OAuth client google provider
This commit is contained in:
parent
bd3308f9a6
commit
6eba2b1879
@ -85,6 +85,7 @@ func (app *Bouquins) LoginPage(res http.ResponseWriter, req *http.Request) error
|
||||
state := securedRandString()
|
||||
app.SessionSet(sessionOAuthState, state, res, req)
|
||||
url := oauth.AuthCodeURL(state)
|
||||
log.Println("OAuth redirect", url)
|
||||
http.Redirect(res, req, url, http.StatusTemporaryRedirect)
|
||||
return nil
|
||||
}
|
||||
@ -127,7 +128,7 @@ func (app *Bouquins) CallbackPage(res http.ResponseWriter, req *http.Request) er
|
||||
return err
|
||||
}
|
||||
// FIXME list allowed users
|
||||
if userEmail == "meutel+github@meutel.net" {
|
||||
if userEmail == "meutel@gmail.com" || userEmail == "meutel+github@meutel.net" {
|
||||
app.SessionSet(sessionUser, "Meutel", res, req)
|
||||
log.Println("User logged in", userEmail)
|
||||
return RedirectHome(res, req)
|
||||
|
@ -69,7 +69,6 @@ func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
log.Println("Error reading github API response", err)
|
||||
return "", fmt.Errorf("Error reading github API response")
|
||||
}
|
||||
fmt.Printf("Content: %s\n", emails)
|
||||
var userEmail string
|
||||
for _, email := range emails {
|
||||
if email.Primary && email.Verified {
|
||||
|
79
bouquins/google.go
Normal file
79
bouquins/google.go
Normal file
@ -0,0 +1,79 @@
|
||||
package bouquins
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"golang.org/x/oauth2"
|
||||
"golang.org/x/oauth2/google"
|
||||
)
|
||||
|
||||
// GoogleProvider implements OAuth2 client with google account
|
||||
type GoogleProvider string
|
||||
|
||||
type GoogleTokenInfo struct {
|
||||
IssuedTo string `json:"issued_to"`
|
||||
Audience string `json:"audience"`
|
||||
UserId string `json:"user_id"`
|
||||
Scope string `json:"scope"`
|
||||
ExpiresIn int64 `json:"expires_in"`
|
||||
Email string `json:"email"`
|
||||
VerifiedEmail bool `json:"verified_email"`
|
||||
AccessType string `json:"access_type"`
|
||||
}
|
||||
|
||||
func init() {
|
||||
Providers = append(Providers, GoogleProvider("google"))
|
||||
}
|
||||
|
||||
// Name returns name of provider
|
||||
func (p GoogleProvider) Name() string {
|
||||
return string(p)
|
||||
}
|
||||
|
||||
// Label returns label of provider
|
||||
func (p GoogleProvider) Label() string {
|
||||
return "Google"
|
||||
}
|
||||
|
||||
// Icon returns icon path for provider
|
||||
func (p GoogleProvider) Icon() string {
|
||||
return "" // TODO
|
||||
}
|
||||
|
||||
func (p GoogleProvider) Config(conf *BouquinsConf) *oauth2.Config {
|
||||
// FIXME client ID and secret in conf file
|
||||
return &oauth2.Config{
|
||||
ClientID: "51149464161-8mu7ohfujn655p0qas5uj1echn36m9uu.apps.googleusercontent.com",
|
||||
ClientSecret: "5IWFxm_9NoWb5hfGt6Wj1oSV",
|
||||
Scopes: []string{"https://www.googleapis.com/auth/userinfo.email"},
|
||||
Endpoint: google.Endpoint,
|
||||
RedirectURL: "http://localhost:9000" + URLCallback, // FIXME
|
||||
}
|
||||
}
|
||||
|
||||
// GetUser returns github primary email
|
||||
func (p GoogleProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
// POST https://www.googleapis.com/oauth2/v2/tokeninfo access_token
|
||||
apiRes, err := http.Post("https://www.googleapis.com/oauth2/v2/tokeninfo?access_token="+token.AccessToken, "application/json", nil)
|
||||
defer apiRes.Body.Close()
|
||||
if err != nil {
|
||||
log.Println("Auth error", err)
|
||||
return "", fmt.Errorf("Authentification error")
|
||||
}
|
||||
dec := json.NewDecoder(apiRes.Body)
|
||||
var tokenInfo GoogleTokenInfo
|
||||
err = dec.Decode(&tokenInfo)
|
||||
if err != nil {
|
||||
log.Println("Error reading google API response", err)
|
||||
return "", fmt.Errorf("Error reading google API response")
|
||||
}
|
||||
var userEmail string
|
||||
if tokenInfo.VerifiedEmail {
|
||||
userEmail = tokenInfo.Email
|
||||
}
|
||||
log.Println("User email:", userEmail)
|
||||
return userEmail, nil
|
||||
}
|
Loading…
Reference in New Issue
Block a user