Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

Add OAuth2/OIDC per-user Gitea authentication
Some checks failed
docker / lint (push) Has been cancelled
Details
docker / test (push) Has been cancelled
Details
docker / docker-build (push) Has been cancelled
Details
lint / lint (push) Has been cancelled
Details
test / test (push) Has been cancelled
Details

Browse Source 
Introduce a GiteaOAuthValidator for JWT and userinfo validation and
fallbacks, add /oauth/token proxy, and thread per-user tokens through
the
request context and automation paths. Update config and .env.example for
OAuth-first mode, add OpenAPI, extensive unit/integration tests,
GitHub/Gitea CI workflows, docs, and lint/test enforcement (>=80% cov).
This commit is contained in:
Latte
2026-02-25 16:54:01 +01:00
parent a00b6a0ba2
commit 59e1ea53a8
31 changed files with 2575 additions and 660 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
src/aegis_gitea_mcp/request_context.py
View File

@@ -5,6 +5,9 @@ from __future__ import annotations
from contextvars import ContextVar
_REQUEST_ID: ContextVar[str] = ContextVar("request_id", default="-")
_GITEA_USER_TOKEN: ContextVar[str | None] = ContextVar("gitea_user_token", default=None)
_GITEA_USER_LOGIN: ContextVar[str | None] = ContextVar("gitea_user_login", default=None)
_GITEA_USER_SCOPES: ContextVar[tuple[str, ...]] = ContextVar("gitea_user_scopes", default=())
def set_request_id(request_id: str) -> None:
@@ -15,3 +18,40 @@ def set_request_id(request_id: str) -> None:
def get_request_id() -> str:
"""Get current request id from context-local state."""
return _REQUEST_ID.get()
def set_gitea_user_token(token: str) -> None:
"""Store the per-request Gitea OAuth user token in context-local state."""
_GITEA_USER_TOKEN.set(token)
def get_gitea_user_token() -> str | None:
"""Get the per-request Gitea OAuth user token from context-local state."""
return _GITEA_USER_TOKEN.get()
def set_gitea_user_login(login: str) -> None:
"""Store the authenticated Gitea username in context-local state."""
_GITEA_USER_LOGIN.set(login)
def get_gitea_user_login() -> str | None:
"""Get the authenticated Gitea username from context-local state."""
return _GITEA_USER_LOGIN.get()
def set_gitea_user_scopes(scopes: list[str] | set[str] | tuple[str, ...]) -> None:
"""Store normalized OAuth scopes for the current request."""
_GITEA_USER_SCOPES.set(tuple(sorted({scope.strip() for scope in scopes if scope.strip()})))
def get_gitea_user_scopes() -> tuple[str, ...]:
"""Get OAuth scopes attached to the current request."""
return _GITEA_USER_SCOPES.get()
def clear_gitea_auth_context() -> None:
"""Reset per-request Gitea authentication context values."""
_GITEA_USER_TOKEN.set(None)
_GITEA_USER_LOGIN.set(None)
_GITEA_USER_SCOPES.set(())