diff --git a/cmd/keys.go b/cmd/keys.go
index 39153c7cb7..c0818fd2d2 100644
--- a/cmd/keys.go
+++ b/cmd/keys.go
@@ -9,7 +9,7 @@ import (
"fmt"
"strings"
- "code.gitea.io/gitea/models"
+ "code.gitea.io/gitea/modules/private"
"github.com/urfave/cli"
)
@@ -62,14 +62,12 @@ func runKeys(c *cli.Context) error {
return errors.New("No key type and content provided")
}
- if err := initDBDisableConsole(true); err != nil {
- return err
- }
+ setup("keys.log")
- publicKey, err := models.SearchPublicKeyByContent(content)
+ authorizedString, err := private.AuthorizedPublicKeyByContent(content)
if err != nil {
return err
}
- fmt.Println(publicKey.AuthorizedString())
+ fmt.Println(strings.TrimSpace(authorizedString))
return nil
}
diff --git a/docs/content/doc/usage/command-line.en-us.md b/docs/content/doc/usage/command-line.en-us.md
index 6b0cfae3ba..0f7b4f61a2 100644
--- a/docs/content/doc/usage/command-line.en-us.md
+++ b/docs/content/doc/usage/command-line.en-us.md
@@ -281,6 +281,7 @@ provided key. You should also set the value
NB: opensshd requires the gitea program to be owned by root and not
writable by group or others. The program must be specified by an absolute
path.
+NB: Gitea must be running for this command to succeed.
#### migrate
Migrates the database. This command can be used to run other commands before starting the server for the first time.
diff --git a/integrations/cmd_keys_test.go b/integrations/cmd_keys_test.go
index 4294c31990..c97a9ffe43 100644
--- a/integrations/cmd_keys_test.go
+++ b/integrations/cmd_keys_test.go
@@ -8,6 +8,7 @@ import (
"bytes"
"flag"
"io"
+ "net/url"
"os"
"testing"
@@ -18,45 +19,45 @@ import (
)
func Test_CmdKeys(t *testing.T) {
- defer prepareTestEnv(t)()
+ onGiteaRun(t, func(*testing.T, *url.URL) {
+ tests := []struct {
+ name string
+ args []string
+ wantErr bool
+ expectedOutput string
+ }{
+ {"test_empty_1", []string{"keys", "--username=git", "--type=test", "--content=test"}, true, ""},
+ {"test_empty_2", []string{"keys", "-e", "git", "-u", "git", "-t", "test", "-k", "test"}, true, ""},
+ {"with_key",
+ []string{"keys", "-e", "git", "-u", "git", "-t", "ssh-rsa", "-k", "AAAAB3NzaC1yc2EAAAADAQABAAABgQDWVj0fQ5N8wNc0LVNA41wDLYJ89ZIbejrPfg/avyj3u/ZohAKsQclxG4Ju0VirduBFF9EOiuxoiFBRr3xRpqzpsZtnMPkWVWb+akZwBFAx8p+jKdy4QXR/SZqbVobrGwip2UjSrri1CtBxpJikojRIZfCnDaMOyd9Jp6KkujvniFzUWdLmCPxUE9zhTaPu0JsEP7MW0m6yx7ZUhHyfss+NtqmFTaDO+QlMR7L2QkDliN2Jl3Xa3PhuWnKJfWhdAq1Cw4oraKUOmIgXLkuiuxVQ6mD3AiFupkmfqdHq6h+uHHmyQqv3gU+/sD8GbGAhf6ftqhTsXjnv1Aj4R8NoDf9BS6KRkzkeun5UisSzgtfQzjOMEiJtmrep2ZQrMGahrXa+q4VKr0aKJfm+KlLfwm/JztfsBcqQWNcTURiCFqz+fgZw0Ey/de0eyMzldYTdXXNRYCKjs9bvBK+6SSXRM7AhftfQ0ZuoW5+gtinPrnmoOaSCEJbAiEiTO/BzOHgowiM="},
+ false,
+ "# gitea public key\ncommand=\"" + setting.AppPath + " --config='" + setting.CustomConf + "' serv key-1\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDWVj0fQ5N8wNc0LVNA41wDLYJ89ZIbejrPfg/avyj3u/ZohAKsQclxG4Ju0VirduBFF9EOiuxoiFBRr3xRpqzpsZtnMPkWVWb+akZwBFAx8p+jKdy4QXR/SZqbVobrGwip2UjSrri1CtBxpJikojRIZfCnDaMOyd9Jp6KkujvniFzUWdLmCPxUE9zhTaPu0JsEP7MW0m6yx7ZUhHyfss+NtqmFTaDO+QlMR7L2QkDliN2Jl3Xa3PhuWnKJfWhdAq1Cw4oraKUOmIgXLkuiuxVQ6mD3AiFupkmfqdHq6h+uHHmyQqv3gU+/sD8GbGAhf6ftqhTsXjnv1Aj4R8NoDf9BS6KRkzkeun5UisSzgtfQzjOMEiJtmrep2ZQrMGahrXa+q4VKr0aKJfm+KlLfwm/JztfsBcqQWNcTURiCFqz+fgZw0Ey/de0eyMzldYTdXXNRYCKjs9bvBK+6SSXRM7AhftfQ0ZuoW5+gtinPrnmoOaSCEJbAiEiTO/BzOHgowiM= user2@localhost\n",
+ },
+ {"invalid", []string{"keys", "--not-a-flag=git"}, true, "Incorrect Usage: flag provided but not defined: -not-a-flag\n\n"},
+ }
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ realStdout := os.Stdout //Backup Stdout
+ r, w, _ := os.Pipe()
+ os.Stdout = w
- tests := []struct {
- name string
- args []string
- wantErr bool
- expectedOutput string
- }{
- {"test_empty_1", []string{"keys", "--username=git", "--type=test", "--content=test"}, true, ""},
- {"test_empty_2", []string{"keys", "-e", "git", "-u", "git", "-t", "test", "-k", "test"}, true, ""},
- {"with_key",
- []string{"keys", "-e", "git", "-u", "git", "-t", "ssh-rsa", "-k", "AAAAB3NzaC1yc2EAAAADAQABAAABgQDWVj0fQ5N8wNc0LVNA41wDLYJ89ZIbejrPfg/avyj3u/ZohAKsQclxG4Ju0VirduBFF9EOiuxoiFBRr3xRpqzpsZtnMPkWVWb+akZwBFAx8p+jKdy4QXR/SZqbVobrGwip2UjSrri1CtBxpJikojRIZfCnDaMOyd9Jp6KkujvniFzUWdLmCPxUE9zhTaPu0JsEP7MW0m6yx7ZUhHyfss+NtqmFTaDO+QlMR7L2QkDliN2Jl3Xa3PhuWnKJfWhdAq1Cw4oraKUOmIgXLkuiuxVQ6mD3AiFupkmfqdHq6h+uHHmyQqv3gU+/sD8GbGAhf6ftqhTsXjnv1Aj4R8NoDf9BS6KRkzkeun5UisSzgtfQzjOMEiJtmrep2ZQrMGahrXa+q4VKr0aKJfm+KlLfwm/JztfsBcqQWNcTURiCFqz+fgZw0Ey/de0eyMzldYTdXXNRYCKjs9bvBK+6SSXRM7AhftfQ0ZuoW5+gtinPrnmoOaSCEJbAiEiTO/BzOHgowiM="},
- false,
- "# gitea public key\ncommand=\"" + setting.AppPath + " --config='" + setting.CustomConf + "' serv key-1\",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDWVj0fQ5N8wNc0LVNA41wDLYJ89ZIbejrPfg/avyj3u/ZohAKsQclxG4Ju0VirduBFF9EOiuxoiFBRr3xRpqzpsZtnMPkWVWb+akZwBFAx8p+jKdy4QXR/SZqbVobrGwip2UjSrri1CtBxpJikojRIZfCnDaMOyd9Jp6KkujvniFzUWdLmCPxUE9zhTaPu0JsEP7MW0m6yx7ZUhHyfss+NtqmFTaDO+QlMR7L2QkDliN2Jl3Xa3PhuWnKJfWhdAq1Cw4oraKUOmIgXLkuiuxVQ6mD3AiFupkmfqdHq6h+uHHmyQqv3gU+/sD8GbGAhf6ftqhTsXjnv1Aj4R8NoDf9BS6KRkzkeun5UisSzgtfQzjOMEiJtmrep2ZQrMGahrXa+q4VKr0aKJfm+KlLfwm/JztfsBcqQWNcTURiCFqz+fgZw0Ey/de0eyMzldYTdXXNRYCKjs9bvBK+6SSXRM7AhftfQ0ZuoW5+gtinPrnmoOaSCEJbAiEiTO/BzOHgowiM= user2@localhost\n\n",
- },
- {"invalid", []string{"keys", "--not-a-flag=git"}, true, "Incorrect Usage: flag provided but not defined: -not-a-flag\n\n"},
- }
- for _, tt := range tests {
- t.Run(tt.name, func(t *testing.T) {
- realStdout := os.Stdout //Backup Stdout
- r, w, _ := os.Pipe()
- os.Stdout = w
-
- set := flag.NewFlagSet("keys", 0)
- _ = set.Parse(tt.args)
- context := cli.NewContext(&cli.App{Writer: os.Stdout}, set, nil)
- err := cmd.CmdKeys.Run(context)
- if (err != nil) != tt.wantErr {
- t.Errorf("CmdKeys.Run() error = %v, wantErr %v", err, tt.wantErr)
- }
- w.Close()
- var buf bytes.Buffer
- io.Copy(&buf, r)
- commandOutput := buf.String()
- if tt.expectedOutput != commandOutput {
- t.Errorf("expectedOutput: %#v, commandOutput: %#v", tt.expectedOutput, commandOutput)
- }
- //Restore stdout
- os.Stdout = realStdout
- })
- }
+ set := flag.NewFlagSet("keys", 0)
+ _ = set.Parse(tt.args)
+ context := cli.NewContext(&cli.App{Writer: os.Stdout}, set, nil)
+ err := cmd.CmdKeys.Run(context)
+ if (err != nil) != tt.wantErr {
+ t.Errorf("CmdKeys.Run() error = %v, wantErr %v", err, tt.wantErr)
+ }
+ w.Close()
+ var buf bytes.Buffer
+ io.Copy(&buf, r)
+ commandOutput := buf.String()
+ if tt.expectedOutput != commandOutput {
+ t.Errorf("expectedOutput: %#v, commandOutput: %#v", tt.expectedOutput, commandOutput)
+ }
+ //Restore stdout
+ os.Stdout = realStdout
+ })
+ }
+ })
}
diff --git a/modules/private/key.go b/modules/private/key.go
index ebc28eb871..40e1c492f8 100644
--- a/modules/private/key.go
+++ b/modules/private/key.go
@@ -6,6 +6,8 @@ package private
import (
"fmt"
+ "io/ioutil"
+ "net/http"
"code.gitea.io/gitea/modules/setting"
)
@@ -27,3 +29,26 @@ func UpdatePublicKeyInRepo(keyID, repoID int64) error {
}
return nil
}
+
+// AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
+// and returns public key found.
+func AuthorizedPublicKeyByContent(content string) (string, error) {
+ // Ask for running deliver hook and test pull request tasks.
+ reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/authorized_keys")
+ req := newInternalRequest(reqURL, "POST")
+ req.Param("content", content)
+ resp, err := req.Response()
+ if err != nil {
+ return "", err
+ }
+
+ defer resp.Body.Close()
+
+ // All 2XX status codes are accepted and others will return an error
+ if resp.StatusCode != http.StatusOK {
+ return "", fmt.Errorf("Failed to update public key: %s", decodeJSONError(resp).Err)
+ }
+ bs, err := ioutil.ReadAll(resp.Body)
+
+ return string(bs), err
+}
diff --git a/routers/private/internal.go b/routers/private/internal.go
index 3a48f5384d..cfbad19678 100644
--- a/routers/private/internal.go
+++ b/routers/private/internal.go
@@ -76,6 +76,7 @@ func CheckUnitUser(ctx *macaron.Context) {
// These APIs will be invoked by internal commands for example `gitea serv` and etc.
func RegisterRoutes(m *macaron.Macaron) {
m.Group("/", func() {
+ m.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent)
m.Post("/ssh/:id/update/:repoid", UpdatePublicKeyInRepo)
m.Get("/hook/pre-receive/:owner/:repo", HookPreReceive)
m.Get("/hook/post-receive/:owner/:repo", HookPostReceive)
diff --git a/routers/private/key.go b/routers/private/key.go
index dcf597d6ba..c00330fe88 100644
--- a/routers/private/key.go
+++ b/routers/private/key.go
@@ -6,6 +6,8 @@
package private
import (
+ "net/http"
+
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/timeutil"
@@ -17,7 +19,7 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
keyID := ctx.ParamsInt64(":id")
repoID := ctx.ParamsInt64(":repoid")
if err := models.UpdatePublicKeyUpdated(keyID); err != nil {
- ctx.JSON(500, map[string]interface{}{
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
"err": err.Error(),
})
return
@@ -29,18 +31,33 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
ctx.PlainText(200, []byte("success"))
return
}
- ctx.JSON(500, map[string]interface{}{
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
"err": err.Error(),
})
return
}
deployKey.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
- ctx.JSON(500, map[string]interface{}{
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
"err": err.Error(),
})
return
}
- ctx.PlainText(200, []byte("success"))
+ ctx.PlainText(http.StatusOK, []byte("success"))
+}
+
+// AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
+// and returns public key found.
+func AuthorizedPublicKeyByContent(ctx *macaron.Context) {
+ content := ctx.Query("content")
+
+ publicKey, err := models.SearchPublicKeyByContent(content)
+ if err != nil {
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
+ "err": err.Error(),
+ })
+ return
+ }
+ ctx.PlainText(http.StatusOK, []byte(publicKey.AuthorizedString()))
}