mirror of
https://github.com/coder/coder.git
synced 2025-07-15 22:20:27 +00:00
feat: Validate Git tokens before consuming them (#5167)
* feat: Validate Git tokens before consuming them This works the exact same way that the Git credential manager does. It ensures the user token is valid before returning it to the client. It's been manually tested on GitHub, GitLab, and BitBucket. * Fix requested changes
This commit is contained in:
Kyle Carberry
GitHub
@ -29,10 +29,17 @@ var endpoint = map[codersdk.GitProvider]oauth2.Endpoint{
|
||||
codersdk.GitProviderGitHub: github.Endpoint,
|
||||
}
|
||||
|
||||
// validateURL contains defaults for each provider.
|
||||
var validateURL = map[codersdk.GitProvider]string{
|
||||
codersdk.GitProviderGitHub: "https://api.github.com/user",
|
||||
codersdk.GitProviderGitLab: "https://gitlab.com/oauth/token/info",
|
||||
codersdk.GitProviderBitBucket: "https://api.bitbucket.org/2.0/user",
|
||||
}
|
||||
|
||||
// scope contains defaults for each Git provider.
|
||||
var scope = map[codersdk.GitProvider][]string{
|
||||
codersdk.GitProviderAzureDevops: {"vso.code_write"},
|
||||
codersdk.GitProviderBitBucket: {"repository:write"},
|
||||
codersdk.GitProviderBitBucket: {"account", "repository:write"},
|
||||
codersdk.GitProviderGitLab: {"write_repository"},
|
||||
codersdk.GitProviderGitHub: {"repo"},
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user