Refactoring access token from sha1 to sha1+JWT

gitea/user_app.go

@@ -23,6 +23,7 @@ type AccessToken struct {
 	ID   int64  `json:"id"`
 	Name string `json:"name"`
 	Sha1 string `json:"sha1"`
+	Content string `json:"content,omitempty"`
 }
 
 // AccessTokenList represents a list of API access token.
@@ -40,6 +41,17 @@ func (c *Client) ListAccessTokens(user, pass string) ([]*AccessToken, error) {
 // swagger:parameters userCreateToken
 type CreateAccessTokenOption struct {
 	Name string `json:"name" binding:"Required"`
+	MatchOwner []string `json:"match_owner,omitempty"`
+	MatchRepo []string `json:"match_repo,omitempty"`
+	RegexMatchBranch []string `json:"regex_match_branch,omitempty"`
+	RegexMatchRoute []string `json:"regex_match_route,omitempty"`
+	MatchMethod []string `json:"match_method,omitempty"`
+	Expires int64 `json:"expires,omitempty"`
+	// allow integrated server app to authenticate by pre-generated token
+	// and to deprecate basic auth by username and password.
+	// this will also give server app the option to generate user access token
+	// on the fly without storing token.
+	GiteaServerAccessToken string `json:"-"`
 }
 
 // CreateAccessToken create one access token with options
@@ -52,7 +64,9 @@ func (c *Client) CreateAccessToken(user, pass string, opt CreateAccessTokenOptio
 	return t, c.getParsedResponse("POST", fmt.Sprintf("/users/%s/tokens", user),
 		http.Header{
 			"content-type":  []string{"application/json"},
-			"Authorization": []string{"Basic " + BasicAuthEncode(user, pass)}},
+			"Authorization": []string{"Basic " + BasicAuthEncode(user, pass)},
+			"X-Gitea-Server-Access-Token": []string{opt.GiteaServerAccessToken},
+		},
 		bytes.NewReader(body), t)
 }