OAuth client google provider

This commit is contained in:
Meutel 2017-09-09 11:06:04 +02:00
parent bd3308f9a6
commit 6eba2b1879
3 changed files with 81 additions and 2 deletions

View File

@ -85,6 +85,7 @@ func (app *Bouquins) LoginPage(res http.ResponseWriter, req *http.Request) error
state := securedRandString()
app.SessionSet(sessionOAuthState, state, res, req)
url := oauth.AuthCodeURL(state)
log.Println("OAuth redirect", url)
http.Redirect(res, req, url, http.StatusTemporaryRedirect)
return nil
}
@ -127,7 +128,7 @@ func (app *Bouquins) CallbackPage(res http.ResponseWriter, req *http.Request) er
return err
}
// FIXME list allowed users
if userEmail == "meutel+github@meutel.net" {
if userEmail == "meutel@gmail.com" || userEmail == "meutel+github@meutel.net" {
app.SessionSet(sessionUser, "Meutel", res, req)
log.Println("User logged in", userEmail)
return RedirectHome(res, req)

View File

@ -69,7 +69,6 @@ func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
log.Println("Error reading github API response", err)
return "", fmt.Errorf("Error reading github API response")
}
fmt.Printf("Content: %s\n", emails)
var userEmail string
for _, email := range emails {
if email.Primary && email.Verified {

79
bouquins/google.go Normal file
View File

@ -0,0 +1,79 @@
package bouquins
import (
"encoding/json"
"fmt"
"log"
"net/http"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
)
// GoogleProvider implements OAuth2 client with google account
type GoogleProvider string
type GoogleTokenInfo struct {
IssuedTo string `json:"issued_to"`
Audience string `json:"audience"`
UserId string `json:"user_id"`
Scope string `json:"scope"`
ExpiresIn int64 `json:"expires_in"`
Email string `json:"email"`
VerifiedEmail bool `json:"verified_email"`
AccessType string `json:"access_type"`
}
func init() {
Providers = append(Providers, GoogleProvider("google"))
}
// Name returns name of provider
func (p GoogleProvider) Name() string {
return string(p)
}
// Label returns label of provider
func (p GoogleProvider) Label() string {
return "Google"
}
// Icon returns icon path for provider
func (p GoogleProvider) Icon() string {
return "" // TODO
}
func (p GoogleProvider) Config(conf *BouquinsConf) *oauth2.Config {
// FIXME client ID and secret in conf file
return &oauth2.Config{
ClientID: "51149464161-8mu7ohfujn655p0qas5uj1echn36m9uu.apps.googleusercontent.com",
ClientSecret: "5IWFxm_9NoWb5hfGt6Wj1oSV",
Scopes: []string{"https://www.googleapis.com/auth/userinfo.email"},
Endpoint: google.Endpoint,
RedirectURL: "http://localhost:9000" + URLCallback, // FIXME
}
}
// GetUser returns github primary email
func (p GoogleProvider) GetUser(token *oauth2.Token) (string, error) {
// POST https://www.googleapis.com/oauth2/v2/tokeninfo access_token
apiRes, err := http.Post("https://www.googleapis.com/oauth2/v2/tokeninfo?access_token="+token.AccessToken, "application/json", nil)
defer apiRes.Body.Close()
if err != nil {
log.Println("Auth error", err)
return "", fmt.Errorf("Authentification error")
}
dec := json.NewDecoder(apiRes.Body)
var tokenInfo GoogleTokenInfo
err = dec.Decode(&tokenInfo)
if err != nil {
log.Println("Error reading google API response", err)
return "", fmt.Errorf("Error reading google API response")
}
var userEmail string
if tokenInfo.VerifiedEmail {
userEmail = tokenInfo.Email
}
log.Println("User email:", userEmail)
return userEmail, nil
}