mirror/hatchet
1
0
Fork 0
mirror of https://github.com/hatchet-dev/hatchet.git synced 2025-12-30 13:19:44 -06:00
Code Issues Packages Projects Releases Wiki Activity

feat: add github sso to dashboard (#373)

Browse Source
This commit is contained in:
abelanger5
2024-04-11 12:32:12 -07:00
committed by GitHub
parent a5a2629674
commit f16a9cd0dc
22 changed files with 1328 additions and 195 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api-contracts/openapi/openapi.yaml
View File

@@ -38,6 +38,10 @@ paths:
$ref: "./paths/user/user.yaml#/oauth-start-github"
/api/v1/users/github/callback:
$ref: "./paths/user/user.yaml#/oauth-callback-github"
/api/v1/users/github-app/start:
$ref: "./paths/user/user.yaml#/oauth-start-github-app"
/api/v1/users/github-app/callback:
$ref: "./paths/user/user.yaml#/oauth-callback-github-app"
/api/v1/github/webhook:
$ref: "./paths/github-app/github-app.yaml#/globalWebhook"
/api/v1/github/webhook/{webhook}:

38
api-contracts/openapi/paths/user/user.yaml
View File

@@ -188,10 +188,7 @@ oauth-start-github:
location:
schema:
type: string
# Note that the security scheme requires cookies, because this endpoint is for linking
# a GitHub account to an existing user account.
security:
- cookieAuth: []
security: []
summary: Start OAuth flow
tags:
- User
@@ -199,6 +196,39 @@ oauth-callback-github:
get:
description: Completes the OAuth flow
operationId: user:update:github-oauth-callback
responses:
"302":
description: Successfully completed the OAuth flow
headers:
location:
schema:
type: string
security: []
summary: Complete OAuth flow
tags:
- User
oauth-start-github-app:
get:
description: Starts the OAuth flow
operationId: user:update:github-app-oauth-start
responses:
"302":
description: Successfully started the OAuth flow
headers:
location:
schema:
type: string
# Note that the security scheme requires cookies, because this endpoint is for linking
# a GitHub account to an existing user account.
security:
- cookieAuth: []
summary: Start OAuth flow
tags:
- User
oauth-callback-github-app:
get:
description: Completes the OAuth flow
operationId: user:update:github-app-oauth-callback
responses:
"302":
description: Successfully completed the OAuth flow

6
api/v1/server/handlers/github-app/oauth_callback.go
View File

@@ -14,7 +14,7 @@ import (
)
// Note: we want all errors to redirect, otherwise the user will be greeted with raw JSON in the middle of the login flow.
func (g *GithubAppService) UserUpdateGithubOauthCallback(ctx echo.Context, _ gen.UserUpdateGithubOauthCallbackRequestObject) (gen.UserUpdateGithubOauthCallbackResponseObject, error) {
func (g *GithubAppService) UserUpdateGithubAppOauthCallback(ctx echo.Context, _ gen.UserUpdateGithubAppOauthCallbackRequestObject) (gen.UserUpdateGithubAppOauthCallbackResponseObject, error) {
user := ctx.Get("user").(*db.UserModel)
ghApp, err := GetGithubAppConfig(g.config)
@@ -86,8 +86,8 @@ func (g *GithubAppService) UserUpdateGithubOauthCallback(ctx echo.Context, _ gen
url = "/"
}
return gen.UserUpdateGithubOauthCallback302Response{
Headers: gen.UserUpdateGithubOauthCallback302ResponseHeaders{
return gen.UserUpdateGithubAppOauthCallback302Response{
Headers: gen.UserUpdateGithubAppOauthCallback302ResponseHeaders{
Location: url,
},
}, nil

6
api/v1/server/handlers/github-app/oauth_start.go
View File

@@ -9,7 +9,7 @@ import (
)
// Note: we want all errors to redirect, otherwise the user will be greeted with raw JSON in the middle of the login flow.
func (g *GithubAppService) UserUpdateGithubOauthStart(ctx echo.Context, _ gen.UserUpdateGithubOauthStartRequestObject) (gen.UserUpdateGithubOauthStartResponseObject, error) {
func (g *GithubAppService) UserUpdateGithubAppOauthStart(ctx echo.Context, _ gen.UserUpdateGithubAppOauthStartRequestObject) (gen.UserUpdateGithubAppOauthStartResponseObject, error) {
ghApp, err := GetGithubAppConfig(g.config)
if err != nil {
@@ -24,8 +24,8 @@ func (g *GithubAppService) UserUpdateGithubOauthStart(ctx echo.Context, _ gen.Us
url := ghApp.AuthCodeURL(state, oauth2.AccessTypeOffline)
return gen.UserUpdateGithubOauthStart302Response{
Headers: gen.UserUpdateGithubOauthStart302ResponseHeaders{
return gen.UserUpdateGithubAppOauthStart302Response{
Headers: gen.UserUpdateGithubAppOauthStart302ResponseHeaders{
Location: url,
},
}, nil

4
api/v1/server/handlers/metadata/get.go
View File

@@ -17,6 +17,10 @@ func (u *MetadataService) MetadataGet(ctx echo.Context, request gen.MetadataGetR
authTypes = append(authTypes, "google")
}
if u.config.Auth.ConfigFile.Github.Enabled {
authTypes = append(authTypes, "github")
}
meta := gen.APIMeta{
Auth: &gen.APIMetaAuth{
Schemes: &authTypes,

11
api/v1/server/handlers/users/create.go
View File

@@ -2,7 +2,6 @@ package users
import (
"errors"
"strings"
"github.com/labstack/echo/v4"
@@ -24,15 +23,7 @@ func (u *UserService) UserCreate(ctx echo.Context, request gen.UserCreateRequest
}
// check restricted email group
// parse domain from email
// make sure there's only one @ in the email
if strings.Count(string(request.Body.Email), "@") != 1 {
return nil, errors.New("invalid email")
}
domain := strings.Split(string(request.Body.Email), "@")[1]
if err := u.checkUserRestrictions(u.config, domain); err != nil {
if err := u.checkUserRestrictionsForEmail(u.config, string(request.Body.Email)); err != nil {
return nil, err
}

186
api/v1/server/handlers/users/github_oauth_callback.go Normal file
View File

@@ -0,0 +1,186 @@
package users
import (
"context"
"errors"
"fmt"
githubsdk "github.com/google/go-github/v57/github"
"github.com/labstack/echo/v4"
"golang.org/x/oauth2"
"github.com/hatchet-dev/hatchet/api/v1/server/authn"
"github.com/hatchet-dev/hatchet/api/v1/server/oas/gen"
"github.com/hatchet-dev/hatchet/internal/config/server"
"github.com/hatchet-dev/hatchet/internal/repository"
"github.com/hatchet-dev/hatchet/internal/repository/prisma/db"
)
// Note: we want all errors to redirect, otherwise the user will be greeted with raw JSON in the middle of the login flow.
func (u *UserService) UserUpdateGithubOauthCallback(ctx echo.Context, _ gen.UserUpdateGithubOauthCallbackRequestObject) (gen.UserUpdateGithubOauthCallbackResponseObject, error) {
isValid, _, err := authn.NewSessionHelpers(u.config).ValidateOAuthState(ctx, "github")
if err != nil || !isValid {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Could not log in. Please try again and make sure cookies are enabled.")
}
token, err := u.config.Auth.GithubOAuthConfig.Exchange(context.Background(), ctx.Request().URL.Query().Get("code"))
if err != nil {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Forbidden")
}
if !token.Valid() {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, fmt.Errorf("invalid token"), "Forbidden")
}
user, err := u.upsertGithubUserFromToken(u.config, token)
if err != nil {
if errors.Is(err, ErrGithubNotVerified) {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Please verify your email on Github.")
}
if errors.Is(err, ErrGithubNoEmail) {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Github user must have an email.")
}
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Internal error.")
}
err = authn.NewSessionHelpers(u.config).SaveAuthenticated(ctx, user)
if err != nil {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Internal error.")
}
return gen.UserUpdateGithubOauthCallback302Response{
Headers: gen.UserUpdateGithubOauthCallback302ResponseHeaders{
Location: u.config.Runtime.ServerURL,
},
}, nil
}
func (u *UserService) upsertGithubUserFromToken(config *server.ServerConfig, tok *oauth2.Token) (*db.UserModel, error) {
gInfo, err := u.getGithubEmailFromToken(tok)
if err != nil {
return nil, err
}
if err := u.checkUserRestrictionsForEmail(config, gInfo.Email); err != nil {
return nil, err
}
expiresAt := tok.Expiry
// use the encryption service to encrypt the access and refresh token
accessTokenEncrypted, err := config.Encryption.Encrypt([]byte(tok.AccessToken), "github_access_token")
if err != nil {
return nil, fmt.Errorf("failed to encrypt access token: %s", err.Error())
}
refreshTokenEncrypted, err := config.Encryption.Encrypt([]byte(tok.RefreshToken), "github_refresh_token")
if err != nil {
return nil, fmt.Errorf("failed to encrypt refresh token: %s", err.Error())
}
oauthOpts := &repository.OAuthOpts{
Provider: "github",
ProviderUserId: gInfo.ID,
AccessToken: accessTokenEncrypted,
RefreshToken: &refreshTokenEncrypted,
ExpiresAt: &expiresAt,
}
user, err := u.config.APIRepository.User().GetUserByEmail(gInfo.Email)
switch err {
case nil:
user, err = u.config.APIRepository.User().UpdateUser(user.ID, &repository.UpdateUserOpts{
EmailVerified: repository.BoolPtr(gInfo.EmailVerified),
Name: repository.StringPtr(gInfo.Name),
OAuth: oauthOpts,
})
if err != nil {
return nil, fmt.Errorf("failed to update user: %s", err.Error())
}
case db.ErrNotFound:
user, err = u.config.APIRepository.User().CreateUser(&repository.CreateUserOpts{
Email: gInfo.Email,
EmailVerified: repository.BoolPtr(gInfo.EmailVerified),
Name: repository.StringPtr(gInfo.Name),
OAuth: oauthOpts,
})
if err != nil {
return nil, fmt.Errorf("failed to create user: %s", err.Error())
}
default:
return nil, fmt.Errorf("failed to get user: %s", err.Error())
}
return user, nil
}
var ErrGithubNotVerified = fmt.Errorf("Please verify your email on Github")
var ErrGithubNoEmail = fmt.Errorf("Github user must have an email")
type githubInfo struct {
Email string
EmailVerified bool
Name string
ID string
}
func (u *UserService) getGithubEmailFromToken(tok *oauth2.Token) (*githubInfo, error) {
client := githubsdk.NewClient(u.config.Auth.GithubOAuthConfig.Client(context.Background(), tok))
user, _, err := client.Users.Get(context.Background(), "")
if err != nil {
return nil, err
}
emails, _, err := client.Users.ListEmails(context.Background(), &githubsdk.ListOptions{})
if err != nil {
return nil, err
}
primary := ""
verified := false
// get the primary email
for _, email := range emails {
if email.GetPrimary() {
primary = email.GetEmail()
verified = email.GetVerified()
break
}
}
if primary == "" {
return nil, ErrGithubNoEmail
}
if !verified {
return nil, ErrGithubNotVerified
}
id := user.GetID()
if id == 0 {
return nil, fmt.Errorf("Github user has no ID")
}
return &githubInfo{
Email: primary,
EmailVerified: verified,
Name: user.GetName(),
ID: fmt.Sprintf("%d", id),
}, nil
}

25
api/v1/server/handlers/users/github_oauth_start.go Normal file
View File

@@ -0,0 +1,25 @@
package users
import (
"github.com/labstack/echo/v4"
"github.com/hatchet-dev/hatchet/api/v1/server/authn"
"github.com/hatchet-dev/hatchet/api/v1/server/oas/gen"
)
// Note: we want all errors to redirect, otherwise the user will be greeted with raw JSON in the middle of the login flow.
func (u *UserService) UserUpdateGithubOauthStart(ctx echo.Context, _ gen.UserUpdateGithubOauthStartRequestObject) (gen.UserUpdateGithubOauthStartResponseObject, error) {
state, err := authn.NewSessionHelpers(u.config).SaveOAuthState(ctx, "github")
if err != nil {
return nil, authn.GetRedirectWithError(ctx, u.config.Logger, err, "Could not get cookie. Please make sure cookies are enabled.")
}
url := u.config.Auth.GithubOAuthConfig.AuthCodeURL(state)
return gen.UserUpdateGithubOauthStart302Response{
Headers: gen.UserUpdateGithubOauthStart302ResponseHeaders{
Location: url,
},
}, nil
}

18
api/v1/server/handlers/users/service.go
View File

@@ -1,7 +1,9 @@
package users
import (
"errors"
"fmt"
"strings"
"github.com/hatchet-dev/hatchet/internal/config/server"
)
@@ -16,6 +18,22 @@ func NewUserService(config *server.ServerConfig) *UserService {
}
}
func (u *UserService) checkUserRestrictionsForEmail(conf *server.ServerConfig, email string) error {
if len(conf.Auth.ConfigFile.RestrictedEmailDomains) == 0 {
return nil
}
// parse domain from email
// make sure there's only one @ in the email
if strings.Count(email, "@") != 1 {
return errors.New("invalid email")
}
domain := strings.Split(email, "@")[1]
return u.checkUserRestrictions(conf, domain)
}
func (u *UserService) checkUserRestrictions(conf *server.ServerConfig, emailDomain string) error {
if len(conf.Auth.ConfigFile.RestrictedEmailDomains) == 0 {
return nil

376
api/v1/server/oas/gen/openapi.gen.go
View File

@@ -1109,6 +1109,12 @@ type ServerInterface interface {
// (GET /api/v1/users/current)
UserGetCurrent(ctx echo.Context) error
// Complete OAuth flow
// (GET /api/v1/users/github-app/callback)
UserUpdateGithubAppOauthCallback(ctx echo.Context) error
// Start OAuth flow
// (GET /api/v1/users/github-app/start)
UserUpdateGithubAppOauthStart(ctx echo.Context) error
// Complete OAuth flow
// (GET /api/v1/users/github/callback)
UserUpdateGithubOauthCallback(ctx echo.Context) error
// Start OAuth flow
@@ -2110,12 +2116,32 @@ func (w *ServerInterfaceWrapper) UserGetCurrent(ctx echo.Context) error {
return err
}
// UserUpdateGithubOauthCallback converts echo context to params.
func (w *ServerInterfaceWrapper) UserUpdateGithubOauthCallback(ctx echo.Context) error {
// UserUpdateGithubAppOauthCallback converts echo context to params.
func (w *ServerInterfaceWrapper) UserUpdateGithubAppOauthCallback(ctx echo.Context) error {
var err error
ctx.Set(CookieAuthScopes, []string{})
// Invoke the callback with all the unmarshaled arguments
err = w.Handler.UserUpdateGithubAppOauthCallback(ctx)
return err
}
// UserUpdateGithubAppOauthStart converts echo context to params.
func (w *ServerInterfaceWrapper) UserUpdateGithubAppOauthStart(ctx echo.Context) error {
var err error
ctx.Set(CookieAuthScopes, []string{})
// Invoke the callback with all the unmarshaled arguments
err = w.Handler.UserUpdateGithubAppOauthStart(ctx)
return err
}
// UserUpdateGithubOauthCallback converts echo context to params.
func (w *ServerInterfaceWrapper) UserUpdateGithubOauthCallback(ctx echo.Context) error {
var err error
// Invoke the callback with all the unmarshaled arguments
err = w.Handler.UserUpdateGithubOauthCallback(ctx)
return err
@@ -2125,8 +2151,6 @@ func (w *ServerInterfaceWrapper) UserUpdateGithubOauthCallback(ctx echo.Context)
func (w *ServerInterfaceWrapper) UserUpdateGithubOauthStart(ctx echo.Context) error {
var err error
ctx.Set(CookieAuthScopes, []string{})
// Invoke the callback with all the unmarshaled arguments
err = w.Handler.UserUpdateGithubOauthStart(ctx)
return err
@@ -2508,6 +2532,8 @@ func RegisterHandlersWithBaseURL(router EchoRouter, si ServerInterface, baseURL
router.GET(baseURL+"/api/v1/tenants/:tenant/workflows", wrapper.WorkflowList)
router.GET(baseURL+"/api/v1/tenants/:tenant/workflows/runs", wrapper.WorkflowRunList)
router.GET(baseURL+"/api/v1/users/current", wrapper.UserGetCurrent)
router.GET(baseURL+"/api/v1/users/github-app/callback", wrapper.UserUpdateGithubAppOauthCallback)
router.GET(baseURL+"/api/v1/users/github-app/start", wrapper.UserUpdateGithubAppOauthStart)
router.GET(baseURL+"/api/v1/users/github/callback", wrapper.UserUpdateGithubOauthCallback)
router.GET(baseURL+"/api/v1/users/github/start", wrapper.UserUpdateGithubOauthStart)
router.GET(baseURL+"/api/v1/users/google/callback", wrapper.UserUpdateGoogleOauthCallback)
@@ -3974,6 +4000,48 @@ func (response UserGetCurrent405JSONResponse) VisitUserGetCurrentResponse(w http
return json.NewEncoder(w).Encode(response)
}
type UserUpdateGithubAppOauthCallbackRequestObject struct {
}
type UserUpdateGithubAppOauthCallbackResponseObject interface {
VisitUserUpdateGithubAppOauthCallbackResponse(w http.ResponseWriter) error
}
type UserUpdateGithubAppOauthCallback302ResponseHeaders struct {
Location string
}
type UserUpdateGithubAppOauthCallback302Response struct {
Headers UserUpdateGithubAppOauthCallback302ResponseHeaders
}
func (response UserUpdateGithubAppOauthCallback302Response) VisitUserUpdateGithubAppOauthCallbackResponse(w http.ResponseWriter) error {
w.Header().Set("location", fmt.Sprint(response.Headers.Location))
w.WriteHeader(302)
return nil
}
type UserUpdateGithubAppOauthStartRequestObject struct {
}
type UserUpdateGithubAppOauthStartResponseObject interface {
VisitUserUpdateGithubAppOauthStartResponse(w http.ResponseWriter) error
}
type UserUpdateGithubAppOauthStart302ResponseHeaders struct {
Location string
}
type UserUpdateGithubAppOauthStart302Response struct {
Headers UserUpdateGithubAppOauthStart302ResponseHeaders
}
func (response UserUpdateGithubAppOauthStart302Response) VisitUserUpdateGithubAppOauthStartResponse(w http.ResponseWriter) error {
w.Header().Set("location", fmt.Sprint(response.Headers.Location))
w.WriteHeader(302)
return nil
}
type UserUpdateGithubOauthCallbackRequestObject struct {
}
@@ -4787,6 +4855,10 @@ type StrictServerInterface interface {
UserGetCurrent(ctx echo.Context, request UserGetCurrentRequestObject) (UserGetCurrentResponseObject, error)
UserUpdateGithubAppOauthCallback(ctx echo.Context, request UserUpdateGithubAppOauthCallbackRequestObject) (UserUpdateGithubAppOauthCallbackResponseObject, error)
UserUpdateGithubAppOauthStart(ctx echo.Context, request UserUpdateGithubAppOauthStartRequestObject) (UserUpdateGithubAppOauthStartResponseObject, error)
UserUpdateGithubOauthCallback(ctx echo.Context, request UserUpdateGithubOauthCallbackRequestObject) (UserUpdateGithubOauthCallbackResponseObject, error)
UserUpdateGithubOauthStart(ctx echo.Context, request UserUpdateGithubOauthStartRequestObject) (UserUpdateGithubOauthStartResponseObject, error)
@@ -5861,6 +5933,52 @@ func (sh *strictHandler) UserGetCurrent(ctx echo.Context) error {
return nil
}
// UserUpdateGithubAppOauthCallback operation middleware
func (sh *strictHandler) UserUpdateGithubAppOauthCallback(ctx echo.Context) error {
var request UserUpdateGithubAppOauthCallbackRequestObject
handler := func(ctx echo.Context, request interface{}) (interface{}, error) {
return sh.ssi.UserUpdateGithubAppOauthCallback(ctx, request.(UserUpdateGithubAppOauthCallbackRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "UserUpdateGithubAppOauthCallback")
}
response, err := handler(ctx, request)
if err != nil {
return err
} else if validResponse, ok := response.(UserUpdateGithubAppOauthCallbackResponseObject); ok {
return validResponse.VisitUserUpdateGithubAppOauthCallbackResponse(ctx.Response())
} else if response != nil {
return fmt.Errorf("Unexpected response type: %T", response)
}
return nil
}
// UserUpdateGithubAppOauthStart operation middleware
func (sh *strictHandler) UserUpdateGithubAppOauthStart(ctx echo.Context) error {
var request UserUpdateGithubAppOauthStartRequestObject
handler := func(ctx echo.Context, request interface{}) (interface{}, error) {
return sh.ssi.UserUpdateGithubAppOauthStart(ctx, request.(UserUpdateGithubAppOauthStartRequestObject))
}
for _, middleware := range sh.middlewares {
handler = middleware(handler, "UserUpdateGithubAppOauthStart")
}
response, err := handler(ctx, request)
if err != nil {
return err
} else if validResponse, ok := response.(UserUpdateGithubAppOauthStartResponseObject); ok {
return validResponse.VisitUserUpdateGithubAppOauthStartResponse(ctx.Response())
} else if response != nil {
return fmt.Errorf("Unexpected response type: %T", response)
}
return nil
}
// UserUpdateGithubOauthCallback operation middleware
func (sh *strictHandler) UserUpdateGithubOauthCallback(ctx echo.Context) error {
var request UserUpdateGithubOauthCallbackRequestObject
@@ -6386,131 +6504,131 @@ func (sh *strictHandler) WorkflowVersionGetDefinition(ctx echo.Context, workflow
// Base64 encoded, gzipped, json marshaled Swagger object
var swaggerSpec = []string{
"H4sIAAAAAAAC/+x9W3PbOLLwX2Hx+x52q+Rrktk5rtoHJ/ZkveM4ObI9qXOmXC6YhCSMKYIDgHa8Kf33",
"U7iRIAmQoCzJ8oRPvhCXRqNvaHQ3vocRnmc4hSmj4dH3kEYzOAfi1+MvZ6eEYMJ/zwjOIGEIii8RjiH/",
"GUMaEZQxhNPwKARBlFOG58G/AItmkAWQ9w5E41EIv4F5lsDw6ODt/v4onGAyByw8CnOUsp/ehqOQPWUw",
"PApRyuAUknAxqg7fnM34O5hgErAZonJOc7rwuGz4ABVMc0gpmMJyVsoISqdiUhzR2wSl97Yp+f8DhgM2",
"g0GMo3wOUwYsAIwCNAkQC+A3RBmtgDNFbJbf7UZ4vjeTeNqJ4YP+3QbRBMEkbkLDYRCfAjYDzJg8QDQA",
"lOIIAQbj4BGxmYAHZFmCInCXVLYjTMHcgojFKCTwzxwRGIdHv1emvika47s/YMQ4jJpWaJNYYPF/xOBc",
"/PL/CZyER+H/2ytpb08R3l5BdYtiGkAIeGqApMZ1QPMJMtCEBeRs5gEA73zMmy4W7tGP1VjVGcQo8tfm",
"dtE8yzDhm8IHpQGeBBwimDIUCTIyN+b38A5QFIWjcIrxNIF8pQUGG0TSQJUL7DPOXwRopqrtVcrJw0Js",
"jzPIZlCROCqH4LSmOgU4FXyBUspAGhk0dYdxAkHKgRDEZsUN/8IRIocoYWzyTiexKorWi3FQyBhSnJMI",
"2iklIpBzzzGzQ8vQHBp8R9RYwSOggepagfxw//Bw5+Bw5+DN1eH+0f5PR29/3v3555//NzQkYQwY3OED",
"24QAckgAFEukGUCMApQG19dnJ4Ea2gTk7u7w4O3P+//YOXz7E9x5+wa82wGH7+Kdtwf/+OkgPogmk/+C",
"JlB5jvhK5uDbOUynnOLf/DQK5yg1/2xAm2fxsthLAGWB6r9KFNZoRKyq3GQTZAe9XOF7aGOZbxkikNqW",
"+nUGJUscfzkLGO8eqNa73vs+hwzEQFJoh9SqELST165qvFbAtlvd5sN377pwWMA2KliuQIYViVEEM3aW",
"PiAGx/DPHFLWxCcSnyVmexJtHyIdhd92MMjQDjdPpjDdgd8YATsMTAUUDyBBfF/Co2LFI8EKiwYhSXht",
"6/0gyEuTjnPF9n06lrsk7YpnbZMY3wc+muGUwiaATFN+k5IqYLWDIUdxw/ElTxKFo18Inl8ymI1zC8Pd",
"EZBGswuFtPY5jbY3xUSXF5eGEnRuC8MZio6Ja+Fz8B+cBprnAj5H8Lfj8cXfNWNdXlwGYowmapYgvjlK",
"/3kwmoNv/zx891OTCgtg3fi9gilIu7gPzgFK7CsWn/TicsqNARxI6l/JCuXUYmE4gV3yTq7mE5zfQTLm",
"7RvmoRhODdaFlZ68WZehTAyyCiyIZdAkn9on5V9WP+lIHT4Enywc1pQAyobH0weYWjB3D5/sa7iHT4VU",
"g7zv7or1nkSMHwGV7c9iO7hnJ1WE149W6uDlXMgjJveTBD+O8/Qyn88BeeqCTCD0a7Nbi/rlyDYWcqO3",
"5QTYbFuN1+Zi+Zfq5gR/+/fl54vg7olB+vduIS+GLqb/9Xk0oMc4RzbWzMAUpcU5pg2hX4qWhY4TUubR",
"/1RaLKd51NKAbguULSB+JjEk759OEIGRBgmm+ZzvHKD8qMm3yuDy2l6o/r9oh4TuW9rRzq6XEJBoZj26",
"uui9gcsJQNbDqRDHOdcEnFVlq4DkadXMdvuZMpjGHJaOgVWzPiP/mcO8G2LZqs+4JE9TD4hVsz4j0zyK",
"IIy7gS4a+o/O6fAjZMqyO0GTidvmjNFk4k/4xpCdfiM5MpdRH4U74TjLzlLKQJI4nCIginCeslvwABgg",
"tzlJrGSsm6V2y3QUImOWWwoZQ+mUOodbWgG6tYQbgBr0I9uabbpfYvC9sLJdlnoLQuhtDCcgT5jxuXAW",
"WU15DZ/R1Q3XGGa4CRWBGXbDJL7ixxSS7tOF0XZkDGsD6N/4zkLjbf5toY4ND7cyQv7Ad7tr8hM0xqQM",
"Zv14sMl8VfOq6bZEc4hzZl+++ti19AdIKMKpdQY3MxRgmQMUjgy5dMdOWo+lEUgjmCTa6eXn3Sk6FRct",
"7iZjCKgkFMsNQYrorN/Uf0iKbNtRTrSypWP3nkF0BNIq35cYpgwQ1m8xlAGWU4/1cPNCtlX0Pc7T3mpm",
"CSqP7iFpZ4E+yzXOFF0gG3ZVrefy/FIdRBNIsQturrkstklbjl9OL07OLj6Go3B8fXEhf7u8/vDh9PTk",
"9CQchb8cn52LXz4cX3w4Pee/20zMc5TelzKfIobJk/NMP0WMtyq1VlPykGKUQOodq+BRA104fQTGMFyu",
"tA3yWauc1lGEsrEOY+p211HWAk4vv37D81mZsoqP2sJGNazbaIQfoOyXVL4Xh/WuFj5VkwiPJ3Wbnxs9",
"thWXC9aTG4fYaqluC/h2M7rLDDdAVPO5aMI0MmFl0T3AU3TnoAhDdiw5vrA1HaMbnu22PTNaeU9uDN2N",
"cXOCGwVb1RlOX5iUqtCsiobw9BylsNcdLxeX4jM3vbku1kZogqdBglLY5wZPxppY5+DDqQadZr2rt2xh",
"dNdLr2HLvO0sA2CKGW5KVJ3DB5iYavrk9P01V81nF798Dkfh1+PxRTgKT8fjz2O7PjbGKbxFXhRQgcDG",
"T+r7yzvbNFnZhbb8+AyHW3WEni431bnF6WZBgHnl+j2MckJgym4zQbuHozCF3/Rfb0Zhms/FHzQ8Othf",
"jOqcVelsCwFQLYJMUmEx8aGXl8qAxRpLAr81R37jN3K5LmvkAmYgMX2CvKlwZSeIMnn9Uka67fs4xSwS",
"y5TqbXriPaCwNGMbe2y0/BcEsV/LsxOjhekkLZtciOV3NuPWPuyhwGT76hhXiCVuR400Zi/afDmyyWd/",
"h47ZoTFLHVMWWG2Ycm3FyLGZFjTeVMmiwK2WBziDXAlGCaaVkKcSG2PIyevHib4YwywBT+JywX3dzb+e",
"xVWhv+lgqfYoRw3hjVgS4Ydo4YRo2cIstzlWGpjjzfioNaPLMuAUUnZNHHEB1+PzgOGAwjQWMQ/KtKAB",
"w+u52XUdb/MU/ZnDAMUwZWiCICmuGNXNrYo4k6EZZhDjHUxwOtUQ17ezuWHriwzxc8C0RnsIP6zlEkNv",
"btPDOENJTGD1pN1BpWvyCmaA6EB0f0gIBDG4S6Db7SG/F7GSMKAMZlbiXJmz2jGDe3uNVVT2WjvX1AZK",
"2+csdm79GpzTx+w0wxXLwVD4K3JhCyI0nJU9aWA5GoZOkJfxqJd9WtBVl84Vh7yHP1ddPxTtV8+DOGcu",
"EJdkT3G/fTxh0gTzQ+bK7wdkl5ad8btDUCxWvUTwvRrjbV2yxUPw9Flx0aVlxY+YuK4lvNRQQYHFylrv",
"AMxLele4WJOQccx1uR0vmCB+ik26FyADpIr2xrg3JWRt1xPqt9vjy8uzjxefTi+uwlEo/xD3E8+6vrgq",
"ItaqSFl78LcrhvDZQYjdoeLOeEIzTnV9AaqLIljdrc6NFAU5zEbD95eLgu0ykpUpjGJ7HKP+7MaabOG+",
"81IjVILXl6CSSvhuuVdmkGMH7WyBi7BCynXVyM/AU7wjGTUc83HF8dbc05WKhOcRlH88LWe9rtbXFBLZ",
"40t+l6CojRTEeC2B3CbMW7Ppav+W2fSx2iethD5/vTgdc21z8unsIhyFn04/vT+1+92vCJpOITHs6NW5",
"Ca5FgpRXFsFKAvid+31NbYzRqRhAHBNIqakgKnJcS5ymnuAffoOksEMaWV4qNVJpnRmgwYNqzv+LSBWC",
"XWtm5AzQL4DSR0x85wBBpjoEFDL7qGuxIGJEswQ8VSwJjc7eAr6KXdd+f5iBdAo1gtzpGvDRjURh/MDH",
"EmtaPdlhX8JHqUcW685aASmAaMXf82Bo3JaqL6MKnlwoP8dTlC6fKLQcuz0rb2jrMK7XmHXhegyniDL+",
"8xWh2++I4RAMW7hbOofVd9NMDUZnKKOv1fhoGGMbVK7r0DJyMtu2fRUeD5d33HEUVB/lAUn6TIIIpEEG",
"CV8fh8ffG5YAcQNI2B0E7Ji1Hj7L6URSPIUpC0Aw0713V1thYO3OBrmWXbu3L4KpTgyhLjc+byMc6yLl",
"pCy5Ug78vCjeDp+Fm6C2gPEVZVuDUfRxwJaBkCX4aQ67j3d6jJOixwecTtC0s06PI49BxxDvOmLTHUTA",
"v9iG8MKRime3sWT/SOqNsIsTQ1rDWWQHmC6PIb3GK2AVXipRoh9V8vF+kx2Le9xVsB0f9wNOZSBRZEkX",
"nEJmfP9IcJ5ZyiykSr4HjzMUzYIpZFTgLiq7BlPetzguGIRg3ZsEzRG7ZAQwOHXkv1L1NWCY67TgUVcK",
"MWcV4wSiPgqIZjAW8l75BKQ/+fbs4vbL+PPH8enlZTgKT8afv9xenH49vbwKR+F/X59en5Z/fhx/vv5y",
"O/58fXFyO/78/uzC6kCYg29uCTwH39A8nxvhTwW4rKA1azrgm0N75FNl39XUdQSOrBvZRhUNGfVjpABM",
"XemMSwVvW0dzeZXLm3U5XnCcZYGZH+AVV7GGlMceKQnuJd8YtCXD4+qlWgriPzuxbo3ubTcUnhUwsWEb",
"Q9gRXvXGdOtPkBEUWSLLhVT9FT59wHnqMoRr4ZZNoXwPn0yHmnG7qYfnQqVlikq2tDQqQUAzGKEJispJ",
"gr/x8yCMgwcEgglKGCR/94zm/FrN1qrnOYtTjjOGcbUhCoXTF8Qx4kgAyRcDHEZyaFmAvOf1p5MyRqFu",
"QDw7NEgKoE1H6Mm51bnhZUBYW1KkWXihCGpoj0aQlwwwfv/UY/Aro5eRiKgsw56GpGWE56cz/makASvc",
"VRd7087cW3IKNM4o/kJ6VcmZyuy0hzk0JtMY67s2g1BrAsZBcJbUH5x+MSRKMx6N4PSSW925I/4cPnic",
"mouCLCqMdz3xkj1Jv+jURs/8BGip+5tgspoj/rPPwHbnrYSwdWGSLD4QzmYTO2W0BL/dIgeyuyZUgegT",
"RxD6rSsA6pnTUvsK+4uUGt5s0ZQPjeDAHgMX+Fmt2SDlvB19pei/VZ6N/mg29FedVyquCR9MmN4Mwwv2",
"HN/Wc+JASVwL2HQd5Ast2XfPqeFUsgsD9dFLpDwabk7fY4zu01OEapg1lioD3XSTywnk1rs93YKAx+pn",
"izsAPAb/c/zpPIiLhv0lZnUeD6DthZI3RGE/AJVwkx1GOUHs6bKsIn4HAYFEFxuX5cX5qUP8u1zgjDER",
"YhxhfI+gbo44huS/tDv1KGyUmgcZEqXtFuKEOMF2JOuq/sdfznhXmZgXVv9b7FJ4sLu/uy82OYMpyFB4",
"FL7ZPdjdF/YHm4ml7YEM7SXoASpvbXPej9oby1ulkNKgMMw5DRY+qfBcff8o1kWU/SxmOdzfbw78LwgS",
"NhMi8p3t+wVmxZyVnQmPfr8ZhVSXqOMQlg21X/53NX40g9F9eMP7i7USCOKn7sXyZqhttWPdYJXLFcAF",
"DAdAlGkOGAGTiYrMa1t9AW3n8h8O+I8dUQiY7n0vfl8IqYKpBSdj+IDvYQBSo4a2dNGoqMQ6ao4zJGpp",
"yGg12V3avGAOmVBRv7cWMhZ10sIjQaUlzxSwhia3S3+JlBgVObbMGX9x09jJt02EXOZRBCmd5EnyFBCx",
"vFjG2OoKIm/lBkc4ZeqEoh5+4CPs/aEScEqgfR5jUIECdbfnHCR8yTAOMAnuQByQshTF2/03mwHjF0zu",
"UBxDWTKupE1FOnxjr9TOafIs/3czCr/t6Prz4ltBV+WWVyhYWrl738XPxZ5WfS6Olk+F6LKqIC3LnVbp",
"tijXKlm6k15lcVZBZRZylYfTTZLq6miuLFxr2ewa+TOC4INiAIkRsR8DF1QktIGZkgeka6KF/iUNVWhf",
"XpDsgCzbMy93qJMBzhFlriuhplor7qJ4t7Na07XRm0d9pX6EWF3kNtHiwWbAuE5BzmaYoP/AWE78bjMT",
"f4JshuMgxSwASYIfdT310nr5XjGQf79ZVMyZLnLVvCOb+PHG3vfpbMf8z2JP3OZ680xx94tgB8uI+lU+",
"ysMEx6lDamC/Um3iqu7Vj6UrezBw9Ovl6Boz1Rm6oQ3rTPAslhf/57/tiCCORfk3Z7nF3p0qcectGooO",
"rWLhfdnqtUmGkU8wjBPIEtWtIPadVJegds+pWvhPuRkJ2Cih2E8IFtQ2CMDXKwANkbEK4bf3CO9mGN+7",
"PTjG3NME34Ek0F3sQks6bj6Kpl+Llt0urgrhZgTzP2BcTDbQ7DbRbNWJKCkE2Cik2+LWFLj3Xf2y8KJF",
"labuQ4syNaakxU4lqgZ16s9Hg6w3alEPHPOX45gGHbdxzBy2OytpUU22CHbX9zvGq65VTvmkerivIlaF",
"PhXr28dkKS7jtoWYO+5SzAA1tY+fyvq8tZ3cQ7XCze4zA0iSoNLatYvS81ZpuFbD1Fa0vdcOJ3x5eFJd",
"3TbtdtUSq21C+yZTfpSkKV3IXU0gs4RMnYj/10saNjb4MqWypY8Cq9dHdCkyqghkW+7DJI7iBjIGVfby",
"qqzgAyfBama4vLhsu5fgRNdkE/l5oe/l3DYgn1dfjzVYRBp8PixS1FGyc0YB7UY9I/KiR9Y6W+pWsP6w",
"sAHEwWBlDlaml5VJGcx2SC6Ul/p1sSfr1e9kxM2Z8kHeAARZniR6Z1S0RxG11WBamZQhGVc9JE18GFjn",
"kbuVm4J93RpOFv/GMjBoJUTQ+p62hS6k4zfLWcCwfPWivgsNHCzWaBf2Bb8iYdS7CMI2rKzgx44J4LO+",
"3cysF5gzbZ7W9b5i7xpZaUFShFu2aX7Nkd3iJlZFRtvDctBkohP+tDS4g+wRqmTsOaZMl53g30Aq6WqC",
"CBX/2XWJo4+QiTKnr0kOrYmbHQ++9jvlxeph14GDX5KDOd/EkqzXxLYJnrZ7MmjxABOtcW6TF82ngl4J",
"I45aMpQZDug9yjRsf+aQPJXA4cmECg+cBRT30zPt08kCFHdPjinF5+fOeFx4cBL4ABPK55Xp1S0Ti5aV",
"mX2flJLvKDlWTsVzSYGYzYBjgokDENmhLyDqVSYLEF9FvWEciHQB9/qx+SZUz8kr70k58CCnj4tHq1qh",
"ODGaLQNJ2X/N1+CGNOhSPpwkzahSOkSU1vyYhRQ2dME5nvZXA/Iz7ToV0gCI2p2OqH95RSebhus8VMmJ",
"ihcX7Wcp/dyMPkxt9PSk6zD3OCexonTzX5jG+5C4OqoUxKYpXOG2QeQ2ii5dkmXOS/slTZGCQv1SXHwN",
"m5d2Vd6s/w6p9pxvv8OF9i0NUr4u5Ys8GdoveeZmMerw8fXO5ypk++sg93XpH03rhgZavyuunHTgr1Xx",
"l2KEJbPT2hVOWYih5RwNkkQZtxUGdGSmvRZd8yMfoO/hk9fxmberzOpVYEKQgUgTb9YVcsNkFMbzgq2U",
"Fb0BNCr0LQciyVOVcA29YNVtvQ++9vpHL+SMEPv5Mq4IMfUWOCJMODblhiil6eCEeK55qtDindPqozX3",
"hHT0VJ1S5Hqoz1/h03BaK3XIUvQvkD3wgI0HAqXSV8kHRDyf3VaZg3+nASgUqezo4ABdj0MM+uOe4iyP",
"kjuciLrAgzBFiMbb5vyI/opKAjeoKmcdEvGMyWqVlXygkbYH85esWXnWkTrc58aziT+4nmrgo5/Do4bt",
"wa9e0VgNWuzyrvt6Fat3RGqCVlofnIrGpVb1Tcf2qy31HG6fG66DtXDnEvdcmjAGtrRed5V848+XHppK",
"/2NH/u2R0kKLQ5UPK/snt2yli7LKV+2w7RToeO26tZN7dULP9nKvLbWl2B9XKER1H4VeA8z2EI08NfXj",
"hFeew7KFnLB6vet+S9lX7+Z6lzcdWeLJuRK+V8O5ckP6c26b5pvLl0F7ntF0LzuLG6+cD2e0Kj6WOqNp",
"bA/GoO2MVtLiamxB2hUCVUsKpbYczYH4ZdjT5cVlJVPfn/4bWB6SMLcoP9rFCF7p0Z2RVx51AgaviEBA",
"lb9aA65WR7PVSb29G0PBgy1maCfneXJ0q0a1ZFG15j2aqY5PknNdGYyv9gj5V0+p9M2Frlq8GitDHuWm",
"8igrtPgIqJARrsTKYnsMucD/xTd62ayadjmxF4E0gon7iv+YMTjPmLiBlm0N8dFRiUEOPUiQ1y1BYkSF",
"Z1KJEEkEyfbZGC98xd/FKJtiaAKJemPYEbIjnjj25WHRfGDhbQwiInmqtqrDb1yUdZFV7G3LXWyFpTKE",
"ELWGEMnY9I0LlHJNrYVUZLNaQYaWk8WlHHYQLS9nHdTfHlzmJKH2fThQbPWBQu/SWqTGIyb38g1Pt8ch",
"SQLZrCOv+atoNLj3ZaLQUrdaQ6ql4wk0RYC1ykWQLOt304hWGtP8s8v/Vsk362QIlS/2mt1xlQU7a+Ib",
"GHzFXKu2a0m2Hdxzds4tcNOv8FiFppbn572MeJRXN+sa0lrVUqs5bJALH8Sod0kHVl8XgJXSspTJe05X",
"ci/0ziQ1Nu9SdFz/9b9JL0sWZtCRRxXSHeRP7Sq+ip21SyDqZUyLln7Ww2BQl6p5MKlXr5j78YQnE+xx",
"PezNCYHwa/va0kMtk22tZWLmvfI5p5AVW7vrmFi0P4vDTVk2/pDpLusHLgOEI81hfdXAko0NftgYfBa/",
"qRU25SheKVwbOvg9Q8EIehqUjPv09wxFk1NI6F6UE6KW4g7IF/fcsmHAuzU0yTWF5CNkH9Rga6QrPlNP",
"YhIQD9F/r+d9Vk7kNXLTNC6230LG6t3LCCTJHYjuneT8Ac8zmUjJKeMznz+wvqHCJ1LProqhP3NcftDD",
"1wj8zf5hxyM/kZo3bs47gyBWKTEJlpthvZYqxPaiFzL1iquTeuKTMkDcsuGSf10Ok6JrfzQKeF4AiQLc",
"nhjEeJrA9VCkGHqLKXIVBCjRt2ICLBG3dQT4XHrrqn5SlumqFpsoXjXtVPB8BDPfca0PYfYuN2KUxvqh",
"ao34mI+9HkbvrEXipL09EEUwYy3Bs+J7v9Rt2WdNBezl4I1s40XvR/zkyoeaGu0hoQJJnTU13PRFoIjM",
"aQnm5N/70ZfsE64rKpEPvgL6kisf6KsjJJAjaQn6SvAUtcQIn+MpDVAaAKEbd1sMjHMx0JrqI3AVzMff",
"UJ1zr5N2gqdTGAdoSK/b4kdLBdX4nqQTPMU562AGnDM/buBDbQmNclAGIn09XiBJPb5kq8oyzFDW4whk",
"dPI7BpkFNkQ3dW+2VgK3T9r/PGSiaDgTLXMmMjHYTZIZoPQRk9gtS1WFHSlJA92+TaR+0WOuz8b4MAPp",
"tJhom4yNSEAWF4gaxPkrEueSrKqU7sFEBE65ICNthz7ZgrZaJGt9B49PoMHYJobRyBsuwl6Fna5JqNvm",
"UaH7MigXEp/weos1I8P9PcPo5RitAaxiitebW7JEjMKW8dPWJJX0yCkZadJpELgMeivizj3K45rh5V6R",
"b/4Vco1Yp/YI7o2ywNsOt6FZK7YAcEhNfOE34xWxGhSzTPy0qGvmk1PlxQk9tMD2scHqw9aWjFcbtIE9",
"VG15Eu/QCXsJSu93ZLRKi88SpfcBCGSzgMAMU8SwfEMOmEDaeUN5M1F6LyNYXhWjrP60UyJiXGDSt+RG",
"4tiJjVbg8GZyDq3i8CbEgxp9YTUquNpGSWsSNXMu8iPaWflDtavnOz5AQm3VRQ0N/EnN8Erki+UBUfn+",
"Z/0J0R5Phy7/cKgdoCnBeRbcQ/O9UL1BTlBEp1/hUwWYlzBDNEEsGT2vSE4veBBZLy2yKuH784Lb1ySw",
"GEHTaZvr9Eo2UG9ELVWEwb8w8lZKrCsLu+wGZxPhs6M5pw4Yj2RmMGCQsoKnEA0mUJQBdOU6lQJ/yw06",
"RQbGrvapoFZL6N+8GedTW8J88mqoLLFNIlHLoI6aFl21mXqIRcWX1LcmjeZ4L5H4m2z8itwpfwWZuGYJ",
"ozb1mWbYIGu2yvwqSXFN5peWM3sxnKAU6ZSQPiKn7NlX+pyUcw5y6C8mh4y9febB0KDMQThtoXAyN2h5",
"OVUP07mDgEBShOmMrIE7kDxoeZGTJDwKw8XN4v8CAAD//7km78oaJQEA",
"H4sIAAAAAAAC/+x9W3PbOLLwX2Hx+x52q+RrMrNzXLUPTuzJesdRcuR4UudMuVwwCUkYUwQHAO14U/rv",
"p3AjQRIgQVlS5IRPvhCXRqNvaHQ3voYRXmQ4hSmj4cnXkEZzuADi19OPF+eEYMJ/zwjOIGEIii8RjiH/",
"GUMaEZQxhNPwJARBlFOGF8G/AIvmkAWQ9w5E41EIv4BFlsDw5Oj14eEonGKyACw8CXOUsp9fh6OQPWUw",
"PAlRyuAMknA5qg7fnM34O5hiErA5onJOc7rwtGz4ABVMC0gpmMFyVsoISmdiUhzR2wSl97Yp+f8DhgM2",
"h0GMo3wBUwYsAIwCNA0QC+AXRBmtgDNDbJ7f7Ud4cTCXeNqL4YP+3QbRFMEkbkLDYRCfAjYHzJg8QDQA",
"lOIIAQbj4BGxuYAHZFmCInCXVLYjTMHCgojlKCTwrxwRGIcnf1Smvika47s/YcQ4jJpWaJNYYPF/xOBC",
"/PL/CZyGJ+H/Oyhp70AR3kFBdctiGkAIeGqApMZ1QPMeMtCEBeRs7gEA73zKmy6X7tFP1VjVGcQo8tfm",
"dtE8yzDhm8IHpQGeBhwimDIUCTIyN+aP8A5QFIWjcIbxLIF8pQUGG0TSQJUL7AvOXwRopqrtVcrJw0Js",
"j3PI5lCROCqH4LSmOgU4FXyBUspAGhk0dYdxAkHKgRDEZsUN/8IRIocoYWzyTiexKorWi3FQyARSnJMI",
"2iklIpBzzymzQ8vQAhp8R9RYwSOggepagfz48Ph47+h47+jVp+PDk8OfT17/sv/LL7/8b2hIwhgwuMcH",
"tgkB5JAAKJZIM4AYBSgNrq8vzgI1tAnI3d3x0etfDv+xd/z6Z7j3+hX4aQ8c/xTvvT76x89H8VE0nf4X",
"NIHKc8RXsgBfLmE64xT/6udRuECp+WcD2jyLV8VeAigLVP91orBGI2JV5SabIDvo5RO+hzaW+ZIhAqlt",
"qZ/nULLE6ceLgPHugWq9773vC8hADCSFdkitCkE7ee1TjdcK2Par23z8009dOCxgGxUsVyDDisQoghm7",
"SB8QgxP4Vw4pa+ITic8Ssz2Jtg+RjsIvexhkaI+bJzOY7sEvjIA9BmYCigeQIL4v4Umx4pFghWWDkCS8",
"tvW+FeSlSce5Yvs+ncpdknbFs7ZJjO8DH81wSmETQKYpv0lJFbDawZCjuOH4mCeJwtGvBC+uGMwmuYXh",
"7ghIo/lYIa19TqPtTTHR1fjKUILObWE4Q9EpcS18Af6D00DzXMDnCP52Ohn/XTPW1fgqEGM0UbMC8S1Q",
"+s+j0QJ8+efxTz83qbAA1o3fTzAFaRf3wQVAiX3F4pNeXE65MYADSf1rWaGcWiwMJ7BL3snVvIeLO0gm",
"vH3DPBTDqcG6sNKTN+sylIlB1oEFsQya5DP7pPzL+icdqcOH4JOlw5oSQNnweP4AUwvm7uGTfQ338KmQ",
"apD33V+z3pOI8SOgsv1FbAf34qyK8PrRSh28nAt5xOR+muDHSZ5e5YsFIE9dkAmEfm52a1G/HNnGQm70",
"tpwBm22r8dpcLP9S3Zzgb/+++jAO7p4YpH/vFvJi6GL6355HA3qMS2RjzQzMUFqcY9oQ+rFoWeg4IWUe",
"/U+lxXKaRy0N6K5A2QLiBxJD8ubpDBEYaZBgmi/4zgHKj5p8qwwur+2F6v+rdkjovqUd7ex6BQGJ5taj",
"q4veG7icAmQ9nApxnHNNwFlVtgpInlbNbLefKYNpzGHpGFg16zPyXznMuyGWrfqMS/I09YBYNeszMs2j",
"CMK4G+iiof/onA7fQaYsuzM0nbptzhhNp/6EbwzZ6TeSI3MZ9U64E06z7CKlDCSJwykCogjnKbsFD4AB",
"cpuTxErGullqt0xHITJmuaWQMZTOqHO4lRWgW0u4AahBP7Kt2ab7JQbfCCvbZam3IITexnAK8oQZnwtn",
"kdWU1/AZXd1wTWCGm1ARmGE3TOIrfkwh6T5dGG1HxrA2gP6N7yw03ubfFurY8HArI+RPfLe/IT9BY0zK",
"YNaPB5vMVzWvmm5LtIA4Z/blq49dS3+AhCKcWmdwM0MBljlA4ciQS3fspPVYGoE0gkminV5+3p2iU3HR",
"4m4ygYBKQrHcEKSIzvtN/aekyLYd5UQrWzp27xlERyCt8n2JYcoAYf0WQxlgOfVYDzcvZFtF35M87a1m",
"VqDy6B6Sdhbos1zjTNEFsmFX1Xquzi/VQTSBFLvg5pqrYpu05fjxfHx2MX4XjsLJ9Xgsf7u6fvv2/Pzs",
"/Cwchb+eXlyKX96ejt+eX/LfbSbmJUrvS5lPEcPkyXmmnyHGW5Vaqyl5SDFKIPWOVfCogcZOH4ExDJcr",
"bYN80CqndRShbKzDmLrddZS1gNPLr9/wfFamrOKjtrBRDes2GuEHKPslle/FYb2rhU/VJMLjSd3m51aP",
"bcXlgvXkxiG2Wqq7Ar7djO4yww0Q1XwumjCNTFhZdA/wFN05KMKQHSuOL2xNx+iGZ7ttz4xW3pMbQ3dj",
"3JzgRsFWdYbTb0xKVWjWRUN4dolS2OuOl4tL8Zmb3lwXayM0wbMgQSnsc4MnY02sc/DhVINOs97VW7Yw",
"uuul17Bl3naWATDFDDclqi7hA0xMNX12/uaaq+aL8a8fwlH4+XQyDkfh+WTyYWLXx8Y4hbfIiwIqENj4",
"SX3/9s42TVZ2oS0/PsPhVh2hp8tNdW5xulkQYF65fg2jnBCYsttM0O7xKEzhF/3Xq1GY5gvxBw1Pjg6X",
"ozpnVTrbQgBUiyCTVFhMfOzlpTJgscaSwC/NkV/5jVyuyxq5gBlITJ8gbypc2QmiTF6/lJFuhz5OMYvE",
"MqV6m554AygszdjGHhst/wVB7Nfy4sxoYTpJyyZjsfzOZtzahz0UmGxfHeMTYonbUSON2XGbL0c2+eDv",
"0DE7NGapY8oCqw1Trq0YOTbTgsabKlkUuNXyAGeQK8EowbQS8lRiYwI5ef040RcTmCXgSVwuuK+7+deL",
"uCr0tx0s1R7lqCG8EUsi/BAtnBAtW5jlNsdKA3O8GR+1ZnRZBpxByq6JIy7genIZMBxQmMYi5kGZFjRg",
"eDM3u67jbZ6iv3IYoBimDE0RJMUVo7q5VRFnMjTDDGK8gwlOZxri+nY2N2xzkSF+DpjWaA/hh7VcYujN",
"bXoY5yiJCayetDuodENewQwQHYjuDwmBIAZ3CXS7PeT3IlYSBpTBzEqca3NWO2Zwb6+xispea+ea2kBp",
"+1zEzq3fgHP6lJ1nuGI5GAp/TS5sQYSGs7InDaxGw9AJ8ioe9bJPC7rq0rnikPfw56rrh6L9+nkQ58wF",
"4orsKe63T6dMmmB+yFz7/YDs0rIzfncIisWqlwi+V2O8rUu2eAiePisuurSs+BET17WElxoqKLBYWesd",
"gHlJ7woXaxIyjrkut+MFE8RPsUn3AmSAVNHeGPemhKztekL9dnt6dXXxbvz+fPwpHIXyD3E/8azri09F",
"xFoVKRsP/nbFED47CLE7VNwZT2jGqW4uQHVZBKu71bmRoiCH2Wr4/mpRsF1GsjKFUWyPY9Sf3ViTLdx3",
"XmqESvD6ClRSCd8t98oMcuygnR1wEVZIua4a+Rl4hvcko4YTPq443pp7ulaR8DyC8o+n5azX1fqaQiJ7",
"fMzvEhS1kYIYryWQ24R5ZzZd7d8qmz5R+6SV0IfP4/MJ1zZn7y/G4Sh8f/7+zbnd7/6JoNkMEsOOXp+b",
"4FokSHllEawlgN+539fUxhidigHEMYGUmgqiIse1xGnqCf7hd0gKO6SR5aVSI5XWmQMaPKjm/L+IVCHY",
"t2ZGzgH9CCh9xMR3DhBkqkNAIbOPuhELIkY0S8BTxZLQ6Owt4KvYde332zlIZ1AjyJ2uAR/dSBTGD3ws",
"sabVkx32FXyUemSx7qwVkAKIVvw9D4bGban6MqrgyYXySzxD6eqJQqux27PyhnYO43qNWReuJ3CGKOM/",
"XxC6/Y4YDsGwg7ulc1h9N83UYHSOMvpSjY+GMbZF5boJLSMns23bZ+HxcHnHHUdB9VEekKTPJIhAGmSQ",
"8PVxePy9YQkQN4CE3UHATlnr4bOcTiTFU5iyAARz3Xt/vRUGNu5skGvZt3v7IpjqxBDqcuPzNsKxLlJO",
"ypIr5cDPi+Lt8Fm4CWoHGF9RtjUYRR8HbBkIWYKfFrD7eKfHOCt6vMXpFM066/Q48hh0DPG+IzbdQQT8",
"i20ILxypeHYbS/aPpN4KuzgxpDWcRXaA2eoY0mv8BKzCSyVK9KNKPt7vsmNxj7sOtuPjvsWpDCSKLOmC",
"M8iM7+8IzjNLmYVUyffgcY6ieTCDjArcRWXXYMb7FscFgxCse5OgBWJXjAAGZ478V6q+BgxznRY86koh",
"5qxinEDURwHRHMZC3iufgPQn316Mbz9OPrybnF9dhaPwbPLh4+34/PP51adwFP739fn1efnnu8mH64+3",
"kw/X47PbyYc3F2OrA2EBvrgl8AJ8QYt8YYQ/FeCygtas6YCvju2RT5V9V1PXETiybmQbVTRk1I+RAjBz",
"pTOuFLxtHc3lVS5v1uV4wWmWBWZ+gFdcxQZSHnukJLiXfGPQlgyPq5dqKYj/4sy6Nbq33VB4VsDElm0M",
"YUd41RvTrd9DRlBkiSwXUvU3+PQW56nLEK6FWzaF8j18Mh1qxu2mHp4LlZYpKtnS0qgEAc1ghKYoKicJ",
"/sbPgzAOHhAIpihhkPzdM5rzczVbq57nLE45zhjG9YYoFE5fEMeIIwEkHw1wGMmhZQHyntefTsoYhboB",
"8ezQICmAth2hJ+dW54ZvA8LGkiLNwgtFUEN7NIK8ZIDxm6ceg38yehmJiMoy7GlIWkZ4fjrj70YasMJd",
"dbE37cy9I6dA44ziL6TXlZypzE57mENjMo2xvmszCLUmYBwEZ0n9welHQ6I049EITq+41Z074s/hg8ep",
"uSjIosJ4NxMv2ZP0i05t9MxPgJa6vwkm6zniP/sMbHfeSghbFybJ4i3hbDa1U0ZL8NstciC7a0IViD51",
"BKHfugKgnjktta+wv0ip4c0WTfnQCA7sMXCBn/WaDVLO29FXiv5b5dnoj2ZDf9V5peKa8MGE6c0wvGDP",
"8W09Jw6UxLWATddBvtCSffecGk4luzBQH71EyqPh5vQ9xug+PUWohlljqTLQTTe5nEFuvdvTLQh4rH62",
"uAPAY/A/p+8vg7ho2F9iVufxANpeKHlLFPYDUAk32WGUE8Sersoq4ncQEEh0sXFZXpyfOsS/ywXOGRMh",
"xhHG9wjq5ohjSP5Lu1NPwkapeZAhUdpuKU6IU2xHsq7qf/rxgneViXlh9b/FLoVH+4f7h2KTM5iCDIUn",
"4av9o/1DYX+wuVjaAcjQQYIeoPLWNud9p72xvFUKKQ0Kw5zTYOGTCi/V93diXUTZz2KW48PD5sD/giBh",
"cyEif7J9H2NWzFnZmfDkj5tRSHWJOg5h2VD75f9Q40dzGN2HN7y/WCuBIH7qXixvhtpWO9EN1rlcAVzA",
"cABEmeaAETCdqsi8ttUX0HYu/+GI/9gThYDpwdfi96WQKphacDKBD/geBiA1amhLF42KSqyj5jRDopaG",
"jFaT3aXNCxaQCRX1R2shY1EnLTwRVFryTAFraHK79JdIiVGRY6uc8Zc3jZ183UTIVR5FkNJpniRPARHL",
"i2WMra4g8lpucIRTpk4o6uEHPsLBnyoBpwTa5zEGFShQd3suQMKXDOMAk+AOxAEpS1G8Pny1HTB+xeQO",
"xTGUJeNK2lSkwzf2k9o5TZ7l/25G4Zc9XX9efCvoqtzyCgVLK/fgq/i5PNCqz8XR8qkQXVYVpGW50yrd",
"FuVaJUt30qssziqozEKu8nC6TVJdH82VhWstm10jf0YQfFAMIDEi9mPggoqENjBT8oB0TbTQv6ShCu3L",
"C5I9kGUH5uUOdTLAJaLMdSXUVGvFXRTvdlFrujF686iv1I8Qq4vcJVo82g4Y1ynI2RwT9B8Yy4l/2s7E",
"7yGb4zhIMQtAkuBHXU+9tF6+VgzkP26WFXOmi1w178gmfrxx8HU23zP/szwQt7nePFPc/SLYwTKifpWP",
"8jDBceqQGtgvVJu4qnv1Y+nKHgwc/XI5usZMdYZuaMM6EzyL5cX/+W97IohjWf7NWW55cKdK3HmLhqJD",
"q1h4U7Z6aZJh5BMM4wSyRHUriH0n1SWo3XOqFv5TbkcCNkoo9hOCBbUNAvDlCkBDZKxD+B08wrs5xvdu",
"D44x9yzBdyAJdBe70JKOm3ei6eeiZbeLq0K4GcH8DxgXkw00u0s0W3UiSgoBNgrptrg1BR58Vb8svWhR",
"pan70KJMjSlpsVOJqkGd+vPRIOutWtQDx3x3HNOg4zaOWcB2ZyUtqskWwe76fsd41bXKKe9VD/dVxLrQ",
"p2J9+5gsxWXcrhBzx12KGaCm9vF9WZ+3tpMHqFa42X1mAEkSVFq7dlF63ioNN2qY2oq299rhhC8PT6ur",
"26XdrlpitU1o32TKj5I0pUu5qwlklpCpM/H/eknDxgZfpVS29FFg9fqILkVGFYHsyn2YxFHcQMagyr69",
"Kiv4wEmwmhmuxldt9xKc6JpsIj8v9b2c2wbk8+rrsQaLSIPPh0WKOkp2ziig3apnRF70yFpnK90K1h8W",
"NoA4GqzMwcr0sjIpg9keyYXyUr8uD2S9+r2MuDlTPsgbgCDLk0TvjIr2KKK2GkwrkzIk46qHpIkPA+s8",
"crdyU7BvWsPJ4t9YBgathQha39O20IV0/GY5CxiWr17Ud6GBg+UG7cK+4FckjHoXQdiGlRX82DEBfNbX",
"25l1jDnT5mld7yv2rpGVFiRFuGWb5tcc2S1uYlVktD0sB02nOuFPS4M7yB6hSsZeYMp02Qn+DaSSrqaI",
"UPGffZc4egeZKHP6kuTQhrjZ8eBrv1NerB52HTj4W3Iw55tYkvWG2DbBs3ZPBi0eYKI1zm3yovlU0Ath",
"xFFLhjLDAb1HmYbtrxySpxI4PJ1S4YGzgOJ+eqZ9OlmA4u7JMaX4/NwZTwsPTgIfYEL5vDK9umVi0bIy",
"s++TUvIdJcfKqXguKRCzGXBMMXEAIjv0BUS9ymQB4rOoN4wDkS7gXj8234TqOXnlPSkHHuT0cfFoVSsU",
"Z0azVSAp+2/4GtyQBl3Kh5OkGVVKh4jSmh+zkMKGLrjEs/5qQH6mXadCGgBRu9MR9S+v6GTTcJOHKjlR",
"8eKi/Syln5vRh6mtnp50HeYe5yRWlG7+jmm8D4mro0pBbJrCFW4bRG6j6NIlWea8tF/SFCko1C/Fxdew",
"+dauypvN3yHVnvPtd7jQvqVBytelfJEnQ/slz9wsRx0+vt75XIVsfxnkvin9o2nd0ECbd8WVkw78tS7+",
"UoywYnZau8IpCzG0nKNBkijjtsKAjsy0l6JrfuQD9D188jo+83aVWb0KTAgyEGnizbpCbpiMwnhesJWy",
"ojeARoW+1UAkeaoSrqEXrLqt98HXXv/oGzkjxH5+G1eEmHoHHBEmHNtyQ5TSdHBCPNc8VWjxzmn10ZoH",
"Qjp6qk4pcj3U52/waTitlTpkJfoXyB54wMYDgVLp6+QDIp7PbqvMwb/TABSKVHZ0cICuxyEG/XFPcZZH",
"yR1ORF3gQZgiRONte35Ef0UlgRtUlbMOiXjGZL3KSj7QSNuD+UvWrDzrSB3uc+PZxB9cTzXw0c/hUcP2",
"4FevaKwGLXZ51329itU7IjVBK60PTkXjUqv6pmP71ZZ6DrfPDdfRRrhzhXsuTRgDW1qvu0q+8edLD02l",
"/7En//ZIaaHFocqHlf2TW3bSRVnlq3bY9gp0vHTd2sm9OqFnd7nXltpS7I8rFKK6j0KvAWZ7iEaemvpx",
"wgvPYdlBTli/3nW/peyrd3O9y9uOLPHkXAnfi+FcuSH9ObdN8y3ky6A9z2i6l53FjVfOhzNaFR8rndE0",
"tgdj0HZGK2lxPbYg7QqBqiWFUluO5kD8MuzpanxVydT3p/8GlockzB3Kj3Yxgld6dGfklUedgMErIhBQ",
"5a/WgKv10Wx1Um/vxlDwYIcZ2sl5nhzdqlEtWVSteY9mquOT5FxXBuOLPUJ+7ymVvrnQVYtXY2XIo9xW",
"HmWFFh8BFTLClVhZbI8hF/i/+EavmlXTLicOIpBGMHFf8Z8yBhcZEzfQsq0hPjoqMcihBwnysiVIjKjw",
"TCoRIokg2T0b4xtf8XcxyrYYmkCi3hh2hOyIJ459eVg0H1h4F4OISJ6qrerwGxdlXWQVe9tylzthqQwh",
"RK0hRDI2fesCpVxTayEV2axWkKHlZHElhx1Ey7ezDupvD65yklD7PhwodvpAoXdpI1LjEZN7+Yan2+OQ",
"JIFs1pHX/Fk0Gtz7MlFopVutIdXS8QSaIsBa5SJIVvW7aUQrjWn+2eV/q+SbdTKEyhd7ye64yoKdNfEN",
"DL5grlXbtSLbDu45O+cWuOlXeKxCU6vz80FGPMqrm3UNaa1qqdUcNsiFD2LUu6QDq28KwEppWcrkPacr",
"uRd6Z5Iam3clOm7++t+klxULM+jIowrpDvKndhVfxc7GJRD1MqZFSz/rYTCoS9U8mNTrV8z9eMKTCQ64",
"HvbmhED4tX1t6aGWya7WMjHzXvmcM8iKrd13TCzaX8Thtiwbf8h0l80DlwHCkeawvmpgycYGP2wNPovf",
"1AqbchSvFa4tHfyeoWAEPQ1Kxn36e4aiySkk9CDKCVFLcQfki3tu2TDg3Rqa5JpC8g6yt2qwDdIVn6kn",
"MQmIh+i/l/M+KyfyGrlpGhfbbyFj49npCCTJHYjunST9Fi8ymUzJqeMDhyGwvqPCJ1NPr+q3oz9wlL7V",
"M9To/NXhccdbP5GaOm5OPYcgVpkxCZZ7Yr2dKqT3shdO9aKrk/ZAK2WAuMXEFf+6MkJF7/7YFCB9A1wK",
"cFdB5AZpc4cJc210uBEa3E0CfDa9YTxL4GboTQz9ndObRN+a6a1E3HdHb121d8oicdVSJ8Wbup3mJR/B",
"zLbd6DOsvYvdGIXZfqhKNz6Hl17P8ndWwnHS3gGIIpixltBt8b1f4QDZZ0PPJ8jBG7nuy95PSMqVDxVd",
"2gOSBZI6K7q46YtAERfWEkrMv/ejL9kn3FRMLB98DfQlVz7QV0dAKkfSCvSV4BlqiVC/xDMaoDQAQjfu",
"txgYl2KgDVXn4CqYj7+lKvtefp4Ez2YwDtCQ3LnDT+YKqvH14yR4hnPWwQw4Z37cwIfaERrloAxE+nJ8",
"kJJ6fMlWFQWZo6zHEcjo5HcMMsu7iG7q1najBG6ftP95yETRcCZa5UxkYrCbJDNA6SMmsVuWqvpOUpIG",
"un2bSP2ox9ycjfF2DtJZMdEuGRuRgCwuEDWI8xckziVZVSndg4kInHFBRtoOfbIFbbVINvoKI59Ag7FL",
"DKORN1zDvgg7XZNQt82jEkdkSDgkPskdFmtGJpt4JnHIMVrDp8UULzezaYUImR3jp51JaeqR0TTSpNMg",
"cBlyWWQ9eBRnNpMbvOIu/eszG5F27fkDW2WB1x1uQ7NScQHgkBi7pcTYsSMPVhGrQTGrRO+Lqno+GX1e",
"nNBDC+weG6w/aHLFaMlBG9gDJVcn8Q6dcJCg9H5PBqe0+CxReh+AQDYLCMwwRQzLFwyBCaSdN5Q3E6X3",
"MmDlRTHK+k87JSImBSZ9C74kjp3Yav0Xbybn0CoOb0I8qNFvrEYFV9soaUOiZsFFfkQ7686odvVs2wdI",
"qK22raGB36sZXoh8sTxfK1+frT9g2+Ph2tWfrbUDNCM4z4J7aL5WqzfICYro9Bt8qgDzLcwQTRAr5m4o",
"ktMLHkTWtxZZleSRRcHtGxJYjKDZrM11+kk2UC+UrVQCxL8s905KrE8WdtkPLqbCZ0dzTh0wHsm8dMAg",
"ZQVPIRpMoShC6cq0KwX+jht0igyMXe1Tv69WTmL7ZpxPZRPzwbWhrskuiUQtgzoqqnRVBushFhVfUt+K",
"SJrjvUTi77LxC3KnfA8yccMSRm3qM82wQdbslPlVkuKGzC8tZw5iOEUp0ikhfURO2bOv9Dkr5xzk0Hcm",
"h4y9febB0KDMQTjtoHAyN2h1OVUP07mDgEBShOmMrIE7kDxoeZGTJDwJw+XN8v8CAAD//4pYbo6YJwEA",
}
// GetSwagger returns the content of the embedded swagger specification file

34
frontend/app/src/lib/api/generated/Api.ts
View File

@@ -186,13 +186,11 @@ export class Api<SecurityDataType = unknown> extends HttpClient<SecurityDataType
* @name UserUpdateGithubOauthStart
* @summary Start OAuth flow
* @request GET:/api/v1/users/github/start
* @secure
*/
userUpdateGithubOauthStart = (params: RequestParams = {}) =>
this.request<any, void>({
path: `/api/v1/users/github/start`,
method: "GET",
secure: true,
...params,
});
/**
@@ -202,12 +200,42 @@ export class Api<SecurityDataType = unknown> extends HttpClient<SecurityDataType
* @name UserUpdateGithubOauthCallback
* @summary Complete OAuth flow
* @request GET:/api/v1/users/github/callback
* @secure
*/
userUpdateGithubOauthCallback = (params: RequestParams = {}) =>
this.request<any, void>({
path: `/api/v1/users/github/callback`,
method: "GET",
...params,
});
/**
* @description Starts the OAuth flow
*
* @tags User
* @name UserUpdateGithubAppOauthStart
* @summary Start OAuth flow
* @request GET:/api/v1/users/github-app/start
* @secure
*/
userUpdateGithubAppOauthStart = (params: RequestParams = {}) =>
this.request<any, void>({
path: `/api/v1/users/github-app/start`,
method: "GET",
secure: true,
...params,
});
/**
* @description Completes the OAuth flow
*
* @tags User
* @name UserUpdateGithubAppOauthCallback
* @summary Complete OAuth flow
* @request GET:/api/v1/users/github-app/callback
* @secure
*/
userUpdateGithubAppOauthCallback = (params: RequestParams = {}) =>
this.request<any, void>({
path: `/api/v1/users/github-app/callback`,
method: "GET",
secure: true,
...params,
});

63
frontend/app/src/pages/auth/login/index.tsx
View File

@@ -10,6 +10,7 @@ import useApiMeta from '../hooks/use-api-meta';
import { Loading } from '@/components/ui/loading';
import { Icons } from '@/components/ui/icons';
import useErrorParam from '../hooks/use-error-param';
import React from 'react';
export default function Login() {
useErrorParam();
@@ -22,19 +23,27 @@ export default function Login() {
const schemes = meta.data?.data?.auth?.schemes || [];
const basicEnabled = schemes.includes('basic');
const googleEnabled = schemes.includes('google');
const githubEnabled = schemes.includes('github');
let prompt = 'Enter your email and password below.';
if (basicEnabled && googleEnabled) {
prompt = 'Enter your email and password below, or continue with Google.';
} else if (googleEnabled) {
prompt = 'Continue with Google.';
if (basicEnabled && (googleEnabled || githubEnabled)) {
prompt =
'Enter your email and password below, or continue with a supported provider.';
} else if (googleEnabled || githubEnabled) {
prompt = 'Continue with a supported provider.';
} else if (basicEnabled) {
prompt = 'Enter your email and password below.';
} else {
prompt = 'No login methods are enabled.';
}
const forms = [
basicEnabled && <BasicLogin />,
googleEnabled && <GoogleLogin />,
githubEnabled && <GithubLogin />,
].filter(Boolean);
return (
<div className="flex flex-row flex-1 w-full h-full">
<div className="container relative hidden flex-col items-center justify-center md:grid lg:max-w-none lg:grid-cols-2 lg:px-0">
@@ -55,20 +64,12 @@ export default function Login() {
</h1>
<p className="text-sm text-muted-foreground">{prompt}</p>
</div>
{basicEnabled && <BasicLogin />}
{basicEnabled && schemes.length > 1 && (
<div className="relative">
<div className="absolute inset-0 flex items-center">
<span className="w-full border-t" />
</div>
<div className="relative flex justify-center text-xs uppercase">
<span className="bg-background px-2 text-muted-foreground">
Or continue with
</span>
</div>
</div>
)}
{googleEnabled && <GoogleLogin />}
{forms.map((form, index) => (
<React.Fragment key={index}>
{form}
{index < schemes.length - 1 && <OrContinueWith />}
</React.Fragment>
))}
<p className="text-left text-sm text-muted-foreground w-full">
By clicking continue, you agree to our{' '}
<Link
@@ -93,6 +94,21 @@ export default function Login() {
);
}
export function OrContinueWith() {
return (
<div className="relative">
<div className="absolute inset-0 flex items-center">
<span className="w-full border-t" />
</div>
<div className="relative flex justify-center text-xs uppercase">
<span className="bg-background px-2 text-muted-foreground">
Or continue with
</span>
</div>
</div>
);
}
function BasicLogin() {
const navigate = useNavigate();
const [fieldErrors, setFieldErrors] = useState<Record<string, string>>({});
@@ -130,3 +146,14 @@ export function GoogleLogin() {
</a>
);
}
export function GithubLogin() {
return (
<a href="/api/v1/users/github/start">
<Button variant="outline" type="button" className="w-full py-2">
<Icons.gitHub className="mr-2 h-4 w-4" />
Github
</Button>
</a>
);
}

38
frontend/app/src/pages/auth/register/index.tsx
View File

@@ -8,8 +8,9 @@ import { useState } from 'react';
import { useApiError } from '@/lib/hooks';
import useApiMeta from '../hooks/use-api-meta';
import { Loading } from '@/components/ui/loading';
import { GoogleLogin } from '../login';
import { GithubLogin, GoogleLogin, OrContinueWith } from '../login';
import useErrorParam from '../hooks/use-error-param';
import React from 'react';
export default function Register() {
useErrorParam();
@@ -22,20 +23,27 @@ export default function Register() {
const schemes = meta.data?.data?.auth?.schemes || [];
const basicEnabled = schemes.includes('basic');
const googleEnabled = schemes.includes('google');
const githubEnabled = schemes.includes('github');
let prompt = 'Create an account to get started.';
if (basicEnabled && googleEnabled) {
if (basicEnabled && (googleEnabled || githubEnabled)) {
prompt =
'Enter your email and password to create an account, or continue with Google.';
} else if (googleEnabled) {
prompt = 'Continue with Google.';
'Enter your email and password to create an account, or continue with a supported provider.';
} else if (googleEnabled || githubEnabled) {
prompt = 'Continue with a supported provider.';
} else if (basicEnabled) {
prompt = 'Create an account to get started.';
} else {
prompt = 'No login methods are enabled.';
}
const forms = [
basicEnabled && <BasicRegister />,
googleEnabled && <GoogleLogin />,
githubEnabled && <GithubLogin />,
].filter(Boolean);
return (
<div className="flex flex-row flex-1 w-full h-full">
<div className="container relative hidden flex-col items-center justify-center md:grid lg:max-w-none lg:grid-cols-2 lg:px-0">
@@ -56,20 +64,12 @@ export default function Register() {
</h1>
<p className="text-sm text-muted-foreground">{prompt}</p>
</div>
{basicEnabled && <BasicRegister />}
{basicEnabled && schemes.length > 1 && (
<div className="relative">
<div className="absolute inset-0 flex items-center">
<span className="w-full border-t" />
</div>
<div className="relative flex justify-center text-xs uppercase">
<span className="bg-background px-2 text-muted-foreground">
Or continue with
</span>
</div>
</div>
)}
{googleEnabled && <GoogleLogin />}
{forms.map((form, index) => (
<React.Fragment key={index}>
{form}
{index < schemes.length - 1 && <OrContinueWith />}
</React.Fragment>
))}
<p className="text-left text-sm text-muted-foreground w-full">
By clicking continue, you agree to our{' '}
<Link

2
frontend/docs/pages/contributing/github-app-setup.mdx
View File

@@ -15,7 +15,7 @@ Make note of the `https` URL as you will need it later.
To create a Github app that can read from your repositories, navigate to your organization settings page (alternately, you can navigate to your personal settings page) and select **Developer Settings** in the sidebar. Go to **Github Apps** and select **New Github App**. You should use the following settings:
- Homepage URL: you can set this as https://hatchet.run, or some other domain for your organization.
- Callback URL: `<protocol>://<your-domain>/api/v1/users/github/callback`
- Callback URL: `<protocol>://<your-domain>/api/v1/users/github-app/callback`
- The **Request user authorization (OAuth) during installation** checkbox should be checked.
- Webhook URL: `<protocol>://<your-https-ngrok-address>/api/v1/github/webhook`
- Webhook secret: generate a random webhook secret for your domain, for example by running `cat /dev/urandom | base64 | head -c 32`. **Make note of this secret, as you will need it later**.

2
frontend/docs/pages/self-hosting/github-app-setup.mdx
View File

@@ -7,7 +7,7 @@ You can configure a Github app to integrate Hatchet with your Github repositorie
To create a Github app that can read from your repositories, navigate to your organization settings page (alternately, you can navigate to your personal settings page) and select **Developer Settings** in the sidebar. Go to **Github Apps** and select **New Github App**. You should use the following settings:
- Homepage URL: you can set this as https://hatchet.run, or some other domain for your organization.
- Callback URL: `<protocol>://<your-domain>/api/v1/users/github/callback`
- Callback URL: `<protocol>://<your-domain>/api/v1/users/github-app/callback`
- The **Request user authorization (OAuth) during installation** checkbox should be checked.
- Webhook URL: `<protocol>://<your-domain>/api/v1/github/webhook`
- Webhook secret: generate a random webhook secret for your domain, for example by running `cat /dev/urandom | base64 | head -c 32`. **Make note of this secret, as you will need it later**.

15
internal/auth/oauth/configs.go
View File

@@ -14,6 +14,8 @@ type Config struct {
const (
GoogleAuthURL string = "https://accounts.google.com/o/oauth2/v2/auth"
GoogleTokenURL string = "https://oauth2.googleapis.com/token" // #nosec G101
GithubAuthURL string = "https://github.com/login/oauth/authorize"
GithubTokenURL string = "https://github.com/login/oauth/access_token" // #nosec G101
)
func NewGoogleClient(cfg *Config) *oauth2.Config {
@@ -28,3 +30,16 @@ func NewGoogleClient(cfg *Config) *oauth2.Config {
Scopes: cfg.Scopes,
}
}
func NewGithubClient(cfg *Config) *oauth2.Config {
return &oauth2.Config{
ClientID: cfg.ClientID,
ClientSecret: cfg.ClientSecret,
Endpoint: oauth2.Endpoint{
AuthURL: GithubAuthURL,
TokenURL: GithubTokenURL,
},
RedirectURL: cfg.BaseURL + "/api/v1/users/github/callback",
Scopes: cfg.Scopes,
}
}

17
internal/config/loader/loader.go
View File

@@ -239,6 +239,23 @@ func GetServerConfigFromConfigfile(dc *database.Config, cf *server.ServerConfigF
auth.GoogleOAuthConfig = gClient
}
if cf.Auth.Github.Enabled {
if cf.Auth.Github.ClientID == "" {
return nil, nil, fmt.Errorf("github client id is required")
}
if cf.Auth.Github.ClientSecret == "" {
return nil, nil, fmt.Errorf("github client secret is required")
}
auth.GithubOAuthConfig = oauth.NewGithubClient(&oauth.Config{
ClientID: cf.Auth.Github.ClientID,
ClientSecret: cf.Auth.Github.ClientSecret,
BaseURL: cf.Runtime.ServerURL,
Scopes: cf.Auth.Github.Scopes,
})
}
encryptionSvc, err := loadEncryptionSvc(cf)
if err != nil {

16
internal/config/server/server.go
View File

@@ -144,6 +144,8 @@ type ConfigFileAuth struct {
Cookie ConfigFileAuthCookie `mapstructure:"cookie" json:"cookie,omitempty"`
Google ConfigFileAuthGoogle `mapstructure:"google" json:"google,omitempty"`
Github ConfigFileAuthGithub `mapstructure:"github" json:"github,omitempty"`
}
type ConfigFileVCS struct {
@@ -169,6 +171,14 @@ type ConfigFileAuthGoogle struct {
Scopes []string `mapstructure:"scopes" json:"scopes,omitempty" default:"[\"openid\", \"profile\", \"email\"]"`
}
type ConfigFileAuthGithub struct {
Enabled bool `mapstructure:"enabled" json:"enabled,omitempty" default:"false"`
ClientID string `mapstructure:"clientID" json:"clientID,omitempty"`
ClientSecret string `mapstructure:"clientSecret" json:"clientSecret,omitempty"`
Scopes []string `mapstructure:"scopes" json:"scopes,omitempty" default:"[\"read:user\", \"user:email\"]"`
}
type ConfigFileAuthCookie struct {
Name string `mapstructure:"name" json:"name,omitempty" default:"hatchet"`
Domain string `mapstructure:"domain" json:"domain,omitempty"`
@@ -191,6 +201,8 @@ type AuthConfig struct {
GoogleOAuthConfig *oauth2.Config
GithubOAuthConfig *oauth2.Config
JWTManager token.JWTManager
}
@@ -278,6 +290,10 @@ func BindAllEnv(v *viper.Viper) {
_ = v.BindEnv("auth.google.clientID", "SERVER_AUTH_GOOGLE_CLIENT_ID")
_ = v.BindEnv("auth.google.clientSecret", "SERVER_AUTH_GOOGLE_CLIENT_SECRET")
_ = v.BindEnv("auth.google.scopes", "SERVER_AUTH_GOOGLE_SCOPES")
_ = v.BindEnv("auth.github.enabled", "SERVER_AUTH_GITHUB_ENABLED")
_ = v.BindEnv("auth.github.clientID", "SERVER_AUTH_GITHUB_CLIENT_ID")
_ = v.BindEnv("auth.github.clientSecret", "SERVER_AUTH_GITHUB_CLIENT_SECRET")
_ = v.BindEnv("auth.github.scopes", "SERVER_AUTH_GITHUB_SCOPES")
// task queue options
// legacy options

2
internal/integrations/vcs/github/github_app_oauth.go
View File

@@ -57,7 +57,7 @@ func NewGithubAppConf(
AuthURL: GithubAuthURL,
TokenURL: GithubTokenURL,
},
RedirectURL: cfg.BaseURL + "/api/v1/users/github/callback",
RedirectURL: cfg.BaseURL + "/api/v1/users/github-app/callback",
Scopes: cfg.Scopes,
},
}, nil

2
internal/repository/user.go
View File

@@ -20,7 +20,7 @@ type CreateUserOpts struct {
}
type OAuthOpts struct {
Provider string `validate:"required,oneof=google"`
Provider string `validate:"required,oneof=google github"`
ProviderUserId string `validate:"required,min=1"`
AccessToken []byte `validate:"required,min=1"`
RefreshToken *[]byte // optional

182
pkg/client/rest/gen.go
View File

@@ -1192,6 +1192,12 @@ type ClientInterface interface {
// UserGetCurrent request
UserGetCurrent(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error)
// UserUpdateGithubAppOauthCallback request
UserUpdateGithubAppOauthCallback(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error)
// UserUpdateGithubAppOauthStart request
UserUpdateGithubAppOauthStart(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error)
// UserUpdateGithubOauthCallback request
UserUpdateGithubOauthCallback(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error)
@@ -1831,6 +1837,30 @@ func (c *Client) UserGetCurrent(ctx context.Context, reqEditors ...RequestEditor
return c.Client.Do(req)
}
func (c *Client) UserUpdateGithubAppOauthCallback(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error) {
req, err := NewUserUpdateGithubAppOauthCallbackRequest(c.Server)
if err != nil {
return nil, err
}
req = req.WithContext(ctx)
if err := c.applyEditors(ctx, req, reqEditors); err != nil {
return nil, err
}
return c.Client.Do(req)
}
func (c *Client) UserUpdateGithubAppOauthStart(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error) {
req, err := NewUserUpdateGithubAppOauthStartRequest(c.Server)
if err != nil {
return nil, err
}
req = req.WithContext(ctx)
if err := c.applyEditors(ctx, req, reqEditors); err != nil {
return nil, err
}
return c.Client.Do(req)
}
func (c *Client) UserUpdateGithubOauthCallback(ctx context.Context, reqEditors ...RequestEditorFn) (*http.Response, error) {
req, err := NewUserUpdateGithubOauthCallbackRequest(c.Server)
if err != nil {
@@ -3966,6 +3996,60 @@ func NewUserGetCurrentRequest(server string) (*http.Request, error) {
return req, nil
}
// NewUserUpdateGithubAppOauthCallbackRequest generates requests for UserUpdateGithubAppOauthCallback
func NewUserUpdateGithubAppOauthCallbackRequest(server string) (*http.Request, error) {
var err error
serverURL, err := url.Parse(server)
if err != nil {
return nil, err
}
operationPath := fmt.Sprintf("/api/v1/users/github-app/callback")
if operationPath[0] == '/' {
operationPath = "." + operationPath
}
queryURL, err := serverURL.Parse(operationPath)
if err != nil {
return nil, err
}
req, err := http.NewRequest("GET", queryURL.String(), nil)
if err != nil {
return nil, err
}
return req, nil
}
// NewUserUpdateGithubAppOauthStartRequest generates requests for UserUpdateGithubAppOauthStart
func NewUserUpdateGithubAppOauthStartRequest(server string) (*http.Request, error) {
var err error
serverURL, err := url.Parse(server)
if err != nil {
return nil, err
}
operationPath := fmt.Sprintf("/api/v1/users/github-app/start")
if operationPath[0] == '/' {
operationPath = "." + operationPath
}
queryURL, err := serverURL.Parse(operationPath)
if err != nil {
return nil, err
}
req, err := http.NewRequest("GET", queryURL.String(), nil)
if err != nil {
return nil, err
}
return req, nil
}
// NewUserUpdateGithubOauthCallbackRequest generates requests for UserUpdateGithubOauthCallback
func NewUserUpdateGithubOauthCallbackRequest(server string) (*http.Request, error) {
var err error
@@ -4933,6 +5017,12 @@ type ClientWithResponsesInterface interface {
// UserGetCurrentWithResponse request
UserGetCurrentWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserGetCurrentResponse, error)
// UserUpdateGithubAppOauthCallbackWithResponse request
UserUpdateGithubAppOauthCallbackWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserUpdateGithubAppOauthCallbackResponse, error)
// UserUpdateGithubAppOauthStartWithResponse request
UserUpdateGithubAppOauthStartWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserUpdateGithubAppOauthStartResponse, error)
// UserUpdateGithubOauthCallbackWithResponse request
UserUpdateGithubOauthCallbackWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserUpdateGithubOauthCallbackResponse, error)
@@ -5943,6 +6033,48 @@ func (r UserGetCurrentResponse) StatusCode() int {
return 0
}
type UserUpdateGithubAppOauthCallbackResponse struct {
Body []byte
HTTPResponse *http.Response
}
// Status returns HTTPResponse.Status
func (r UserUpdateGithubAppOauthCallbackResponse) Status() string {
if r.HTTPResponse != nil {
return r.HTTPResponse.Status
}
return http.StatusText(0)
}
// StatusCode returns HTTPResponse.StatusCode
func (r UserUpdateGithubAppOauthCallbackResponse) StatusCode() int {
if r.HTTPResponse != nil {
return r.HTTPResponse.StatusCode
}
return 0
}
type UserUpdateGithubAppOauthStartResponse struct {
Body []byte
HTTPResponse *http.Response
}
// Status returns HTTPResponse.Status
func (r UserUpdateGithubAppOauthStartResponse) Status() string {
if r.HTTPResponse != nil {
return r.HTTPResponse.Status
}
return http.StatusText(0)
}
// StatusCode returns HTTPResponse.StatusCode
func (r UserUpdateGithubAppOauthStartResponse) StatusCode() int {
if r.HTTPResponse != nil {
return r.HTTPResponse.StatusCode
}
return 0
}
type UserUpdateGithubOauthCallbackResponse struct {
Body []byte
HTTPResponse *http.Response
@@ -6833,6 +6965,24 @@ func (c *ClientWithResponses) UserGetCurrentWithResponse(ctx context.Context, re
return ParseUserGetCurrentResponse(rsp)
}
// UserUpdateGithubAppOauthCallbackWithResponse request returning *UserUpdateGithubAppOauthCallbackResponse
func (c *ClientWithResponses) UserUpdateGithubAppOauthCallbackWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserUpdateGithubAppOauthCallbackResponse, error) {
rsp, err := c.UserUpdateGithubAppOauthCallback(ctx, reqEditors...)
if err != nil {
return nil, err
}
return ParseUserUpdateGithubAppOauthCallbackResponse(rsp)
}
// UserUpdateGithubAppOauthStartWithResponse request returning *UserUpdateGithubAppOauthStartResponse
func (c *ClientWithResponses) UserUpdateGithubAppOauthStartWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserUpdateGithubAppOauthStartResponse, error) {
rsp, err := c.UserUpdateGithubAppOauthStart(ctx, reqEditors...)
if err != nil {
return nil, err
}
return ParseUserUpdateGithubAppOauthStartResponse(rsp)
}
// UserUpdateGithubOauthCallbackWithResponse request returning *UserUpdateGithubOauthCallbackResponse
func (c *ClientWithResponses) UserUpdateGithubOauthCallbackWithResponse(ctx context.Context, reqEditors ...RequestEditorFn) (*UserUpdateGithubOauthCallbackResponse, error) {
rsp, err := c.UserUpdateGithubOauthCallback(ctx, reqEditors...)
@@ -8616,6 +8766,38 @@ func ParseUserGetCurrentResponse(rsp *http.Response) (*UserGetCurrentResponse, e
return response, nil
}
// ParseUserUpdateGithubAppOauthCallbackResponse parses an HTTP response from a UserUpdateGithubAppOauthCallbackWithResponse call
func ParseUserUpdateGithubAppOauthCallbackResponse(rsp *http.Response) (*UserUpdateGithubAppOauthCallbackResponse, error) {
bodyBytes, err := io.ReadAll(rsp.Body)
defer func() { _ = rsp.Body.Close() }()
if err != nil {
return nil, err
}
response := &UserUpdateGithubAppOauthCallbackResponse{
Body: bodyBytes,
HTTPResponse: rsp,
}
return response, nil
}
// ParseUserUpdateGithubAppOauthStartResponse parses an HTTP response from a UserUpdateGithubAppOauthStartWithResponse call
func ParseUserUpdateGithubAppOauthStartResponse(rsp *http.Response) (*UserUpdateGithubAppOauthStartResponse, error) {
bodyBytes, err := io.ReadAll(rsp.Body)
defer func() { _ = rsp.Body.Close() }()
if err != nil {
return nil, err
}
response := &UserUpdateGithubAppOauthStartResponse{
Body: bodyBytes,
HTTPResponse: rsp,
}
return response, nil
}
// ParseUserUpdateGithubOauthCallbackResponse parses an HTTP response from a UserUpdateGithubOauthCallbackWithResponse call
func ParseUserUpdateGithubOauthCallbackResponse(rsp *http.Response) (*UserUpdateGithubOauthCallbackResponse, error) {
bodyBytes, err := io.ReadAll(rsp.Body)

476
python-sdk/hatchet_sdk/clients/rest/api/user_api.py
View File

@@ -821,6 +821,480 @@ class UserApi:
@validate_call
def user_update_github_app_oauth_callback(
self,
_request_timeout: Union[
None,
Annotated[StrictFloat, Field(gt=0)],
Tuple[
Annotated[StrictFloat, Field(gt=0)],
Annotated[StrictFloat, Field(gt=0)]
]
] = None,
_request_auth: Optional[Dict[StrictStr, Any]] = None,
_content_type: Optional[StrictStr] = None,
_headers: Optional[Dict[StrictStr, Any]] = None,
_host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
) -> None:
"""Complete OAuth flow
Completes the OAuth flow
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
:type _request_timeout: int, tuple(int, int), optional
:param _request_auth: set to override the auth_settings for an a single
request; this effectively ignores the
authentication in the spec for a single request.
:type _request_auth: dict, optional
:param _content_type: force content-type for the request.
:type _content_type: str, Optional
:param _headers: set to override the headers for a single
request; this effectively ignores the headers
in the spec for a single request.
:type _headers: dict, optional
:param _host_index: set to override the host_index for a single
request; this effectively ignores the host_index
in the spec for a single request.
:type _host_index: int, optional
:return: Returns the result object.
""" # noqa: E501
_param = self._user_update_github_app_oauth_callback_serialize(
_request_auth=_request_auth,
_content_type=_content_type,
_headers=_headers,
_host_index=_host_index
)
_response_types_map: Dict[str, Optional[str]] = {
'302': None,
}
response_data = self.api_client.call_api(
*_param,
_request_timeout=_request_timeout
)
response_data.read()
return self.api_client.response_deserialize(
response_data=response_data,
response_types_map=_response_types_map,
).data
@validate_call
def user_update_github_app_oauth_callback_with_http_info(
self,
_request_timeout: Union[
None,
Annotated[StrictFloat, Field(gt=0)],
Tuple[
Annotated[StrictFloat, Field(gt=0)],
Annotated[StrictFloat, Field(gt=0)]
]
] = None,
_request_auth: Optional[Dict[StrictStr, Any]] = None,
_content_type: Optional[StrictStr] = None,
_headers: Optional[Dict[StrictStr, Any]] = None,
_host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
) -> ApiResponse[None]:
"""Complete OAuth flow
Completes the OAuth flow
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
:type _request_timeout: int, tuple(int, int), optional
:param _request_auth: set to override the auth_settings for an a single
request; this effectively ignores the
authentication in the spec for a single request.
:type _request_auth: dict, optional
:param _content_type: force content-type for the request.
:type _content_type: str, Optional
:param _headers: set to override the headers for a single
request; this effectively ignores the headers
in the spec for a single request.
:type _headers: dict, optional
:param _host_index: set to override the host_index for a single
request; this effectively ignores the host_index
in the spec for a single request.
:type _host_index: int, optional
:return: Returns the result object.
""" # noqa: E501
_param = self._user_update_github_app_oauth_callback_serialize(
_request_auth=_request_auth,
_content_type=_content_type,
_headers=_headers,
_host_index=_host_index
)
_response_types_map: Dict[str, Optional[str]] = {
'302': None,
}
response_data = self.api_client.call_api(
*_param,
_request_timeout=_request_timeout
)
response_data.read()
return self.api_client.response_deserialize(
response_data=response_data,
response_types_map=_response_types_map,
)
@validate_call
def user_update_github_app_oauth_callback_without_preload_content(
self,
_request_timeout: Union[
None,
Annotated[StrictFloat, Field(gt=0)],
Tuple[
Annotated[StrictFloat, Field(gt=0)],
Annotated[StrictFloat, Field(gt=0)]
]
] = None,
_request_auth: Optional[Dict[StrictStr, Any]] = None,
_content_type: Optional[StrictStr] = None,
_headers: Optional[Dict[StrictStr, Any]] = None,
_host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
) -> RESTResponseType:
"""Complete OAuth flow
Completes the OAuth flow
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
:type _request_timeout: int, tuple(int, int), optional
:param _request_auth: set to override the auth_settings for an a single
request; this effectively ignores the
authentication in the spec for a single request.
:type _request_auth: dict, optional
:param _content_type: force content-type for the request.
:type _content_type: str, Optional
:param _headers: set to override the headers for a single
request; this effectively ignores the headers
in the spec for a single request.
:type _headers: dict, optional
:param _host_index: set to override the host_index for a single
request; this effectively ignores the host_index
in the spec for a single request.
:type _host_index: int, optional
:return: Returns the result object.
""" # noqa: E501
_param = self._user_update_github_app_oauth_callback_serialize(
_request_auth=_request_auth,
_content_type=_content_type,
_headers=_headers,
_host_index=_host_index
)
_response_types_map: Dict[str, Optional[str]] = {
'302': None,
}
response_data = self.api_client.call_api(
*_param,
_request_timeout=_request_timeout
)
return response_data.response
def _user_update_github_app_oauth_callback_serialize(
self,
_request_auth,
_content_type,
_headers,
_host_index,
) -> RequestSerialized:
_host = None
_collection_formats: Dict[str, str] = {
}
_path_params: Dict[str, str] = {}
_query_params: List[Tuple[str, str]] = []
_header_params: Dict[str, Optional[str]] = _headers or {}
_form_params: List[Tuple[str, str]] = []
_files: Dict[str, str] = {}
_body_params: Optional[bytes] = None
# process the path parameters
# process the query parameters
# process the header parameters
# process the form parameters
# process the body parameter
# authentication setting
_auth_settings: List[str] = [
'cookieAuth'
]
return self.api_client.param_serialize(
method='GET',
resource_path='/api/v1/users/github-app/callback',
path_params=_path_params,
query_params=_query_params,
header_params=_header_params,
body=_body_params,
post_params=_form_params,
files=_files,
auth_settings=_auth_settings,
collection_formats=_collection_formats,
_host=_host,
_request_auth=_request_auth
)
@validate_call
def user_update_github_app_oauth_start(
self,
_request_timeout: Union[
None,
Annotated[StrictFloat, Field(gt=0)],
Tuple[
Annotated[StrictFloat, Field(gt=0)],
Annotated[StrictFloat, Field(gt=0)]
]
] = None,
_request_auth: Optional[Dict[StrictStr, Any]] = None,
_content_type: Optional[StrictStr] = None,
_headers: Optional[Dict[StrictStr, Any]] = None,
_host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
) -> None:
"""Start OAuth flow
Starts the OAuth flow
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
:type _request_timeout: int, tuple(int, int), optional
:param _request_auth: set to override the auth_settings for an a single
request; this effectively ignores the
authentication in the spec for a single request.
:type _request_auth: dict, optional
:param _content_type: force content-type for the request.
:type _content_type: str, Optional
:param _headers: set to override the headers for a single
request; this effectively ignores the headers
in the spec for a single request.
:type _headers: dict, optional
:param _host_index: set to override the host_index for a single
request; this effectively ignores the host_index
in the spec for a single request.
:type _host_index: int, optional
:return: Returns the result object.
""" # noqa: E501
_param = self._user_update_github_app_oauth_start_serialize(
_request_auth=_request_auth,
_content_type=_content_type,
_headers=_headers,
_host_index=_host_index
)
_response_types_map: Dict[str, Optional[str]] = {
'302': None,
}
response_data = self.api_client.call_api(
*_param,
_request_timeout=_request_timeout
)
response_data.read()
return self.api_client.response_deserialize(
response_data=response_data,
response_types_map=_response_types_map,
).data
@validate_call
def user_update_github_app_oauth_start_with_http_info(
self,
_request_timeout: Union[
None,
Annotated[StrictFloat, Field(gt=0)],
Tuple[
Annotated[StrictFloat, Field(gt=0)],
Annotated[StrictFloat, Field(gt=0)]
]
] = None,
_request_auth: Optional[Dict[StrictStr, Any]] = None,
_content_type: Optional[StrictStr] = None,
_headers: Optional[Dict[StrictStr, Any]] = None,
_host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
) -> ApiResponse[None]:
"""Start OAuth flow
Starts the OAuth flow
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
:type _request_timeout: int, tuple(int, int), optional
:param _request_auth: set to override the auth_settings for an a single
request; this effectively ignores the
authentication in the spec for a single request.
:type _request_auth: dict, optional
:param _content_type: force content-type for the request.
:type _content_type: str, Optional
:param _headers: set to override the headers for a single
request; this effectively ignores the headers
in the spec for a single request.
:type _headers: dict, optional
:param _host_index: set to override the host_index for a single
request; this effectively ignores the host_index
in the spec for a single request.
:type _host_index: int, optional
:return: Returns the result object.
""" # noqa: E501
_param = self._user_update_github_app_oauth_start_serialize(
_request_auth=_request_auth,
_content_type=_content_type,
_headers=_headers,
_host_index=_host_index
)
_response_types_map: Dict[str, Optional[str]] = {
'302': None,
}
response_data = self.api_client.call_api(
*_param,
_request_timeout=_request_timeout
)
response_data.read()
return self.api_client.response_deserialize(
response_data=response_data,
response_types_map=_response_types_map,
)
@validate_call
def user_update_github_app_oauth_start_without_preload_content(
self,
_request_timeout: Union[
None,
Annotated[StrictFloat, Field(gt=0)],
Tuple[
Annotated[StrictFloat, Field(gt=0)],
Annotated[StrictFloat, Field(gt=0)]
]
] = None,
_request_auth: Optional[Dict[StrictStr, Any]] = None,
_content_type: Optional[StrictStr] = None,
_headers: Optional[Dict[StrictStr, Any]] = None,
_host_index: Annotated[StrictInt, Field(ge=0, le=0)] = 0,
) -> RESTResponseType:
"""Start OAuth flow
Starts the OAuth flow
:param _request_timeout: timeout setting for this request. If one
number provided, it will be total request
timeout. It can also be a pair (tuple) of
(connection, read) timeouts.
:type _request_timeout: int, tuple(int, int), optional
:param _request_auth: set to override the auth_settings for an a single
request; this effectively ignores the
authentication in the spec for a single request.
:type _request_auth: dict, optional
:param _content_type: force content-type for the request.
:type _content_type: str, Optional
:param _headers: set to override the headers for a single
request; this effectively ignores the headers
in the spec for a single request.
:type _headers: dict, optional
:param _host_index: set to override the host_index for a single
request; this effectively ignores the host_index
in the spec for a single request.
:type _host_index: int, optional
:return: Returns the result object.
""" # noqa: E501
_param = self._user_update_github_app_oauth_start_serialize(
_request_auth=_request_auth,
_content_type=_content_type,
_headers=_headers,
_host_index=_host_index
)
_response_types_map: Dict[str, Optional[str]] = {
'302': None,
}
response_data = self.api_client.call_api(
*_param,
_request_timeout=_request_timeout
)
return response_data.response
def _user_update_github_app_oauth_start_serialize(
self,
_request_auth,
_content_type,
_headers,
_host_index,
) -> RequestSerialized:
_host = None
_collection_formats: Dict[str, str] = {
}
_path_params: Dict[str, str] = {}
_query_params: List[Tuple[str, str]] = []
_header_params: Dict[str, Optional[str]] = _headers or {}
_form_params: List[Tuple[str, str]] = []
_files: Dict[str, str] = {}
_body_params: Optional[bytes] = None
# process the path parameters
# process the query parameters
# process the header parameters
# process the form parameters
# process the body parameter
# authentication setting
_auth_settings: List[str] = [
'cookieAuth'
]
return self.api_client.param_serialize(
method='GET',
resource_path='/api/v1/users/github-app/start',
path_params=_path_params,
query_params=_query_params,
header_params=_header_params,
body=_body_params,
post_params=_form_params,
files=_files,
auth_settings=_auth_settings,
collection_formats=_collection_formats,
_host=_host,
_request_auth=_request_auth
)
@validate_call
def user_update_github_oauth_callback(
self,
@@ -1037,7 +1511,6 @@ class UserApi:
# authentication setting
_auth_settings: List[str] = [
'cookieAuth'
]
return self.api_client.param_serialize(
@@ -1274,7 +1747,6 @@ class UserApi:
# authentication setting
_auth_settings: List[str] = [
'cookieAuth'
]
return self.api_client.param_serialize(