allow token:x-oauth-basic basic auth for lfs

We get the user's access token as user and "x-oauth-basic" as password. The "main" repository module already accepts this type of token so lfs should too. drone.io uses this so lfs access to private repos is now granted and avoids the regression from go-gitea#5657 for my drone scenario (since drone with the default git plugin requests are already authenticated).
TankTheFrank · Jan 18, 2019 · ccd8f90 · ccd8f90
1 parent af45648
commit ccd8f90
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/modules/lfs/server.go b/modules/lfs/server.go
@@ -578,6 +578,17 @@ func parseToken(authorization string) (*models.User, *models.Repository, string,
 			return nil, nil, "basic", fmt.Errorf("Basic auth invalid")
 		}
 		user, password := cs[:i], cs[i+1:]
+		if password == "x-oauth-basic" {
+			t, err := models.GetAccessTokenBySHA(user)
+			// on error assume that this is indeed the password and move on
+			if err == nil {
+				u, err := models.GetUserByID(t.UID)
+				if err != nil {
+					return nil, nil, "basic", err
+				}
+				return u, nil, "basic", nil
+			}
+		}
 		u, err := models.GetUserByName(user)
 		if err != nil {
 			return nil, nil, "basic", err