From 3d6defe3b109fa78abca4a86ebcfdfc3e01e723a Mon Sep 17 00:00:00 2001
From: Konstantin Haase <konstantin.mailinglists@googlemail.com>
Date: Fri, 11 Jan 2013 16:49:08 +0100
Subject: [PATCH] do not store token from /auth/github

---
 lib/travis/api/app/endpoint/authorization.rb | 13 +++++++------
 spec/unit/endpoint/authorization_spec.rb     |  6 +++++-
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/lib/travis/api/app/endpoint/authorization.rb b/lib/travis/api/app/endpoint/authorization.rb
index 1065b4c2..0393bf54 100644
--- a/lib/travis/api/app/endpoint/authorization.rb
+++ b/lib/travis/api/app/endpoint/authorization.rb
@@ -78,7 +78,7 @@ class Travis::Api::App
       #
       # * **github_token**: GitHub token for checking authorization (required)
       post '/github' do
-        { 'access_token' => github_to_travis(params[:github_token], app_id: 1) }
+        { 'access_token' => github_to_travis(params[:github_token], app_id: 1, drop_token: true) }
       end
 
       # Endpoint for making sure user authorized Travis CI to access GitHub.
@@ -191,10 +191,11 @@ class Travis::Api::App
         end
 
         def github_to_travis(token, options = {})
-          generate_token options.merge(user: user_for_github_token(token))
+          drop_token = options.delete(:drop_token)
+          generate_token options.merge(user: user_for_github_token(token, drop_token))
         end
 
-        class UserManager < Struct.new(:data, :token)
+        class UserManager < Struct.new(:data, :token, :drop_token)
           def info(attributes = {})
             info = data.to_hash.slice('name', 'login', 'gravatar_id')
             info.merge! attributes.stringify_keys
@@ -204,7 +205,7 @@ class Travis::Api::App
 
           def fetch
             user   = ::User.find_by_github_id(data['id'])
-            info   = info(github_oauth_token: token)
+            info   = drop_token ? info : info(github_oauth_token: token)
 
             if user
               user.update_attributes info
@@ -216,12 +217,12 @@ class Travis::Api::App
           end
         end
 
-        def user_for_github_token(token)
+        def user_for_github_token(token, drop_token = false)
           data   = GH.with(token: token.to_s) { GH['user'] }
           scopes = parse_scopes data.headers['x-oauth-scopes']
           halt 403, 'insufficient access' unless acceptable? scopes
 
-          user   = UserManager.new(data, token).fetch
+          user   = UserManager.new(data, token, drop_token).fetch
           halt 403, 'not a Travis user' if user.nil?
           user
         end
diff --git a/spec/unit/endpoint/authorization_spec.rb b/spec/unit/endpoint/authorization_spec.rb
index 3d8c52fb..f931af72 100644
--- a/spec/unit/endpoint/authorization_spec.rb
+++ b/spec/unit/endpoint/authorization_spec.rb
@@ -40,7 +40,7 @@ describe Travis::Api::App::Endpoint::Authorization do
     def user_for(github_token)
       get '/info/login', access_token: get_token(github_token)
       last_response.status.should == 200
-      User.find_by_login(body)
+      user if user.login == body
     end
 
     it 'accepts tokens with repo scope' do
@@ -60,5 +60,9 @@ describe Travis::Api::App::Endpoint::Authorization do
       post('/auth/github', github_token: 'invalid token').should_not be_ok
       body.should_not include('access_token')
     end
+
+    it 'does not store the token' do
+      user_for('public repos').github_oauth_token.should_not == 'public repos'
+    end
   end
 end