Use proper oauth state #3847

anbraten · 2024-06-27T07:48:49Z

Extracted from #3822

woodpecker-bot · 2024-06-27T08:13:50Z

Deployment of preview was torn down

server/api/login.go

…auth-state-2

.vscode/settings.json

6543 · 2024-06-27T13:44:21Z

@anbraten smal lint nit

codecov · 2024-06-27T14:48:54Z

Codecov Report

Attention: Patch coverage is 41.07143% with 33 lines in your changes missing coverage. Please review.

Project coverage is 27.94%. Comparing base (b8b6efb) to head (f6e0afb).
Report is 1 commits behind head on main.

Files	Patch %	Lines
cmd/server/setup.go	0.00%	16 Missing ⚠️
server/api/login.go	76.66%	6 Missing and 1 partial ⚠️
cmd/server/server.go	0.00%	6 Missing ⚠️
server/services/manager.go	0.00%	3 Missing ⚠️
server/api/hook.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3847      +/-   ##
==========================================
- Coverage   28.25%   27.94%   -0.31%     
==========================================
  Files         363      366       +3     
  Lines       25114    25564     +450     
==========================================
+ Hits         7095     7143      +48     
- Misses      17486    17766     +280     
- Partials      533      655     +122

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

## [2.7.0](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.7.0) - 2024-07-18 ### 🔒 Security - Add blocklist of environment variables who could alter execution of plugins [[#3934](#3934)] - Make sure plugins only mount the workspace base in a predefinde location [[#3933](#3933)] - Disallow to set arbitrary environments for plugins [[#3909](#3909)] - Use proper oauth state [[#3847](#3847)] - Enhance token checking [[#3842](#3842)] - Bump github.com/hashicorp/go-retryablehttp v0.7.5 -> v0.7.7 [[#3834](#3834)] ### ✨ Features - Gracefully shutdown server [[#3896](#3896)] - Gracefully shutdown agent [[#3895](#3895)] - Convert urls in logs to links [[#3904](#3904)] - Allow login using multiple forges [[#3822](#3822)] - Global and organization registries [[#1672](#1672)] - Cli get repo from git remote [[#3830](#3830)] - Add api for forges [[#3733](#3733)] ### 📈 Enhancement - Cli fix pipeline logs [[#3913](#3913)] - Migrate to github.com/urfave/cli/v3 [[#2951](#2951)] - Allow to change the working directory also for plugins and services [[#3914](#3914)] - Remove `unplugin-icons` [[#3809](#3809)] - Release windows binaries as zip file [[#3906](#3906)] - Convert to openapi 3.0 [[#3897](#3897)] - Enhance pipeline list [[#3898](#3898)] - Add user registries UI [[#3888](#3888)] - Sort users by login [[#3891](#3891)] - Exclude dummy backend in production [[#3877](#3877)] - Fix deploy task env [[#3878](#3878)] - Get default branch and show message in pipeline list [[#3867](#3867)] - Add timestamp for last work done by agent [[#3844](#3844)] - Adjust logger types [[#3859](#3859)] - Cleanup state reporting [[#3850](#3850)] - Unify DB tables/columns [[#3806](#3806)] - Let webhook pass on pipeline parsing error [[#3829](#3829)] - Exclude mocks from release build [[#3831](#3831)] - K8s secrets reference from step [[#3655](#3655)] ### 🐛 Bug Fixes - Handle empty repositories in gitea when listing PRs [[#3925](#3925)] - Update alpine package dep for docker images [[#3917](#3917)] - Don't report error if agent was terminated gracefully [[#3894](#3894)] - Let agents continuously report their health [[#3893](#3893)] - Ignore warnings for cli exec [[#3868](#3868)] - Correct favicon states [[#3832](#3832)] - Cleanup of the login flow and tests [[#3810](#3810)] - Fix newlines in logs [[#3808](#3808)] - Fix authentication error handling [[#3807](#3807)] ### 📚 Documentation - Streamline docs for new users [[#3803](#3803)] - Add mastodon verification [[#3843](#3843)] - chore(deps): update docs npm deps non-major [[#3837](#3837)] - fix(deps): update docs npm deps non-major [[#3824](#3824)] - Add openSUSE package [[#3800](#3800)] - chore(deps): update docs npm deps non-major [[#3798](#3798)] - Add "Docker Tags" Plugin [[#3796](#3796)] - chore(deps): update dependency marked to v13 [[#3792](#3792)] - chore: fix some comments [[#3788](#3788)] ### Misc - chore(deps): update web npm deps non-major [[#3930](#3930)] - chore(deps): update dependency vitest to v2 [[#3905](#3905)] - fix(deps): update module github.com/google/go-github/v62 to v63 [[#3910](#3910)] - chore(deps): update docker.io/woodpeckerci/plugin-docker-buildx docker tag to v4.1.0 [[#3908](#3908)] - Update plugin-git and add renovate trigger [[#3901](#3901)] - chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.0.3 [[#3903](#3903)] - fix(deps): update golang-packages [[#3875](#3875)] - chore(deps): lock file maintenance [[#3876](#3876)] - [pre-commit.ci] pre-commit autoupdate [[#3862](#3862)] - Add dummy backend [[#3820](#3820)] - chore(deps): update dependency replace-in-file to v8 [[#3852](#3852)] - Update forgejo sdk [[#3840](#3840)] - chore(deps): lock file maintenance [[#3838](#3838)] - Allow to set dist dir using env var [[#3814](#3814)] - chore(deps): lock file maintenance [[#3805](#3805)] - chore(deps): update docker.io/lycheeverse/lychee docker tag to v0.15.1 [[#3797](#3797)]

## [2.7.0](https://github.com/woodpecker-ci/woodpecker/releases/tag/v2.7.0) - 2024-07-18 ### 🔒 Security - Add blocklist of environment variables who could alter execution of plugins [[woodpecker-ci#3934](woodpecker-ci#3934)] - Make sure plugins only mount the workspace base in a predefinde location [[woodpecker-ci#3933](woodpecker-ci#3933)] - Disallow to set arbitrary environments for plugins [[woodpecker-ci#3909](woodpecker-ci#3909)] - Use proper oauth state [[woodpecker-ci#3847](woodpecker-ci#3847)] - Enhance token checking [[woodpecker-ci#3842](woodpecker-ci#3842)] - Bump github.com/hashicorp/go-retryablehttp v0.7.5 -> v0.7.7 [[woodpecker-ci#3834](woodpecker-ci#3834)] ### ✨ Features - Gracefully shutdown server [[woodpecker-ci#3896](woodpecker-ci#3896)] - Gracefully shutdown agent [[woodpecker-ci#3895](woodpecker-ci#3895)] - Convert urls in logs to links [[woodpecker-ci#3904](woodpecker-ci#3904)] - Allow login using multiple forges [[woodpecker-ci#3822](woodpecker-ci#3822)] - Global and organization registries [[woodpecker-ci#1672](woodpecker-ci#1672)] - Cli get repo from git remote [[woodpecker-ci#3830](woodpecker-ci#3830)] - Add api for forges [[woodpecker-ci#3733](woodpecker-ci#3733)] ### 📈 Enhancement - Cli fix pipeline logs [[woodpecker-ci#3913](woodpecker-ci#3913)] - Migrate to github.com/urfave/cli/v3 [[woodpecker-ci#2951](woodpecker-ci#2951)] - Allow to change the working directory also for plugins and services [[woodpecker-ci#3914](woodpecker-ci#3914)] - Remove `unplugin-icons` [[woodpecker-ci#3809](woodpecker-ci#3809)] - Release windows binaries as zip file [[woodpecker-ci#3906](woodpecker-ci#3906)] - Convert to openapi 3.0 [[woodpecker-ci#3897](woodpecker-ci#3897)] - Enhance pipeline list [[woodpecker-ci#3898](woodpecker-ci#3898)] - Add user registries UI [[woodpecker-ci#3888](woodpecker-ci#3888)] - Sort users by login [[woodpecker-ci#3891](woodpecker-ci#3891)] - Exclude dummy backend in production [[woodpecker-ci#3877](woodpecker-ci#3877)] - Fix deploy task env [[woodpecker-ci#3878](woodpecker-ci#3878)] - Get default branch and show message in pipeline list [[woodpecker-ci#3867](woodpecker-ci#3867)] - Add timestamp for last work done by agent [[woodpecker-ci#3844](woodpecker-ci#3844)] - Adjust logger types [[woodpecker-ci#3859](woodpecker-ci#3859)] - Cleanup state reporting [[woodpecker-ci#3850](woodpecker-ci#3850)] - Unify DB tables/columns [[woodpecker-ci#3806](woodpecker-ci#3806)] - Let webhook pass on pipeline parsing error [[woodpecker-ci#3829](woodpecker-ci#3829)] - Exclude mocks from release build [[woodpecker-ci#3831](woodpecker-ci#3831)] - K8s secrets reference from step [[woodpecker-ci#3655](woodpecker-ci#3655)] ### 🐛 Bug Fixes - Handle empty repositories in gitea when listing PRs [[woodpecker-ci#3925](woodpecker-ci#3925)] - Update alpine package dep for docker images [[woodpecker-ci#3917](woodpecker-ci#3917)] - Don't report error if agent was terminated gracefully [[woodpecker-ci#3894](woodpecker-ci#3894)] - Let agents continuously report their health [[woodpecker-ci#3893](woodpecker-ci#3893)] - Ignore warnings for cli exec [[woodpecker-ci#3868](woodpecker-ci#3868)] - Correct favicon states [[woodpecker-ci#3832](woodpecker-ci#3832)] - Cleanup of the login flow and tests [[woodpecker-ci#3810](woodpecker-ci#3810)] - Fix newlines in logs [[woodpecker-ci#3808](woodpecker-ci#3808)] - Fix authentication error handling [[woodpecker-ci#3807](woodpecker-ci#3807)] ### 📚 Documentation - Streamline docs for new users [[woodpecker-ci#3803](woodpecker-ci#3803)] - Add mastodon verification [[woodpecker-ci#3843](woodpecker-ci#3843)] - chore(deps): update docs npm deps non-major [[woodpecker-ci#3837](woodpecker-ci#3837)] - fix(deps): update docs npm deps non-major [[woodpecker-ci#3824](woodpecker-ci#3824)] - Add openSUSE package [[woodpecker-ci#3800](woodpecker-ci#3800)] - chore(deps): update docs npm deps non-major [[woodpecker-ci#3798](woodpecker-ci#3798)] - Add "Docker Tags" Plugin [[woodpecker-ci#3796](woodpecker-ci#3796)] - chore(deps): update dependency marked to v13 [[woodpecker-ci#3792](woodpecker-ci#3792)] - chore: fix some comments [[woodpecker-ci#3788](woodpecker-ci#3788)] ### Misc - chore(deps): update web npm deps non-major [[woodpecker-ci#3930](woodpecker-ci#3930)] - chore(deps): update dependency vitest to v2 [[woodpecker-ci#3905](woodpecker-ci#3905)] - fix(deps): update module github.com/google/go-github/v62 to v63 [[woodpecker-ci#3910](woodpecker-ci#3910)] - chore(deps): update docker.io/woodpeckerci/plugin-docker-buildx docker tag to v4.1.0 [[woodpecker-ci#3908](woodpecker-ci#3908)] - Update plugin-git and add renovate trigger [[woodpecker-ci#3901](woodpecker-ci#3901)] - chore(deps): update docker.io/mstruebing/editorconfig-checker docker tag to v3.0.3 [[woodpecker-ci#3903](woodpecker-ci#3903)] - fix(deps): update golang-packages [[woodpecker-ci#3875](woodpecker-ci#3875)] - chore(deps): lock file maintenance [[woodpecker-ci#3876](woodpecker-ci#3876)] - [pre-commit.ci] pre-commit autoupdate [[woodpecker-ci#3862](woodpecker-ci#3862)] - Add dummy backend [[woodpecker-ci#3820](woodpecker-ci#3820)] - chore(deps): update dependency replace-in-file to v8 [[woodpecker-ci#3852](woodpecker-ci#3852)] - Update forgejo sdk [[woodpecker-ci#3840](woodpecker-ci#3840)] - chore(deps): lock file maintenance [[woodpecker-ci#3838](woodpecker-ci#3838)] - Allow to set dist dir using env var [[woodpecker-ci#3814](woodpecker-ci#3814)] - chore(deps): lock file maintenance [[woodpecker-ci#3805](woodpecker-ci#3805)] - chore(deps): update docker.io/lycheeverse/lychee docker tag to v0.15.1 [[woodpecker-ci#3797](woodpecker-ci#3797)]

anbraten added 16 commits June 19, 2024 06:23

use oauth state

df7923f

Merge remote-tracking branch 'upstream/main' into oauth-state-2

1d79283

simplify login flow

8f1ccfa

fix ui

9b2d92e

enhance login flow

553776f

enhance

46a16e8

update mock

ee776b8

improve tests

19e2a27

use state

f126112

Merge remote-tracking branch 'upstream/main' into oauth-state-2

26adbd3

cleanup

38a1232

cleanup

0902294

Merge remote-tracking branch 'upstream/main' into oauth-state-2

cfc607e

fix test

fa8751d

enhance code

07fa916

rm unrelated

abc18d9

anbraten added server enhancement improve existing features labels Jun 27, 2024

anbraten added this to the 2.7.0 milestone Jun 27, 2024

Merge branch 'main' into oauth-state-2

fcf84d7

anbraten requested a review from a team June 27, 2024 07:49

anbraten mentioned this pull request Jun 27, 2024

Allow login using multiple forges #3822

Merged

3 tasks

anbraten added the security label Jun 27, 2024

qwerty287 reviewed Jun 27, 2024

View reviewed changes

server/api/login.go Outdated Show resolved Hide resolved

anbraten added 2 commits June 27, 2024 13:31

review, fix

2112358

Merge branch 'oauth-state-2' of github.com:anbraten/woodpecker into o…

277ce4e

…auth-state-2

qwerty287 approved these changes Jun 27, 2024

View reviewed changes

6543 reviewed Jun 27, 2024

View reviewed changes

.vscode/settings.json Show resolved Hide resolved

fix lint

f6e0afb

anbraten merged commit 2bda190 into woodpecker-ci:main Jun 27, 2024
8 of 9 checks passed

anbraten deleted the oauth-state-2 branch June 27, 2024 14:52

woodpecker-bot mentioned this pull request Jun 27, 2024

🎉 Release 2.7.0 #3793

Merged

1 task

BrewTestBot mentioned this pull request Jul 18, 2024

woodpecker-cli 2.7.0 Homebrew/homebrew-core#177789

Merged

woodpecker-bot mentioned this pull request Jul 19, 2024

🎉 Release 3.0.0 #3938

Closed

1 task

6543 pushed a commit to 6543-forks/woodpecker that referenced this pull request Sep 5, 2024

Use proper oauth state (woodpecker-ci#3847)

0d58d48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use proper oauth state #3847

Use proper oauth state #3847

anbraten commented Jun 27, 2024

woodpecker-bot commented Jun 27, 2024 •

edited

Loading

6543 commented Jun 27, 2024

codecov bot commented Jun 27, 2024

Use proper oauth state #3847

Use proper oauth state #3847

Conversation

anbraten commented Jun 27, 2024

woodpecker-bot commented Jun 27, 2024 • edited Loading

6543 commented Jun 27, 2024

codecov bot commented Jun 27, 2024

Codecov Report

woodpecker-bot commented Jun 27, 2024 •

edited

Loading