bartvdbraak/builder.braak.pro
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages 1 Wiki Activity Actions
builder.braak.pro/buildbot/config/conf/local/auth.py
Bart van der Braak b91ee462b8 Working authentication with orgs and group retrieval
2024-11-21 09:02:00 +01:00

73 lines
2.3 KiB
Python
Raw Blame History

# SPDX-License-Identifier: GPL-2.0-or-later
# SPDX-FileCopyrightText: 2011-2024 Blender Authors
# <pep8 compliant>
import os
from buildbot.www.oauth2 import OAuth2Auth
import buildbot.plugins
from urllib.parse import urljoin
# Buildbot admin with access to everything.
admin_usernames = [
"admin",
]
# Release engineers with access to store and deploy builders.
deploy_dev_usernames = [
"admin",
]
# Trusted developers with access to trigger daily, doc and patch builds.
trusted_dev_usernames = [
"admin",
]
gitea_endpoint = os.environ.get("GITEA_ENDPOINT", default="")
gitea_client_id = os.environ.get("GITEA_CLIENT_ID", default="")
gitea_client_secret = os.environ.get("GITEA_CLIENT_SECRET", default="")
def get_authentication(environment: str):
class GiteaAuth(OAuth2Auth):
name = "Gitea"
faIcon = "fa-gitea"
AUTH_URL = "login/oauth/authorize"
TOKEN_URL = "login/oauth/access_token"
def __init__(self, endpoint, client_id, client_secret, **kwargs):
super(GiteaAuth, self).__init__(client_id, client_secret, **kwargs)
self.resourceEndpoint = endpoint
self.authUri = urljoin(endpoint, self.AUTH_URL)
self.tokenUri = urljoin(endpoint, self.TOKEN_URL)
def getUserInfoFromOAuthClient(self, c):
user_info = self.get(c, "/api/v1/user")
orgs = self.get(c, "/api/v1/user/orgs")
org_groups = [org["username"] for org in orgs]
teams = self.get(c, "/api/v1/user/teams")
team_groups = [
f"{team['organization']['username']}/{team['name']}" for team in teams
] # Format: org/team
groups = org_groups + team_groups
user_data = {
"full_name": user_info.get("full_name", user_info.get("username")),
"email": user_info.get("email"),
"username": user_info.get("username"),
"groups": groups,
}
return user_data
class LocalEnvAuth(buildbot.plugins.util.CustomAuth):
def check_credentials(self, user, password):
return user.decode() == "admin" and password.decode() == "admin"
if gitea_endpoint and gitea_client_id and gitea_client_secret:
return GiteaAuth(gitea_endpoint, gitea_client_id, gitea_client_secret)
else:
return LocalEnvAuth()
Reference in a new issue View git blame Copy permalink