misc-mirrors/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-07-07 09:55:41 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

feat: add --attribute-ssh-pubic-key to forgejo admin auth add-oauth and update-oauth CLI (#8383)

Browse source 
As explained in https://codeberg.org/forgejo/forgejo/issues/8072, the CLI was missing a way to set the `AttributeSSHPublicKey` field that was added in https://codeberg.org/forgejo/forgejo/pulls/6232. We add a flag to do that, and thread it through where necessary.

The checklist mentions adding tests, but the code in `cmd/admin_auth_oauth.go` seems to not have a `cmd/admin_auth_oauth_test.go`, and I'm not sure if there's something else that's testing this behavior. I can try to add tests if there's already a good spot to slot them in. If not, it seems like adding a `cmd/cmd/admin_auth_oauth_test.go` that worked similar to the current `cmd/admin_auth_ldap_test.go` might be a bit big of a change.

As far as documentation, I might be wrong about this, but it seems like the CLI docs are only updated once there's a new release. I can't do that yet, so I don't think that either of the checkboxes apply to this PR.

## Manual testing

There are two CLI commands that can be validated: `forgejo admin auth add-oauth` and `forgejo admin auth update-oauth`.
1. `forgejo admin auth add-oauth` requires an actual auto-discovery URL that responds appropriately.

    - If there is not already an OIDC provider set up that has an auto-discovery URL, the sample OIDC provider at https://openidconnect.net/ can be used with it's auto-discovery URL of https://samples.auth0.com/.well-known/openid-configuration.

1. Run the following command to create a new OAuth2 authentication source:
    ```Console
    forgejo admin auth add-oauth --attribute-ssh-public-key=ssh_public_key_field --auto-discover-url=https://samples.auth0.com/.well-known/openid-configuration --name='Delete this later' --provider=openidConnect
    ```

    - This should create a new OAuth2 authentication source named "Delete this later" with the "Public SSH key attribute" field set to `ssh_public_key_field`.
        <details>
        <summary>Screenshot of newly created OAuth2 authentication source</summary>

        ![forgejo-admin-auth-add-oauth](/attachments/166f3f82-adc8-4ef9-9128-fb8a923fdc0d)
        </details>

1. `forgejo admin auth update-oauth` requires the id of the newly created OAuth2 authentication source.

    - This id can be found on either the "Authentication sources" page (`/admin/auths`) or as the URL of the newly created OAuth2 authentication source (`/admins/auths/{id}`).

1. Run the following command to update the OAuth2 authentication source:
    ```Console
    forgejo admin auth update-oauth --attribute-ssh-public-key=ssh_public_key_field_new_name --id=<id-of-new-oauth2-authentication-source>
    ```

    - This should change the "Public SSH key attribute" to `ssh_public_key_field_new_name`.

        <details>
        <summary>Screenshot of updated OAuth2 authentication source</summary>

        ![forgejo-admin-auth-update-oauth](/attachments/9674dba0-6ed1-4fb8-8eb8-d7f33cbf8c3a)
        </details>

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/8383): <!--number 8383 --><!--line 0 --><!--description YWRkIGAtLWF0dHJpYnV0ZS1zc2gtcHViaWMta2V5YCB0byBmb3JnZWpvIGFkbWluIGF1dGggYWRkLW9hdXRoIGFuZCB1cGRhdGUtb2F1dGggQ0xJ-->add `--attribute-ssh-pubic-key` to forgejo admin auth add-oauth and update-oauth CLI<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/8383
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: joneshf <jones3.hardy@gmail.com>
Co-committed-by: joneshf <jones3.hardy@gmail.com>
This commit is contained in:
joneshf 2025-07-05 13:53:00 +02:00 committed by Earl Warren
parent a789dd76d5
commit d4873965c8
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
cmd/admin_auth_oauth.go
View file

@ -86,6 +86,11 @@ func oauthCLIFlags() []cli.Flag {
Value: nil, Value: nil,
Usage: "Scopes to request when to authenticate against this OAuth2 source", Usage: "Scopes to request when to authenticate against this OAuth2 source",
}, },
&cli.StringFlag{
Name: "attribute-ssh-public-key",
Value: "",
Usage: "Claim name providing SSH public keys for this source",
},
&cli.StringFlag{ &cli.StringFlag{
Name: "required-claim-name", Name: "required-claim-name",
Value: "", Value: "",
@ -163,6 +168,7 @@ func parseOAuth2Config(_ context.Context, c *cli.Command) *oauth2.Source {
IconURL: c.String("icon-url"), IconURL: c.String("icon-url"),
SkipLocalTwoFA: c.Bool("skip-local-2fa"), SkipLocalTwoFA: c.Bool("skip-local-2fa"),
Scopes: c.StringSlice("scopes"), Scopes: c.StringSlice("scopes"),
AttributeSSHPublicKey: c.String("attribute-ssh-public-key"),
RequiredClaimName: c.String("required-claim-name"), RequiredClaimName: c.String("required-claim-name"),
RequiredClaimValue: c.String("required-claim-value"), RequiredClaimValue: c.String("required-claim-value"),
GroupClaimName: c.String("group-claim-name"), GroupClaimName: c.String("group-claim-name"),
@ -244,6 +250,10 @@ func runUpdateOauth(ctx context.Context, c *cli.Command) error {
oAuth2Config.Scopes = c.StringSlice("scopes") oAuth2Config.Scopes = c.StringSlice("scopes")
} }
if c.IsSet("attribute-ssh-public-key") {
oAuth2Config.AttributeSSHPublicKey = c.String("attribute-ssh-public-key")
}
if c.IsSet("required-claim-name") { if c.IsSet("required-claim-name") {
oAuth2Config.RequiredClaimName = c.String("required-claim-name") oAuth2Config.RequiredClaimName = c.String("required-claim-name")
} }