aniani/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-05-18 00:49:09 -04:00
Code

feat: check runner token

Browse Source
This commit is contained in:
Jason Song 2022-11-15 11:56:58 +08:00
parent 9c6476754d
commit 94241daaaa
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
routers/api/bots/runner/unary.go
View File

@ -6,6 +6,7 @@ package runner
import (
"context"
"crypto/subtle"
"strings"
bots_model "code.gitea.io/gitea/models/bots"
@ -21,6 +22,7 @@ import (
const (
runnerOnlineTimeDeltaSecs = 30
uuidHeaderKey = "x-runner-uuid"
tokenHeaderKey = "x-runner-token"
)
var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unaryFunc connect.UnaryFunc) connect.UnaryFunc {
@ -29,6 +31,7 @@ var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unar
return unaryFunc(ctx, request)
}
uuid := request.Header().Get(uuidHeaderKey)
token := request.Header().Get(tokenHeaderKey)
runner, err := bots_model.GetRunnerByUUID(uuid)
if err != nil {
if _, ok := err.(bots_model.ErrRunnerNotExist); ok {
@ -36,6 +39,9 @@ var WithRunner = connect.WithInterceptors(connect.UnaryInterceptorFunc(func(unar
}
return nil, status.Error(codes.Internal, err.Error())
}
if subtle.ConstantTimeCompare([]byte(token), []byte(runner.Token)) != 1 {
return nil, status.Error(codes.Unauthenticated, "unregistered runner")
}
// update runner online status
if runner.Status == runnerv1.RunnerStatus_RUNNER_STATUS_OFFLINE {