~edwargix/git.sr.ht

411c109a0f3b95445097620d21eccbf1cef3267c — Drew DeVault 7 years ago 79a2eac 
Rig up SSH key notify webhook
patch browse .tar.gz 
2 files changed, 42 insertions(+), 14 deletions(-)

M gitsrht/app.py
A gitsrht/service.py

M gitsrht/app.py => gitsrht/app.py +3 -14
@@ 6,27 6,15 @@ from functools import lru_cache
from gitsrht import urls
from gitsrht.git import commit_time, trim_commit
from gitsrht.repos import GitRepoApi
from gitsrht.types import Access, Redirect, Repository, User, OAuthToken
from gitsrht.service import GitOAuthService, webhooks_notify
from gitsrht.types import Access, Redirect, Repository, User
from scmsrht.flask import ScmSrhtFlask
from srht.config import cfg
from srht.database import DbSession
from srht.oauth import AbstractOAuthService

db = DbSession(cfg("git.sr.ht", "connection-string"))
db.init()

client_id = cfg("git.sr.ht", "oauth-client-id")
client_secret = cfg("git.sr.ht", "oauth-client-secret")
builds_client_id = cfg("builds.sr.ht", "oauth-client-id", default=None)

class GitOAuthService(AbstractOAuthService):
    def __init__(self):
        super().__init__(client_id, client_secret,
                required_scopes=["profile"] + ([
                    "{}/jobs:write".format(builds_client_id)
                ] if builds_client_id else []),
                token_class=OAuthToken, user_class=User)

class GitApp(ScmSrhtFlask):
    def __init__(self):
        super().__init__("git.sr.ht", __name__,


@@ 40,6 28,7 @@ class GitApp(ScmSrhtFlask):

        self.register_blueprint(repo)
        self.register_blueprint(stats)
        self.register_blueprint(webhooks_notify)

        self.add_template_filter(urls.clone_urls)
        self.add_template_filter(urls.log_rss_url)


A gitsrht/service.py => gitsrht/service.py +39 -0
@@ 0,0 1,39 @@
from flask import Blueprint, request, url_for
from gitsrht.types import User, OAuthToken
from srht.api import get_results
from srht.config import cfg
from srht.flask import csrf_bypass
from srht.oauth import AbstractOAuthService
import json
import requests

origin = cfg("git.sr.ht", "origin")
client_id = cfg("git.sr.ht", "oauth-client-id")
client_secret = cfg("git.sr.ht", "oauth-client-secret")
builds_client_id = cfg("builds.sr.ht", "oauth-client-id", default=None)

class GitOAuthService(AbstractOAuthService):
    def __init__(self):
        super().__init__(client_id, client_secret,
                required_scopes=["profile", "keys"] + ([
                    "{}/jobs:write".format(builds_client_id)
                ] if builds_client_id else []),
                token_class=OAuthToken, user_class=User)

    def ensure_meta_webhooks(self, user, webhooks):
        webhook_url = origin + url_for("webhooks.notify.notify_keys")
        webhooks.update({
            webhook_url: ["ssh-key:add", "ssh-key:remove"]
        })
        super().ensure_meta_webhooks(user, webhooks)

webhooks_notify = Blueprint("webhooks.notify", __name__)

@csrf_bypass
@webhooks_notify.route("/webhook/notify/keys", methods=["POST"])
def notify_keys():
    payload = json.loads(request.data.decode('utf-8'))
    event = request.headers.get("X-Webhook-Event")
    # TODO: Store these keys in the database
    print(event, payload)
    return "Thanks!"