forked from forgejo/forgejo
Additional OAuth2 providers (#1010)
* add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
This commit is contained in:
Willem van Dreumel
Lunny Xiao
parent
2368bbb672
commit
950f2e2074
44 changed files with 4164 additions and 159 deletions
|
|
@ -121,9 +121,11 @@ func (cfg *PAMConfig) ToDB() ([]byte, error) {
|
|||
|
||||
// OAuth2Config holds configuration for the OAuth2 login source.
|
||||
type OAuth2Config struct {
|
||||
Provider string
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
Provider string
|
||||
ClientID string
|
||||
ClientSecret string
|
||||
OpenIDConnectAutoDiscoveryURL string
|
||||
CustomURLMapping *oauth2.CustomURLMapping
|
||||
}
|
||||
|
||||
// FromDB fills up an OAuth2Config from serialized format.
|
||||
|
|
@ -294,9 +296,15 @@ func CreateLoginSource(source *LoginSource) error {
|
|||
}
|
||||
|
||||
_, err = x.Insert(source)
|
||||
if err == nil && source.IsOAuth2() {
|
||||
if err == nil && source.IsOAuth2() && source.IsActived {
|
||||
oAuth2Config := source.OAuth2()
|
||||
oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret)
|
||||
err = oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)
|
||||
err = wrapOpenIDConnectInitializeError(err, source.Name, oAuth2Config)
|
||||
|
||||
if err != nil {
|
||||
// remove the LoginSource in case of errors while registering OAuth2 providers
|
||||
x.Delete(source)
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
|
@ -321,11 +329,25 @@ func GetLoginSourceByID(id int64) (*LoginSource, error) {
|
|||
|
||||
// UpdateSource updates a LoginSource record in DB.
|
||||
func UpdateSource(source *LoginSource) error {
|
||||
var originalLoginSource *LoginSource
|
||||
if source.IsOAuth2() {
|
||||
// keep track of the original values so we can restore in case of errors while registering OAuth2 providers
|
||||
var err error
|
||||
if originalLoginSource, err = GetLoginSourceByID(source.ID); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
_, err := x.Id(source.ID).AllCols().Update(source)
|
||||
if err == nil && source.IsOAuth2() {
|
||||
if err == nil && source.IsOAuth2() && source.IsActived {
|
||||
oAuth2Config := source.OAuth2()
|
||||
oauth2.RemoveProvider(source.Name)
|
||||
oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret)
|
||||
err = oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)
|
||||
err = wrapOpenIDConnectInitializeError(err, source.Name, oAuth2Config)
|
||||
|
||||
if err != nil {
|
||||
// restore original values since we cannot update the provider it self
|
||||
x.Id(source.ID).AllCols().Update(originalLoginSource)
|
||||
}
|
||||
}
|
||||
return err
|
||||
}
|
||||
|
|
@ -580,27 +602,6 @@ func LoginViaPAM(user *User, login, password string, sourceID int64, cfg *PAMCon
|
|||
return user, CreateUser(user)
|
||||
}
|
||||
|
||||
// ________ _____ __ .__ ________
|
||||
// \_____ \ / _ \ __ ___/ |_| |__ \_____ \
|
||||
// / | \ / /_\ \| | \ __\ | \ / ____/
|
||||
// / | \/ | \ | /| | | Y \/ \
|
||||
// \_______ /\____|__ /____/ |__| |___| /\_______ \
|
||||
// \/ \/ \/ \/
|
||||
|
||||
// OAuth2Provider describes the display values of a single OAuth2 provider
|
||||
type OAuth2Provider struct {
|
||||
Name string
|
||||
DisplayName string
|
||||
Image string
|
||||
}
|
||||
|
||||
// OAuth2Providers contains the map of registered OAuth2 providers in Gitea (based on goth)
|
||||
// key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider)
|
||||
// value is used to store display data
|
||||
var OAuth2Providers = map[string]OAuth2Provider{
|
||||
"github": {Name: "github", DisplayName: "GitHub", Image: "/img/github.png"},
|
||||
}
|
||||
|
||||
// ExternalUserLogin attempts a login using external source types.
|
||||
func ExternalUserLogin(user *User, login, password string, source *LoginSource, autoRegister bool) (*User, error) {
|
||||
if !source.IsActived {
|
||||
|
|
@ -684,59 +685,4 @@ func UserSignIn(username, password string) (*User, error) {
|
|||
}
|
||||
|
||||
return nil, ErrUserNotExist{user.ID, user.Name, 0}
|
||||
}
|
||||
|
||||
// GetActiveOAuth2ProviderLoginSources returns all actived LoginOAuth2 sources
|
||||
func GetActiveOAuth2ProviderLoginSources() ([]*LoginSource, error) {
|
||||
sources := make([]*LoginSource, 0, 1)
|
||||
if err := x.UseBool().Find(&sources, &LoginSource{IsActived: true, Type: LoginOAuth2}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return sources, nil
|
||||
}
|
||||
|
||||
// GetActiveOAuth2LoginSourceByName returns a OAuth2 LoginSource based on the given name
|
||||
func GetActiveOAuth2LoginSourceByName(name string) (*LoginSource, error) {
|
||||
loginSource := &LoginSource{
|
||||
Name: name,
|
||||
Type: LoginOAuth2,
|
||||
IsActived: true,
|
||||
}
|
||||
|
||||
has, err := x.UseBool().Get(loginSource)
|
||||
if !has || err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return loginSource, nil
|
||||
}
|
||||
|
||||
// GetActiveOAuth2Providers returns the map of configured active OAuth2 providers
|
||||
// key is used as technical name (like in the callbackURL)
|
||||
// values to display
|
||||
func GetActiveOAuth2Providers() (map[string]OAuth2Provider, error) {
|
||||
// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type
|
||||
|
||||
loginSources, err := GetActiveOAuth2ProviderLoginSources()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
providers := make(map[string]OAuth2Provider)
|
||||
for _, source := range loginSources {
|
||||
providers[source.Name] = OAuth2Providers[source.OAuth2().Provider]
|
||||
}
|
||||
|
||||
return providers, nil
|
||||
}
|
||||
|
||||
// InitOAuth2 initialize the OAuth2 lib and register all active OAuth2 providers in the library
|
||||
func InitOAuth2() {
|
||||
oauth2.Init()
|
||||
loginSources, _ := GetActiveOAuth2ProviderLoginSources()
|
||||
|
||||
for _, source := range loginSources {
|
||||
oAuth2Config := source.OAuth2()
|
||||
oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret)
|
||||
}
|
||||
}
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue