From: Michael Tremer Date: Sat, 21 Jun 2025 16:49:41 +0000 (+0000) Subject: buildservice: Implement authentication using the access token X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=ff7d8f8af103788ef024a08cbefeef4814280ff5;p=pakfire.git buildservice: Implement authentication using the access token Signed-off-by: Michael Tremer --- diff --git a/src/pakfire/buildservice.c b/src/pakfire/buildservice.c index 9ce03081..5c7f2713 100644 --- a/src/pakfire/buildservice.c +++ b/src/pakfire/buildservice.c @@ -97,6 +97,47 @@ ERROR: return r; } +static int pakfire_buildservice_auth_refresh(struct pakfire_buildservice* self) { + return 0; // XXX TODO +} + +static int pakfire_buildservice_token_has_expired(const time_t t) { + time_t now = -1; + + // Fetch the current time + now = time(NULL); + if (now < 0) + return -errno; + + // We consider the token as expired if there are less than 60 seconds left + return (now - t) < 60; +} + +static int pakfire_buildservice_xfer_auth(struct pakfire_buildservice* self, struct pakfire_xfer* xfer) { + int r; + + // Fail if not authenticated + if (!*self->access_token) + return -ENOTSUP; + + // Refresh if the access token has expired + if (pakfire_buildservice_token_has_expired(self->access_token_expires_at)) { + DEBUG(self->ctx, "The access token has expired. Trying to refresh...\n"); + + // Refresh the access token + r = pakfire_buildservice_auth_refresh(self); + if (r < 0) + return r; + } + + // Set the access token + r = pakfire_xfer_add_header(xfer, "Authorization: Bearer %s", self->access_token); + if (r < 0) + return r; + + return 0; +} + static int pakfire_buildservice_set_access_token(struct pakfire_buildservice* self, const char* token) { char expires_at[1024]; int r; @@ -334,7 +375,7 @@ int pakfire_buildservice_build(struct pakfire_buildservice* service, const char* goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -459,8 +500,8 @@ static int pakfire_buildservice_create_upload(struct pakfire_buildservice* servi goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); - if (r) + r = pakfire_buildservice_xfer_auth(service, xfer); + if (r < 0) goto ERROR; // Add the filename parameter @@ -527,7 +568,7 @@ static int pakfire_buildservice_upload_payload(struct pakfire_buildservice* serv goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -611,7 +652,7 @@ int pakfire_buildservice_list_uploads( goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -657,7 +698,7 @@ int pakfire_buildservice_delete_upload( goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -694,7 +735,7 @@ int pakfire_buildservice_list_repos(struct pakfire_buildservice* service, goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -738,7 +779,7 @@ int pakfire_buildservice_get_repo(struct pakfire_buildservice* service, goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -775,7 +816,7 @@ int pakfire_buildservice_create_repo(struct pakfire_buildservice* service, goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR; @@ -825,7 +866,7 @@ int pakfire_buildservice_delete_repo(struct pakfire_buildservice* service, goto ERROR; // Enable authentication - r = pakfire_xfer_auth(xfer); + r = pakfire_buildservice_xfer_auth(service, xfer); if (r) goto ERROR;