From da1c2a42e5ebf928a54fc1d21b0311a178adff4a Mon Sep 17 00:00:00 2001
From: Alex Butler <alexheretic@gmail.com>
Date: Fri, 10 Nov 2023 10:46:17 +0000
Subject: [PATCH] Make admin-token optional (#55)

---
 config.toml             |  2 ++
 src/config.rs           |  3 ++-
 src/providers/gitlab.rs | 17 ++++++++---------
 3 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/config.toml b/config.toml
index 0830a09..137c0ea 100644
--- a/config.toml
+++ b/config.toml
@@ -13,4 +13,6 @@ uri = "http://127.0.0.1:3000"
 # users and create impersonation tokens. `sudo` is used to fetch all the
 # packages the user can access, and the impersonation token is returned
 # to the user to download packages
+#
+# May be omitted if clients are using their own personal access tokens.
 admin-token = "personal-access-token"
diff --git a/src/config.rs b/src/config.rs
index 93ec013..234dd3b 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -33,7 +33,8 @@ impl FromStr for Config {
 #[serde(rename_all = "kebab-case")]
 pub struct GitlabConfig {
     pub uri: Url,
-    pub admin_token: String,
+    /// If absent personal access tokens must be provided.
+    pub admin_token: Option<String>,
     #[serde(default = "GitlabConfig::default_token_expiry")]
     pub token_expiry: Duration,
     #[serde(default)]
diff --git a/src/providers/gitlab.rs b/src/providers/gitlab.rs
index 9751442..c9290f1 100644
--- a/src/providers/gitlab.rs
+++ b/src/providers/gitlab.rs
@@ -7,11 +7,10 @@ use futures::{stream::FuturesUnordered, StreamExt, TryStreamExt};
 use percent_encoding::{utf8_percent_encode, NON_ALPHANUMERIC};
 use reqwest::{header, Certificate};
 use serde::{Deserialize, Serialize};
-use std::{borrow::Cow, sync::Arc};
+use std::{borrow::Cow, str::FromStr, sync::Arc};
 use time::{Duration, OffsetDateTime};
 use tracing::{info_span, instrument, Instrument};
 use url::Url;
-use std::str::FromStr;
 
 pub struct Gitlab {
     client: reqwest::Client,
@@ -22,13 +21,13 @@ pub struct Gitlab {
 
 impl Gitlab {
     pub fn new(config: &GitlabConfig) -> anyhow::Result<Self> {
-        let mut headers = header::HeaderMap::new();
-        headers.insert(
-            "PRIVATE-TOKEN",
-            header::HeaderValue::from_str(&config.admin_token)?,
-        );
+        let mut client_builder = reqwest::ClientBuilder::new();
 
-        let mut client_builder = reqwest::ClientBuilder::new().default_headers(headers);
+        if let Some(token) = &config.admin_token {
+            let mut headers = header::HeaderMap::new();
+            headers.insert("PRIVATE-TOKEN", header::HeaderValue::from_str(token)?);
+            client_builder = client_builder.default_headers(headers);
+        }
 
         let ssl_cert = match &config.ssl_cert {
             Some(cert_path) => {
@@ -286,7 +285,7 @@ impl super::PackageProvider for Gitlab {
         let uri = self.base_url.join(&path.metadata_uri(version))?;
         let client = match &do_as.token {
             None => self.client.clone(),
-            Some(token) => self.build_client_with_token("PRIVATE-TOKEN", token)?
+            Some(token) => self.build_client_with_token("PRIVATE-TOKEN", token)?,
         };
 
         Ok(handle_error(client.get(uri).send().await?)
--
libgit2 1.7.2