | ||
| web_graceful.go | ||
| web_https.go | ||