discourse/lib/onebox/engine/github_blob_onebox.rb
Martin Brennan 97e2b353f6
FEATURE: Allow for multiple GitHub onebox tokens (#27887)
Followup 560e8aff75

GitHub auth tokens cannot be made with permissions to
access multiple organisations. This is quite limiting.
This commit changes the site setting to be a "secret list"
type, which allows for a key/value mapping where the value
is treated like a password in the UI.

Now when a GitHub URL is requested for oneboxing, the
org name from the URL is used to determine which token
to use for the request.

Just in case anyone used the old site setting already,
there is a migration to create a `default` entry
with that token in the new list setting, and for
a period of time we will consider that token valid to
use for all GitHub oneboxes as well.
2024-07-15 13:07:36 +10:00

48 lines
1.2 KiB
Ruby

# frozen_string_literal: true
require_relative "../mixins/git_blob_onebox"
require_relative "../mixins/github_auth_header"
module Onebox
module Engine
class GithubBlobOnebox
include Onebox::Mixins::GithubAuthHeader
def self.git_regexp
%r{^https?://(www\.)?github\.com.*/blob/}
end
def self.onebox_name
"githubblob"
end
include Onebox::Mixins::GitBlobOnebox
def i18n
{
binary_file: I18n.t("onebox.github.binary_file"),
truncated_file: I18n.t("onebox.github.truncated_file"),
show_original: I18n.t("onebox.github.show_original"),
requires_iframe: I18n.t("onebox.github.requires_iframe"),
}
end
def raw_regexp
%r{github\.com/(?<org>[^/]+)/(?<repo>[^/]+)/blob/(?<sha1>[^/]+)/(?<file>[^#]+)(#(L(?<from>[^-]*)(-L(?<to>.*))?))?}mi
end
def raw_template(match)
"https://raw.githubusercontent.com/#{match[:org]}/#{match[:repo]}/#{match[:sha1]}/#{match[:file]}"
end
def title
Sanitize.fragment(Onebox::Helpers.uri_unencode(link).sub(%r{^https?\://github\.com/}, ""))
end
def auth_headers(match)
github_auth_header(match[:org])
end
end
end
end