2016-08-14 01:11:52 +02:00
// Copyright 2016 The Gogs Authors. All rights reserved.
2016-12-21 13:13:17 +01:00
// Copyright 2016 The Gitea Authors. All rights reserved.
2016-08-14 01:11:52 +02:00
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package cmd
import (
2020-09-09 00:06:39 +02:00
"context"
2018-10-30 22:34:25 +01:00
"errors"
2016-08-14 01:11:52 +02:00
"fmt"
2018-09-12 16:46:02 +02:00
"os"
2020-12-17 08:57:32 +01:00
"strings"
2018-09-12 16:46:02 +02:00
"text/tabwriter"
2016-08-14 01:11:52 +02:00
2016-11-10 17:24:48 +01:00
"code.gitea.io/gitea/models"
2021-09-24 13:32:56 +02:00
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/login"
2019-03-27 10:33:00 +01:00
"code.gitea.io/gitea/modules/git"
2020-01-20 21:01:19 +01:00
"code.gitea.io/gitea/modules/graceful"
2017-12-31 15:45:46 +01:00
"code.gitea.io/gitea/modules/log"
2019-10-14 17:24:26 +02:00
pwd "code.gitea.io/gitea/modules/password"
2020-01-20 21:01:19 +01:00
repo_module "code.gitea.io/gitea/modules/repository"
2016-11-10 17:24:48 +01:00
"code.gitea.io/gitea/modules/setting"
2021-04-22 18:48:47 +02:00
"code.gitea.io/gitea/modules/storage"
2021-09-24 13:32:56 +02:00
auth_service "code.gitea.io/gitea/services/auth"
2021-07-24 12:16:34 +02:00
"code.gitea.io/gitea/services/auth/source/oauth2"
2021-11-17 16:17:31 +01:00
repo_service "code.gitea.io/gitea/services/repository"
2021-11-18 18:42:27 +01:00
user_service "code.gitea.io/gitea/services/user"
2017-04-12 09:44:54 +02:00
"github.com/urfave/cli"
2016-08-14 01:11:52 +02:00
)
var (
2016-11-04 12:42:18 +01:00
// CmdAdmin represents the available admin sub-command.
2016-08-14 01:11:52 +02:00
CmdAdmin = cli . Command {
Name : "admin" ,
2018-01-12 23:16:49 +01:00
Usage : "Command line interface to perform common administrative operations" ,
2016-08-14 01:11:52 +02:00
Subcommands : [ ] cli . Command {
2020-10-16 04:48:38 +02:00
subcmdUser ,
2017-12-31 15:45:46 +01:00
subcmdRepoSyncReleases ,
2018-05-17 03:35:07 +02:00
subcmdRegenerate ,
2018-09-12 16:46:02 +02:00
subcmdAuth ,
2020-10-24 22:38:14 +02:00
subcmdSendMail ,
2016-08-14 01:11:52 +02:00
} ,
}
2020-10-16 04:48:38 +02:00
subcmdUser = cli . Command {
Name : "user" ,
Usage : "Modify users" ,
Subcommands : [ ] cli . Command {
microcmdUserCreate ,
microcmdUserList ,
microcmdUserChangePassword ,
microcmdUserDelete ,
} ,
}
microcmdUserList = cli . Command {
Name : "list" ,
Usage : "List users" ,
Action : runListUsers ,
Flags : [ ] cli . Flag {
cli . BoolFlag {
Name : "admin" ,
Usage : "List only admin users" ,
} ,
} ,
}
microcmdUserCreate = cli . Command {
Name : "create" ,
2016-08-14 01:11:52 +02:00
Usage : "Create a new user in database" ,
Action : runCreateUser ,
Flags : [ ] cli . Flag {
2016-11-09 23:18:22 +01:00
cli . StringFlag {
Name : "name" ,
2019-04-09 17:21:55 +02:00
Usage : "Username. DEPRECATED: use username instead" ,
} ,
cli . StringFlag {
Name : "username" ,
2016-11-09 23:18:22 +01:00
Usage : "Username" ,
} ,
cli . StringFlag {
Name : "password" ,
2016-11-09 23:32:24 +01:00
Usage : "User password" ,
2016-11-09 23:18:22 +01:00
} ,
cli . StringFlag {
Name : "email" ,
2016-11-09 23:32:24 +01:00
Usage : "User email address" ,
2016-11-09 23:18:22 +01:00
} ,
cli . BoolFlag {
Name : "admin" ,
Usage : "User is an admin" ,
} ,
2018-10-30 22:34:25 +01:00
cli . BoolFlag {
Name : "random-password" ,
Usage : "Generate a random password for the user" ,
} ,
2018-10-21 00:05:01 +02:00
cli . BoolFlag {
Name : "must-change-password" ,
2019-10-30 19:28:14 +01:00
Usage : "Set this option to false to prevent forcing the user to change their password after initial login, (Default: true)" ,
2018-10-21 00:05:01 +02:00
} ,
2018-10-30 22:34:25 +01:00
cli . IntFlag {
Name : "random-password-length" ,
Usage : "Length of the random password to be generated" ,
Value : 12 ,
} ,
2019-05-05 00:03:10 +02:00
cli . BoolFlag {
Name : "access-token" ,
Usage : "Generate access token for the user" ,
} ,
2016-08-14 01:11:52 +02:00
} ,
}
2017-03-20 09:23:38 +01:00
2020-10-16 04:48:38 +02:00
microcmdUserChangePassword = cli . Command {
2017-03-20 09:23:38 +01:00
Name : "change-password" ,
Usage : "Change a user's password" ,
Action : runChangePassword ,
Flags : [ ] cli . Flag {
cli . StringFlag {
Name : "username,u" ,
Value : "" ,
Usage : "The user to change password for" ,
} ,
cli . StringFlag {
Name : "password,p" ,
Value : "" ,
Usage : "New password to set for user" ,
} ,
} ,
}
2017-12-31 15:45:46 +01:00
2020-10-16 04:48:38 +02:00
microcmdUserDelete = cli . Command {
2020-12-17 08:57:32 +01:00
Name : "delete" ,
Usage : "Delete specific user by id, name or email" ,
Flags : [ ] cli . Flag {
cli . Int64Flag {
Name : "id" ,
Usage : "ID of user of the user to delete" ,
} ,
cli . StringFlag {
Name : "username,u" ,
Usage : "Username of the user to delete" ,
} ,
cli . StringFlag {
Name : "email,e" ,
Usage : "Email of the user to delete" ,
} ,
} ,
2020-10-16 04:48:38 +02:00
Action : runDeleteUser ,
}
2017-12-31 15:45:46 +01:00
subcmdRepoSyncReleases = cli . Command {
Name : "repo-sync-releases" ,
Usage : "Synchronize repository releases with tags" ,
Action : runRepoSyncReleases ,
}
2018-05-17 03:35:07 +02:00
subcmdRegenerate = cli . Command {
Name : "regenerate" ,
Usage : "Regenerate specific files" ,
Subcommands : [ ] cli . Command {
microcmdRegenHooks ,
microcmdRegenKeys ,
} ,
}
microcmdRegenHooks = cli . Command {
Name : "hooks" ,
Usage : "Regenerate git-hooks" ,
Action : runRegenerateHooks ,
}
microcmdRegenKeys = cli . Command {
Name : "keys" ,
Usage : "Regenerate authorized_keys file" ,
Action : runRegenerateKeys ,
}
2018-09-12 16:46:02 +02:00
subcmdAuth = cli . Command {
Name : "auth" ,
Usage : "Modify external auth providers" ,
Subcommands : [ ] cli . Command {
microcmdAuthAddOauth ,
microcmdAuthUpdateOauth ,
2019-06-17 20:32:20 +02:00
cmdAuthAddLdapBindDn ,
cmdAuthUpdateLdapBindDn ,
cmdAuthAddLdapSimpleAuth ,
cmdAuthUpdateLdapSimpleAuth ,
2018-09-12 16:46:02 +02:00
microcmdAuthList ,
microcmdAuthDelete ,
} ,
}
microcmdAuthList = cli . Command {
Name : "list" ,
Usage : "List auth sources" ,
Action : runListAuth ,
2020-03-27 22:26:43 +01:00
Flags : [ ] cli . Flag {
cli . IntFlag {
Name : "min-width" ,
Usage : "Minimal cell width including any padding for the formatted table" ,
Value : 0 ,
} ,
cli . IntFlag {
Name : "tab-width" ,
Usage : "width of tab characters in formatted table (equivalent number of spaces)" ,
Value : 8 ,
} ,
cli . IntFlag {
Name : "padding" ,
Usage : "padding added to a cell before computing its width" ,
Value : 1 ,
} ,
cli . StringFlag {
Name : "pad-char" ,
Usage : ` ASCII char used for padding if padchar == '\\t', the Writer will assume that the width of a '\\t' in the formatted output is tabwidth, and cells are left-aligned independent of align_left (for correct-looking results, tabwidth must correspond to the tab width in the viewer displaying the result) ` ,
Value : "\t" ,
} ,
cli . BoolFlag {
Name : "vertical-bars" ,
Usage : "Set to true to print vertical bars between columns" ,
} ,
} ,
2018-09-12 16:46:02 +02:00
}
idFlag = cli . Int64Flag {
Name : "id" ,
2019-06-17 20:32:20 +02:00
Usage : "ID of authentication source" ,
2018-09-12 16:46:02 +02:00
}
microcmdAuthDelete = cli . Command {
Name : "delete" ,
Usage : "Delete specific auth source" ,
2020-01-08 00:41:16 +01:00
Flags : [ ] cli . Flag { idFlag } ,
2018-09-12 16:46:02 +02:00
Action : runDeleteAuth ,
}
oauthCLIFlags = [ ] cli . Flag {
cli . StringFlag {
Name : "name" ,
Value : "" ,
Usage : "Application Name" ,
} ,
cli . StringFlag {
Name : "provider" ,
Value : "" ,
Usage : "OAuth2 Provider" ,
} ,
cli . StringFlag {
Name : "key" ,
Value : "" ,
Usage : "Client ID (Key)" ,
} ,
cli . StringFlag {
Name : "secret" ,
Value : "" ,
Usage : "Client Secret" ,
} ,
cli . StringFlag {
Name : "auto-discover-url" ,
Value : "" ,
Usage : "OpenID Connect Auto Discovery URL (only required when using OpenID Connect as provider)" ,
} ,
cli . StringFlag {
Name : "use-custom-urls" ,
Value : "false" ,
Usage : "Use custom URLs for GitLab/GitHub OAuth endpoints" ,
} ,
cli . StringFlag {
Name : "custom-auth-url" ,
Value : "" ,
Usage : "Use a custom Authorization URL (option for GitLab/GitHub)" ,
} ,
cli . StringFlag {
Name : "custom-token-url" ,
Value : "" ,
Usage : "Use a custom Token URL (option for GitLab/GitHub)" ,
} ,
cli . StringFlag {
Name : "custom-profile-url" ,
Value : "" ,
Usage : "Use a custom Profile URL (option for GitLab/GitHub)" ,
} ,
cli . StringFlag {
Name : "custom-email-url" ,
Value : "" ,
Usage : "Use a custom Email URL (option for GitHub)" ,
} ,
2020-12-28 09:39:12 +01:00
cli . StringFlag {
Name : "icon-url" ,
Value : "" ,
Usage : "Custom icon URL for OAuth2 login source" ,
} ,
2021-09-10 18:37:57 +02:00
cli . BoolFlag {
Name : "skip-local-2fa" ,
Usage : "Set to true to skip local 2fa for users authenticated by this source" ,
} ,
2018-09-12 16:46:02 +02:00
}
microcmdAuthUpdateOauth = cli . Command {
Name : "update-oauth" ,
Usage : "Update existing Oauth authentication source" ,
Action : runUpdateOauth ,
Flags : append ( oauthCLIFlags [ : 1 ] , append ( [ ] cli . Flag { idFlag } , oauthCLIFlags [ 1 : ] ... ) ... ) ,
}
microcmdAuthAddOauth = cli . Command {
Name : "add-oauth" ,
Usage : "Add new Oauth authentication source" ,
Action : runAddOauth ,
Flags : oauthCLIFlags ,
}
2020-10-24 22:38:14 +02:00
subcmdSendMail = cli . Command {
Name : "sendmail" ,
Usage : "Send a message to all users" ,
Action : runSendMail ,
Flags : [ ] cli . Flag {
cli . StringFlag {
Name : "title" ,
Usage : ` a title of a message ` ,
Value : "" ,
} ,
cli . StringFlag {
Name : "content" ,
Usage : "a content of a message" ,
Value : "" ,
} ,
cli . BoolFlag {
Name : "force,f" ,
Usage : "A flag to bypass a confirmation step" ,
} ,
} ,
}
2016-08-14 01:11:52 +02:00
)
2017-03-20 09:23:38 +01:00
func runChangePassword ( c * cli . Context ) error {
2018-01-12 23:16:49 +01:00
if err := argsSet ( c , "username" , "password" ) ; err != nil {
return err
2017-03-20 09:23:38 +01:00
}
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-01-12 23:16:49 +01:00
return err
2017-03-20 09:23:38 +01:00
}
2019-10-14 17:24:26 +02:00
if ! pwd . IsComplexEnough ( c . String ( "password" ) ) {
return errors . New ( "Password does not meet complexity requirements" )
}
2020-09-09 00:06:39 +02:00
pwned , err := pwd . IsPwned ( context . Background ( ) , c . String ( "password" ) )
if err != nil {
return err
}
if pwned {
return errors . New ( "The password you chose is on a list of stolen passwords previously exposed in public data breaches. Please try again with a different password.\nFor more details, see https://haveibeenpwned.com/Passwords" )
}
2017-03-20 09:23:38 +01:00
uname := c . String ( "username" )
user , err := models . GetUserByName ( uname )
if err != nil {
2018-01-12 23:16:49 +01:00
return err
2017-03-20 09:23:38 +01:00
}
2021-01-10 19:05:18 +01:00
if err = user . SetPassword ( c . String ( "password" ) ) ; err != nil {
2018-01-12 23:16:49 +01:00
return err
2017-03-20 09:23:38 +01:00
}
2019-10-14 17:24:26 +02:00
2021-11-22 16:21:55 +01:00
if err = models . UpdateUserCols ( db . DefaultContext , user , "passwd" , "passwd_hash_algo" , "salt" ) ; err != nil {
2018-01-12 23:16:49 +01:00
return err
2017-03-20 09:23:38 +01:00
}
2018-01-12 23:16:49 +01:00
fmt . Printf ( "%s's password has been successfully updated!\n" , user . Name )
2017-03-20 09:23:38 +01:00
return nil
}
2016-08-14 01:11:52 +02:00
func runCreateUser ( c * cli . Context ) error {
2019-04-09 17:21:55 +02:00
if err := argsSet ( c , "email" ) ; err != nil {
2018-01-12 23:16:49 +01:00
return err
2016-08-14 01:11:52 +02:00
}
2019-04-09 17:21:55 +02:00
if c . IsSet ( "name" ) && c . IsSet ( "username" ) {
return errors . New ( "Cannot set both --name and --username flags" )
}
if ! c . IsSet ( "name" ) && ! c . IsSet ( "username" ) {
return errors . New ( "One of --name or --username flags must be set" )
}
2018-10-30 22:34:25 +01:00
if c . IsSet ( "password" ) && c . IsSet ( "random-password" ) {
return errors . New ( "cannot set both -random-password and -password flags" )
}
2019-04-09 17:21:55 +02:00
var username string
if c . IsSet ( "username" ) {
username = c . String ( "username" )
} else {
username = c . String ( "name" )
fmt . Fprintf ( os . Stderr , "--name flag is deprecated. Use --username instead.\n" )
}
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2019-10-14 17:24:26 +02:00
return err
}
2018-10-30 22:34:25 +01:00
2019-10-14 17:24:26 +02:00
var password string
2018-10-30 22:34:25 +01:00
if c . IsSet ( "password" ) {
password = c . String ( "password" )
} else if c . IsSet ( "random-password" ) {
2018-11-26 16:00:38 +01:00
var err error
2019-10-14 17:24:26 +02:00
password , err = pwd . Generate ( c . Int ( "random-password-length" ) )
2018-10-30 22:34:25 +01:00
if err != nil {
return err
}
fmt . Printf ( "generated random password is '%s'\n" , password )
} else {
return errors . New ( "must set either password or random-password flag" )
}
2018-10-21 00:05:01 +02:00
// always default to true
var changePassword = true
2018-11-25 08:42:24 +01:00
// If this is the first user being created.
// Take it as the admin and don't force a password update.
if n := models . CountUsers ( ) ; n == 0 {
changePassword = false
}
2018-10-21 00:05:01 +02:00
if c . IsSet ( "must-change-password" ) {
changePassword = c . Bool ( "must-change-password" )
}
2019-05-05 00:03:10 +02:00
u := & models . User {
2019-04-09 17:21:55 +02:00
Name : username ,
2018-10-21 00:05:01 +02:00
Email : c . String ( "email" ) ,
2018-10-30 22:34:25 +01:00
Passwd : password ,
2018-10-21 00:05:01 +02:00
IsActive : true ,
IsAdmin : c . Bool ( "admin" ) ,
MustChangePassword : changePassword ,
2019-01-09 18:22:57 +01:00
Theme : setting . UI . DefaultTheme ,
2019-05-05 00:03:10 +02:00
}
if err := models . CreateUser ( u ) ; err != nil {
2016-08-14 01:11:52 +02:00
return fmt . Errorf ( "CreateUser: %v" , err )
}
2019-05-05 00:03:10 +02:00
if c . Bool ( "access-token" ) {
t := & models . AccessToken {
Name : "gitea-admin" ,
UID : u . ID ,
}
if err := models . NewAccessToken ( t ) ; err != nil {
return err
}
fmt . Printf ( "Access token was successfully created... %s\n" , t . Token )
}
2019-04-09 17:21:55 +02:00
fmt . Printf ( "New user '%s' has been successfully created!\n" , username )
2016-08-14 01:11:52 +02:00
return nil
}
2017-12-31 15:45:46 +01:00
2020-10-16 04:48:38 +02:00
func runListUsers ( c * cli . Context ) error {
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2020-10-16 04:48:38 +02:00
return err
}
users , err := models . GetAllUsers ( )
if err != nil {
return err
}
w := tabwriter . NewWriter ( os . Stdout , 5 , 0 , 1 , ' ' , 0 )
if c . IsSet ( "admin" ) {
fmt . Fprintf ( w , "ID\tUsername\tEmail\tIsActive\n" )
for _ , u := range users {
if u . IsAdmin {
fmt . Fprintf ( w , "%d\t%s\t%s\t%t\n" , u . ID , u . Name , u . Email , u . IsActive )
}
}
} else {
fmt . Fprintf ( w , "ID\tUsername\tEmail\tIsActive\tIsAdmin\n" )
for _ , u := range users {
fmt . Fprintf ( w , "%d\t%s\t%s\t%t\t%t\n" , u . ID , u . Name , u . Email , u . IsActive , u . IsAdmin )
}
}
w . Flush ( )
return nil
}
func runDeleteUser ( c * cli . Context ) error {
2020-12-17 08:57:32 +01:00
if ! c . IsSet ( "id" ) && ! c . IsSet ( "username" ) && ! c . IsSet ( "email" ) {
return fmt . Errorf ( "You must provide the id, username or email of a user to delete" )
2020-10-16 04:48:38 +02:00
}
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2020-10-16 04:48:38 +02:00
return err
}
2021-04-22 18:48:47 +02:00
if err := storage . Init ( ) ; err != nil {
return err
}
2020-12-17 08:57:32 +01:00
var err error
var user * models . User
if c . IsSet ( "email" ) {
user , err = models . GetUserByEmail ( c . String ( "email" ) )
} else if c . IsSet ( "username" ) {
user , err = models . GetUserByName ( c . String ( "username" ) )
} else {
user , err = models . GetUserByID ( c . Int64 ( "id" ) )
}
2020-10-16 04:48:38 +02:00
if err != nil {
return err
}
2020-12-17 08:57:32 +01:00
if c . IsSet ( "username" ) && user . LowerName != strings . ToLower ( strings . TrimSpace ( c . String ( "username" ) ) ) {
return fmt . Errorf ( "The user %s who has email %s does not match the provided username %s" , user . Name , c . String ( "email" ) , c . String ( "username" ) )
}
if c . IsSet ( "id" ) && user . ID != c . Int64 ( "id" ) {
return fmt . Errorf ( "The user %s does not match the provided id %d" , user . Name , c . Int64 ( "id" ) )
}
2020-10-16 04:48:38 +02:00
2021-11-18 18:42:27 +01:00
return user_service . DeleteUser ( user )
2020-10-16 04:48:38 +02:00
}
2021-04-09 09:40:34 +02:00
func runRepoSyncReleases ( _ * cli . Context ) error {
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-01-12 23:16:49 +01:00
return err
2017-12-31 15:45:46 +01:00
}
log . Trace ( "Synchronizing repository releases (this may take a while)" )
for page := 1 ; ; page ++ {
repos , count , err := models . SearchRepositoryByName ( & models . SearchRepoOptions {
2021-09-24 13:32:56 +02:00
ListOptions : db . ListOptions {
2020-01-24 20:00:29 +01:00
PageSize : models . RepositoryListDefaultPageSize ,
Page : page ,
} ,
Private : true ,
2017-12-31 15:45:46 +01:00
} )
if err != nil {
2018-01-12 23:16:49 +01:00
return fmt . Errorf ( "SearchRepositoryByName: %v" , err )
2017-12-31 15:45:46 +01:00
}
if len ( repos ) == 0 {
break
}
log . Trace ( "Processing next %d repos of %d" , len ( repos ) , count )
for _ , repo := range repos {
log . Trace ( "Synchronizing repo %s with path %s" , repo . FullName ( ) , repo . RepoPath ( ) )
gitRepo , err := git . OpenRepository ( repo . RepoPath ( ) )
if err != nil {
log . Warn ( "OpenRepository: %v" , err )
continue
}
2018-01-12 23:16:49 +01:00
oldnum , err := getReleaseCount ( repo . ID )
2017-12-31 15:45:46 +01:00
if err != nil {
log . Warn ( " GetReleaseCountByRepoID: %v" , err )
}
log . Trace ( " currentNumReleases is %d, running SyncReleasesWithTags" , oldnum )
2020-01-20 21:01:19 +01:00
if err = repo_module . SyncReleasesWithTags ( repo , gitRepo ) ; err != nil {
2017-12-31 15:45:46 +01:00
log . Warn ( " SyncReleasesWithTags: %v" , err )
2019-11-13 08:01:19 +01:00
gitRepo . Close ( )
2017-12-31 15:45:46 +01:00
continue
}
2018-01-12 23:16:49 +01:00
count , err = getReleaseCount ( repo . ID )
2017-12-31 15:45:46 +01:00
if err != nil {
log . Warn ( " GetReleaseCountByRepoID: %v" , err )
2019-11-13 08:01:19 +01:00
gitRepo . Close ( )
2017-12-31 15:45:46 +01:00
continue
}
log . Trace ( " repo %s releases synchronized to tags: from %d to %d" ,
repo . FullName ( ) , oldnum , count )
2019-11-13 08:01:19 +01:00
gitRepo . Close ( )
2017-12-31 15:45:46 +01:00
}
}
return nil
}
2018-01-12 23:16:49 +01:00
func getReleaseCount ( id int64 ) ( int64 , error ) {
return models . GetReleaseCountByRepoID (
id ,
models . FindReleasesOptions {
IncludeTags : true ,
} ,
)
}
2018-05-17 03:35:07 +02:00
2021-04-09 09:40:34 +02:00
func runRegenerateHooks ( _ * cli . Context ) error {
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-05-17 03:35:07 +02:00
return err
}
2021-11-17 16:17:31 +01:00
return repo_service . SyncRepositoryHooks ( graceful . GetManager ( ) . ShutdownContext ( ) )
2018-05-17 03:35:07 +02:00
}
2021-04-09 09:40:34 +02:00
func runRegenerateKeys ( _ * cli . Context ) error {
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-05-17 03:35:07 +02:00
return err
}
return models . RewriteAllPublicKeys ( )
}
2018-09-12 16:46:02 +02:00
2021-07-24 12:16:34 +02:00
func parseOAuth2Config ( c * cli . Context ) * oauth2 . Source {
2018-09-12 16:46:02 +02:00
var customURLMapping * oauth2 . CustomURLMapping
if c . IsSet ( "use-custom-urls" ) {
customURLMapping = & oauth2 . CustomURLMapping {
TokenURL : c . String ( "custom-token-url" ) ,
AuthURL : c . String ( "custom-auth-url" ) ,
ProfileURL : c . String ( "custom-profile-url" ) ,
EmailURL : c . String ( "custom-email-url" ) ,
}
} else {
customURLMapping = nil
}
2021-07-24 12:16:34 +02:00
return & oauth2 . Source {
2018-09-12 16:46:02 +02:00
Provider : c . String ( "provider" ) ,
ClientID : c . String ( "key" ) ,
ClientSecret : c . String ( "secret" ) ,
OpenIDConnectAutoDiscoveryURL : c . String ( "auto-discover-url" ) ,
CustomURLMapping : customURLMapping ,
2020-12-28 09:39:12 +01:00
IconURL : c . String ( "icon-url" ) ,
2021-09-10 18:37:57 +02:00
SkipLocalTwoFA : c . Bool ( "skip-local-2fa" ) ,
2018-09-12 16:46:02 +02:00
}
}
func runAddOauth ( c * cli . Context ) error {
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-09-12 16:46:02 +02:00
return err
}
2021-09-24 13:32:56 +02:00
return login . CreateSource ( & login . Source {
Type : login . OAuth2 ,
2021-07-24 12:16:34 +02:00
Name : c . String ( "name" ) ,
IsActive : true ,
Cfg : parseOAuth2Config ( c ) ,
2018-10-18 06:51:07 +02:00
} )
2018-09-12 16:46:02 +02:00
}
func runUpdateOauth ( c * cli . Context ) error {
if ! c . IsSet ( "id" ) {
return fmt . Errorf ( "--id flag is missing" )
}
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-09-12 16:46:02 +02:00
return err
}
2021-09-24 13:32:56 +02:00
source , err := login . GetSourceByID ( c . Int64 ( "id" ) )
2018-09-12 16:46:02 +02:00
if err != nil {
return err
}
2021-07-24 12:16:34 +02:00
oAuth2Config := source . Cfg . ( * oauth2 . Source )
2018-09-12 16:46:02 +02:00
if c . IsSet ( "name" ) {
source . Name = c . String ( "name" )
}
if c . IsSet ( "provider" ) {
oAuth2Config . Provider = c . String ( "provider" )
}
if c . IsSet ( "key" ) {
oAuth2Config . ClientID = c . String ( "key" )
}
if c . IsSet ( "secret" ) {
oAuth2Config . ClientSecret = c . String ( "secret" )
}
if c . IsSet ( "auto-discover-url" ) {
oAuth2Config . OpenIDConnectAutoDiscoveryURL = c . String ( "auto-discover-url" )
}
2020-12-28 09:39:12 +01:00
if c . IsSet ( "icon-url" ) {
oAuth2Config . IconURL = c . String ( "icon-url" )
}
2018-09-12 16:46:02 +02:00
// update custom URL mapping
2019-06-12 21:41:28 +02:00
var customURLMapping = & oauth2 . CustomURLMapping { }
2018-09-12 16:46:02 +02:00
if oAuth2Config . CustomURLMapping != nil {
customURLMapping . TokenURL = oAuth2Config . CustomURLMapping . TokenURL
customURLMapping . AuthURL = oAuth2Config . CustomURLMapping . AuthURL
customURLMapping . ProfileURL = oAuth2Config . CustomURLMapping . ProfileURL
customURLMapping . EmailURL = oAuth2Config . CustomURLMapping . EmailURL
}
if c . IsSet ( "use-custom-urls" ) && c . IsSet ( "custom-token-url" ) {
customURLMapping . TokenURL = c . String ( "custom-token-url" )
}
if c . IsSet ( "use-custom-urls" ) && c . IsSet ( "custom-auth-url" ) {
customURLMapping . AuthURL = c . String ( "custom-auth-url" )
}
if c . IsSet ( "use-custom-urls" ) && c . IsSet ( "custom-profile-url" ) {
customURLMapping . ProfileURL = c . String ( "custom-profile-url" )
}
if c . IsSet ( "use-custom-urls" ) && c . IsSet ( "custom-email-url" ) {
customURLMapping . EmailURL = c . String ( "custom-email-url" )
}
oAuth2Config . CustomURLMapping = customURLMapping
source . Cfg = oAuth2Config
2021-09-24 13:32:56 +02:00
return login . UpdateSource ( source )
2018-09-12 16:46:02 +02:00
}
func runListAuth ( c * cli . Context ) error {
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-09-12 16:46:02 +02:00
return err
}
2021-09-24 13:32:56 +02:00
loginSources , err := login . Sources ( )
2018-09-12 16:46:02 +02:00
if err != nil {
return err
}
2020-03-27 22:26:43 +01:00
flags := tabwriter . AlignRight
if c . Bool ( "vertical-bars" ) {
flags |= tabwriter . Debug
}
padChar := byte ( '\t' )
if len ( c . String ( "pad-char" ) ) > 0 {
padChar = c . String ( "pad-char" ) [ 0 ]
}
2018-09-12 16:46:02 +02:00
// loop through each source and print
2020-03-27 22:26:43 +01:00
w := tabwriter . NewWriter ( os . Stdout , c . Int ( "min-width" ) , c . Int ( "tab-width" ) , c . Int ( "padding" ) , padChar , flags )
2020-01-08 00:41:16 +01:00
fmt . Fprintf ( w , "ID\tName\tType\tEnabled\n" )
2018-09-12 16:46:02 +02:00
for _ , source := range loginSources {
2021-09-24 13:32:56 +02:00
fmt . Fprintf ( w , "%d\t%s\t%s\t%t\n" , source . ID , source . Name , source . Type . String ( ) , source . IsActive )
2018-09-12 16:46:02 +02:00
}
w . Flush ( )
return nil
}
func runDeleteAuth ( c * cli . Context ) error {
if ! c . IsSet ( "id" ) {
return fmt . Errorf ( "--id flag is missing" )
}
2021-11-07 04:11:27 +01:00
ctx , cancel := installSignals ( )
defer cancel ( )
if err := initDB ( ctx ) ; err != nil {
2018-09-12 16:46:02 +02:00
return err
}
2021-09-24 13:32:56 +02:00
source , err := login . GetSourceByID ( c . Int64 ( "id" ) )
2018-09-12 16:46:02 +02:00
if err != nil {
return err
}
2021-09-24 13:32:56 +02:00
return auth_service . DeleteLoginSource ( source )
2018-09-12 16:46:02 +02:00
}