From da1c2a42e5ebf928a54fc1d21b0311a178adff4a Mon Sep 17 00:00:00 2001 From: Alex Butler Date: Fri, 10 Nov 2023 10:46:17 +0000 Subject: [PATCH] Make admin-token optional (#55) --- config.toml | 2 ++ src/config.rs | 3 ++- src/providers/gitlab.rs | 19 ++++++++++++------- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/config.toml b/config.toml index 0830a09..137c0ea 100644 --- a/config.toml +++ a/config.toml @@ -13,4 +13,6 @@ # users and create impersonation tokens. `sudo` is used to fetch all the # packages the user can access, and the impersonation token is returned # to the user to download packages +# +# May be omitted if clients are using their own personal access tokens. admin-token = "personal-access-token" diff --git a/src/config.rs b/src/config.rs index 93ec013..234dd3b 100644 --- a/src/config.rs +++ a/src/config.rs @@ -33,7 +33,8 @@ #[serde(rename_all = "kebab-case")] pub struct GitlabConfig { pub uri: Url, - pub admin_token: String, + /// If absent personal access tokens must be provided. + pub admin_token: Option, #[serde(default = "GitlabConfig::default_token_expiry")] pub token_expiry: Duration, #[serde(default)] diff --git a/src/providers/gitlab.rs b/src/providers/gitlab.rs index 9751442..c9290f1 100644 --- a/src/providers/gitlab.rs +++ a/src/providers/gitlab.rs @@ -7,11 +7,10 @@ use percent_encoding::{utf8_percent_encode, NON_ALPHANUMERIC}; use reqwest::{header, Certificate}; use serde::{Deserialize, Serialize}; -use std::{borrow::Cow, sync::Arc}; +use std::{borrow::Cow, str::FromStr, sync::Arc}; use time::{Duration, OffsetDateTime}; use tracing::{info_span, instrument, Instrument}; use url::Url; -use std::str::FromStr; pub struct Gitlab { client: reqwest::Client, @@ -22,13 +21,13 @@ impl Gitlab { pub fn new(config: &GitlabConfig) -> anyhow::Result { - let mut headers = header::HeaderMap::new(); - headers.insert( - "PRIVATE-TOKEN", - header::HeaderValue::from_str(&config.admin_token)?, - ); - - let mut client_builder = reqwest::ClientBuilder::new().default_headers(headers); + let mut client_builder = reqwest::ClientBuilder::new(); + + if let Some(token) = &config.admin_token { + let mut headers = header::HeaderMap::new(); + headers.insert("PRIVATE-TOKEN", header::HeaderValue::from_str(token)?); + client_builder = client_builder.default_headers(headers); + } let ssl_cert = match &config.ssl_cert { Some(cert_path) => { @@ -286,7 +285,7 @@ let uri = self.base_url.join(&path.metadata_uri(version))?; let client = match &do_as.token { None => self.client.clone(), - Some(token) => self.build_client_with_token("PRIVATE-TOKEN", token)? + Some(token) => self.build_client_with_token("PRIVATE-TOKEN", token)?, }; Ok(handle_error(client.get(uri).send().await?) -- rgit 0.1.3