Configure secrets
This commit is contained in:
parent
91ff184804
commit
32a1ca955a
22
README.md
22
README.md
@ -26,7 +26,21 @@ Example:
|
||||
{
|
||||
"calibre-path": "/usr/home/meutel/data/calibre",
|
||||
"bind-address": ":8080",
|
||||
"prod": true
|
||||
"prod": true,
|
||||
"cookie-secret": "random",
|
||||
"external-url":"https://bouquins.meutel.net",
|
||||
"providers": [
|
||||
{
|
||||
"name": "github",
|
||||
"client-id": "ID client",
|
||||
"client-secret": "SECRET"
|
||||
},
|
||||
{
|
||||
"name": "google",
|
||||
"client-id":"ID client",
|
||||
"client-secret":"SECRET"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Options:
|
||||
@ -35,3 +49,9 @@ Options:
|
||||
* db-path path to calibre SQLite database (default <calibre-path>/metadata.db)
|
||||
* bind-address HTTP socket bind address
|
||||
* prod (boolean) use minified javascript/CSS
|
||||
* cookie-secret random string for cookie encryption
|
||||
* external-url URL used by client browsers
|
||||
* providers configuration for OAuth 2 providers
|
||||
* name provider name
|
||||
* client-id OAuth client ID
|
||||
* client-secret OAuth secret
|
||||
|
@ -71,6 +71,16 @@ type BouquinsConf struct {
|
||||
DbPath string `json:"db-path"`
|
||||
CalibrePath string `json:"calibre-path"`
|
||||
Prod bool `json:"prod"`
|
||||
CookieSecret string `json:"cookie-secret"`
|
||||
ExternalUrl string `json:"external-url"`
|
||||
ProvidersConf []ProviderConf `json:"providers"`
|
||||
}
|
||||
|
||||
// ProviderConf OAuth2 provider configuration
|
||||
type ProviderConf struct {
|
||||
Name string `json:"name"`
|
||||
ClientID string `json:"client-id"`
|
||||
ClientSecret string `json:"client-secret"`
|
||||
}
|
||||
|
||||
// Bouquins contains application common resources: templates, database
|
||||
|
@ -40,14 +40,18 @@ func (p GithubProvider) Icon() string {
|
||||
}
|
||||
|
||||
func (p GithubProvider) Config(conf *BouquinsConf) *oauth2.Config {
|
||||
// FIXME client ID and secret in conf file
|
||||
for _, c := range conf.ProvidersConf {
|
||||
if c.Name == p.Name() {
|
||||
return &oauth2.Config{
|
||||
ClientID: "8b0aedf07828f06918a0",
|
||||
ClientSecret: "eb26ec9c986fc28bd169bdddf169b794861e0d65",
|
||||
ClientID: c.ClientID,
|
||||
ClientSecret: c.ClientSecret,
|
||||
Scopes: []string{"user:email"},
|
||||
Endpoint: github.Endpoint,
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetUser returns github primary email
|
||||
func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
|
@ -44,15 +44,19 @@ func (p GoogleProvider) Icon() string {
|
||||
}
|
||||
|
||||
func (p GoogleProvider) Config(conf *BouquinsConf) *oauth2.Config {
|
||||
// FIXME client ID and secret in conf file
|
||||
for _, c := range conf.ProvidersConf {
|
||||
if c.Name == p.Name() {
|
||||
return &oauth2.Config{
|
||||
ClientID: "51149464161-8mu7ohfujn655p0qas5uj1echn36m9uu.apps.googleusercontent.com",
|
||||
ClientSecret: "5IWFxm_9NoWb5hfGt6Wj1oSV",
|
||||
ClientID: c.ClientID,
|
||||
ClientSecret: c.ClientSecret,
|
||||
Scopes: []string{"https://www.googleapis.com/auth/userinfo.email"},
|
||||
Endpoint: google.Endpoint,
|
||||
RedirectURL: "http://localhost:9000" + URLCallback, // FIXME
|
||||
RedirectURL: conf.ExternalUrl + URLCallback,
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetUser returns github primary email
|
||||
func (p GoogleProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
|
2
main.go
2
main.go
@ -66,7 +66,7 @@ func initApp() *bouquins.BouquinsConf {
|
||||
oauthConf[provider.Name()] = provider.Config(conf)
|
||||
}
|
||||
// FIXME constructor, conf cookies secret
|
||||
app := &bouquins.Bouquins{Tpl: tpl, DB: db, OAuthConf: oauthConf, Cookies: sessions.NewCookieStore([]byte("flQ6QzM/c3Jtdl9ycDx6OXRIfFgK"))}
|
||||
app := &bouquins.Bouquins{Tpl: tpl, DB: db, OAuthConf: oauthConf, Cookies: sessions.NewCookieStore([]byte(conf.CookieSecret))}
|
||||
err = app.PrepareAll()
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
|
Loading…
Reference in New Issue
Block a user