ti.sil/pr-agent
1
0
Fork 0
mirror of https://github.com/qodo-ai/pr-agent.git synced 2025-12-12 19:05:18 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

refactor: improve GitLab authentication method detection

Browse source 
Address code review feedback from PR #1969:

1. Improve URL matching precision:
   - Use urlparse for robust hostname validation
   - Prevent false positives with URL substring matching
   - Add support for gitlab.com/gitlab.io subdomains

2. Add authentication type validation:
   - Validate explicit GITLAB.AUTH_TYPE configuration
   - Provide clear error messages for invalid auth types
   - Prevent silent failures from user configuration errors

This enhances code reliability and user experience while maintaining
backward compatibility.
This commit is contained in:
Mr_Jing 2025-08-03 09:58:59 +08:00
parent d497c33c74
commit 2d858a43be
1 changed files with 15 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
pr_agent/git_providers/gitlab_provider.py
View file

@ -75,11 +75,23 @@ class GitLabProvider(GitProvider):
# Check for explicit configuration override first
explicit_auth_type = get_settings().get("GITLAB.AUTH_TYPE", None)
if explicit_auth_type:
# Validate the explicit authentication type
if explicit_auth_type not in ["oauth_token", "private_token"]:
raise ValueError(f"Unsupported GITLAB.AUTH_TYPE: '{explicit_auth_type}'. "
f"Must be 'oauth_token' or 'private_token'.")
return explicit_auth_type
# Default strategy: gitlab.com and gitlab.io use oauth_token, others use private_token
if "gitlab.com" in gitlab_url or "gitlab.io" in gitlab_url:
return "oauth_token"
# Default strategy: Use precise hostname matching for gitlab.com and gitlab.io
try:
parsed_url = urlparse(gitlab_url)
hostname = parsed_url.hostname
if hostname and (hostname == "gitlab.com" or hostname == "gitlab.io" or
hostname.endswith(".gitlab.com") or hostname.endswith(".gitlab.io")):
return "oauth_token"
except Exception:
# If URL parsing fails, fall back to private_token for safety
pass
return "private_token"
def is_supported(self, capability: str) -> bool: