Gitea oauth2 provider
This commit is contained in:
parent
23fec6721c
commit
6f379cc12c
@ -12,3 +12,7 @@ span.providericon {
|
||||
.googleicon {
|
||||
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAB1FBMVEUAAAD/AADsQzXrQzbqQzXpRDTqQzXqQjXqQzXqRDToRjbqQzXqQzXqQzXqRDXrRTHxRznqQzXpQzXqQzXpQzTjOTnrQTTqQzXqQzToRDPpQjfqQzXqQzXpQzbsRDjqQzXoRDfqQzXqQzXrQzXqRDXqQjXqQzbqQzXqQzXqQzTsQjn/rxDqRDTqQzXqRDXoRjr8vAX5sQrsTDHrQjT//wD7vAT7ugbvZif6vgX1jRjqQzX7vAT5sAo/jss9kb77uwRAieH6vQX6vQX6vAX6vQVBiOnkuA4/i9r6vAWstCQ1qVI3pFI9k7E+j8n4vAZvrT00qFM0p1M/jso+lLn8vAXkug1CqU00qFQ8lK45l6ffvxg3qFI0qFM9lqpBieU/jc00qFQzqFM1p09An2A0plk/jdA5lqwtpVo0qFM0qFM1qVQ1qFM1p1I0p1IzqVI1qFM1qFM+j8gzplM0qFNAi91Cl6o1qVM0qFM/jNQ7m602qFE0qFM1qFMxpVI0qVM0qFM0qFM0qFQktkk4p1A0qFM0qVM0qVMzo1IA/wA2p1M0qFIzqFIzp1QzqFI0p1PqQzX7vAVChfRChu9BhvA0qFNChfJBhfM1p1o9krs5mpQ3oHf////8WgVEAAAAj3RSTlMAATVylKafh24xIZXl5o8aEpD5940JJ9nWLUby8Tkp8Dje+rt8YF/7/pwbIOX2VhaV58xZAeP7xTfK63Kv47x8+6VgpGH+sfU1y+wcfd/7xv6d36SU6NJYYjEg5fdL/OePnx0IcPxQEdz7vX5gXXOl7tko8PgbRPH6OCbYzB+O+PaJByCT4+YZATRwpIZtMQ4TRwgAAAABYktHRJvv2FeEAAAAB3RJTUUH4QgKAjghFnOx6QAAAWBJREFUOMtjYCABMDIxs7CysXNwMmKV5uLm6YcCXj5+DGkBQaF+JCAsIooqLybejwYkJJHlpaTR5ftlZJHk5eQx5RWQ7VeEiiopq6iqqSiro+lnEIRIa2hqQf3DiqKfQVsHLK+rhxDSR/GBgaERSL8xrvAzMZ1gZq7Rr4kzgC0mAIGllRZOBdYgBRNsYFxbZGAHdgJYgT1MwURk4AAScQQrcMKqYBJIxBmswAWrgsmErHBFONINqwJ3kIgHSN7TyxvVbz5gBb7QgPLzD5gSiKogCKwgGMwOCQ2bMmVKQDiyfMRUkPy0SDAnKnoKCMQgqYiNAxsQD+UmgBVMCUhMgvCTU1LB8lPToArSMyAqpmRmZefk5uUXTJk+A6SgEG5iUfEUdDBz8sSSUoSdZeUYKmZVVCK7uqoaXUFNLaq/0+vqkaUbGpsw0kVzSytMui2hHWvS6ejsaulO7Ont6yAlywMAh+DsfszQdOIAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTctMDgtMTBUMDI6NTY6MzMrMDA6MDAy1cN5AAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE3LTA4LTEwVDAyOjU2OjMzKzAwOjAwQ4h7xQAAAABJRU5ErkJggg==);
|
||||
}
|
||||
|
||||
.giteaicon {
|
||||
background-image: url(./gitea.svg);
|
||||
}
|
||||
|
160
assets/css/gitea.svg
Normal file
160
assets/css/gitea.svg
Normal file
@ -0,0 +1,160 @@
|
||||
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
|
||||
<!-- Created with Inkscape (http://www.inkscape.org/) -->
|
||||
|
||||
<svg
|
||||
xmlns:dc="http://purl.org/dc/elements/1.1/"
|
||||
xmlns:cc="http://creativecommons.org/ns#"
|
||||
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
|
||||
xmlns:svg="http://www.w3.org/2000/svg"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
|
||||
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
|
||||
width="512"
|
||||
height="512"
|
||||
viewBox="0 0 135.46667 135.46667"
|
||||
version="1.1"
|
||||
id="svg8"
|
||||
sodipodi:docname="logo.svg"
|
||||
inkscape:version="0.92.1 r15371"
|
||||
inkscape:export-filename=""
|
||||
inkscape:export-xdpi="48.000004"
|
||||
inkscape:export-ydpi="48.000004">
|
||||
<defs
|
||||
id="defs2" />
|
||||
<sodipodi:namedview
|
||||
id="base"
|
||||
pagecolor="#ffffff"
|
||||
bordercolor="#666666"
|
||||
borderopacity="1.0"
|
||||
inkscape:pageopacity="0"
|
||||
inkscape:pageshadow="2"
|
||||
inkscape:zoom="0.70710678"
|
||||
inkscape:cx="418.13805"
|
||||
inkscape:cy="177.57445"
|
||||
inkscape:document-units="mm"
|
||||
inkscape:current-layer="layer2"
|
||||
showgrid="false"
|
||||
units="px"
|
||||
width="256px"
|
||||
showguides="false"
|
||||
inkscape:window-width="1920"
|
||||
inkscape:window-height="1137"
|
||||
inkscape:window-x="1912"
|
||||
inkscape:window-y="-8"
|
||||
inkscape:window-maximized="1"
|
||||
inkscape:pagecheckerboard="false"
|
||||
inkscape:measure-start="283.373,243.952"
|
||||
inkscape:measure-end="290.267,236.527">
|
||||
<sodipodi:guide
|
||||
position="0,0"
|
||||
orientation="0,512"
|
||||
id="guide3699"
|
||||
inkscape:locked="false" />
|
||||
<sodipodi:guide
|
||||
position="135.46667,0"
|
||||
orientation="-512,0"
|
||||
id="guide3701"
|
||||
inkscape:locked="false" />
|
||||
<sodipodi:guide
|
||||
position="135.46667,135.46667"
|
||||
orientation="0,-512"
|
||||
id="guide3703"
|
||||
inkscape:locked="false" />
|
||||
<sodipodi:guide
|
||||
position="0,135.46667"
|
||||
orientation="512,0"
|
||||
id="guide3705"
|
||||
inkscape:locked="false" />
|
||||
</sodipodi:namedview>
|
||||
<metadata
|
||||
id="metadata5">
|
||||
<rdf:RDF>
|
||||
<cc:Work
|
||||
rdf:about="">
|
||||
<dc:format>image/svg+xml</dc:format>
|
||||
<dc:type
|
||||
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
|
||||
<dc:title></dc:title>
|
||||
</cc:Work>
|
||||
</rdf:RDF>
|
||||
</metadata>
|
||||
<g
|
||||
inkscape:label="Layer 1"
|
||||
inkscape:groupmode="layer"
|
||||
id="layer1"
|
||||
transform="translate(0,-161.53334)"
|
||||
style="display:inline">
|
||||
<path
|
||||
style="fill:#609926;fill-opacity:1;stroke:#428f29;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;stroke-miterlimit:4;stroke-dasharray:none"
|
||||
d="m 27.709937,195.15095 c -9.546573,-0.0272 -22.3392732,6.79805 -21.6317552,23.90397 1.105534,26.72889 25.4565952,29.20839 35.1916502,29.42301 1.068023,5.01357 12.521798,22.30563 21.001818,23.21667 h 37.15277 c 22.27763,-1.66785 38.9607,-75.75671 26.59321,-76.03825 -46.781583,2.47691 -49.995146,2.13838 -88.599758,0 -2.495053,-0.0266 -5.972321,-0.49474 -9.707935,-0.5054 z m 2.491319,9.45886 c 1.351378,13.69267 3.555849,21.70359 8.018216,33.94345 -11.382872,-1.50473 -21.069822,-5.22443 -22.851515,-19.10984 -0.950962,-7.4112 2.390428,-15.16769 14.833299,-14.83361 z"
|
||||
id="path3722"
|
||||
inkscape:connector-curvature="0"
|
||||
sodipodi:nodetypes="sscccccsccsc" />
|
||||
</g>
|
||||
<g
|
||||
inkscape:groupmode="layer"
|
||||
id="layer2"
|
||||
inkscape:label="Layer 2"
|
||||
style="display:inline">
|
||||
<rect
|
||||
style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.24757317;stroke-opacity:1"
|
||||
id="rect4599"
|
||||
width="34.762054"
|
||||
height="34.762054"
|
||||
x="87.508659"
|
||||
y="18.291576"
|
||||
transform="rotate(25.914715)"
|
||||
ry="5.4825778" />
|
||||
<path
|
||||
style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.26644793px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
|
||||
d="m 79.804947,57.359056 3.241146,1.609954 V 35.255731 h -3.262698 z"
|
||||
id="path4525"
|
||||
inkscape:connector-curvature="0"
|
||||
sodipodi:nodetypes="ccccc" />
|
||||
</g>
|
||||
<g
|
||||
inkscape:groupmode="layer"
|
||||
id="layer3"
|
||||
inkscape:label="Layer 3"
|
||||
style="display:inline">
|
||||
<g
|
||||
style="display:inline"
|
||||
id="g4539">
|
||||
<circle
|
||||
transform="rotate(-19.796137)"
|
||||
r="3.4745038"
|
||||
cy="90.077766"
|
||||
cx="49.064713"
|
||||
id="path4606"
|
||||
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
|
||||
<circle
|
||||
transform="rotate(-19.796137)"
|
||||
r="3.4745038"
|
||||
cy="102.1049"
|
||||
cx="36.810425"
|
||||
id="path4606-3"
|
||||
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
|
||||
<circle
|
||||
transform="rotate(-19.796137)"
|
||||
r="3.4745038"
|
||||
cy="111.43928"
|
||||
cx="46.484283"
|
||||
id="path4606-1"
|
||||
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
|
||||
<rect
|
||||
transform="rotate(26.024158)"
|
||||
y="18.061695"
|
||||
x="97.333458"
|
||||
height="27.261492"
|
||||
width="2.6726954"
|
||||
id="rect4629-8"
|
||||
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.27444693;stroke-opacity:1" />
|
||||
<path
|
||||
sodipodi:nodetypes="cc"
|
||||
inkscape:connector-curvature="0"
|
||||
id="path4514"
|
||||
d="m 76.558096,68.116343 c 12.97589,6.395378 13.012989,4.101862 4.890858,20.907244"
|
||||
style="fill:none;stroke:#609926;stroke-width:2.68000007;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
|
||||
</g>
|
||||
</g>
|
||||
</svg>
|
After Width: | Height: | Size: 5.6 KiB |
@ -33,18 +33,28 @@ type LoginModel struct {
|
||||
|
||||
// NewLoginModel constructor for LoginModel
|
||||
func (app *Bouquins) NewLoginModel(req *http.Request) *LoginModel {
|
||||
// TODO filter configured providers
|
||||
return &LoginModel{*app.NewModel("Authentification", "provider", req), Providers}
|
||||
}
|
||||
|
||||
// OAuth2Provider allows to get a user from an OAuth2 token
|
||||
type OAuth2Provider interface {
|
||||
GetUser(token *oauth2.Token) (string, error)
|
||||
GetUser(app *Bouquins, token *oauth2.Token) (string, error)
|
||||
Config(conf *Conf) *oauth2.Config
|
||||
Name() string
|
||||
Label() string
|
||||
Icon() string
|
||||
}
|
||||
|
||||
func findProvider(name string) OAuth2Provider {
|
||||
for _, p := range Providers {
|
||||
if p.Name() == name {
|
||||
return p
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// generates a 16 characters long random string
|
||||
func securedRandString() string {
|
||||
b := make([]byte, 16)
|
||||
@ -123,7 +133,7 @@ func (app *Bouquins) CallbackPage(res http.ResponseWriter, req *http.Request) er
|
||||
if err != nil {
|
||||
return fmt.Errorf("Code exchange failed with '%s'", err)
|
||||
}
|
||||
userEmail, err := provider.GetUser(token)
|
||||
userEmail, err := provider.GetUser(app, token)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -85,6 +85,9 @@ type ProviderConf struct {
|
||||
Name string `json:"name"`
|
||||
ClientID string `json:"client-id"`
|
||||
ClientSecret string `json:"client-secret"`
|
||||
AuthURL string `json:"auth-url"`
|
||||
TokenURL string `json:"token-url"`
|
||||
ProfileURL string `json:"profile-url"`
|
||||
}
|
||||
|
||||
// Bouquins contains application common resources: templates, database
|
||||
|
94
bouquins/gitea.go
Normal file
94
bouquins/gitea.go
Normal file
@ -0,0 +1,94 @@
|
||||
package bouquins
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"golang.org/x/oauth2"
|
||||
)
|
||||
|
||||
// GithubProvider implements OAuth2 client with github.com
|
||||
type GiteaProvider string
|
||||
|
||||
type giteaProfile struct {
|
||||
AvatarURL string `json:"avatar_url"`
|
||||
Created string `json:"created"`
|
||||
Email string `json:"email"`
|
||||
FullName string `json:"full_name"`
|
||||
ID int64 `json:"id"`
|
||||
IsAdmin bool `json:"is_admin"`
|
||||
Language string `json:"language"`
|
||||
LastLogin string `json:"last_login"`
|
||||
Login string `json:"login"`
|
||||
}
|
||||
|
||||
func init() {
|
||||
Providers = append(Providers, GiteaProvider("gitea"))
|
||||
}
|
||||
|
||||
// Name returns name of provider
|
||||
func (p GiteaProvider) Name() string {
|
||||
return string(p)
|
||||
}
|
||||
|
||||
// Label returns label of provider
|
||||
func (p GiteaProvider) Label() string {
|
||||
return "Gitea"
|
||||
}
|
||||
|
||||
// ProfileURL returns redirect URL for oauth2 auth
|
||||
func (p GiteaProvider) ProfileURL(conf *Conf) string {
|
||||
for _, c := range conf.ProvidersConf {
|
||||
if c.Name == p.Name() {
|
||||
return c.ProfileURL
|
||||
}
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// Icon returns icon CSS class for provider
|
||||
func (p GiteaProvider) Icon() string {
|
||||
return "giteaicon"
|
||||
}
|
||||
|
||||
// Config returns OAuth configuration for this provider
|
||||
func (p GiteaProvider) Config(conf *Conf) *oauth2.Config {
|
||||
for _, c := range conf.ProvidersConf {
|
||||
if c.Name == p.Name() {
|
||||
return &oauth2.Config{
|
||||
ClientID: c.ClientID,
|
||||
ClientSecret: c.ClientSecret,
|
||||
RedirectURL: conf.ExternalURL + "/callback",
|
||||
Endpoint: oauth2.Endpoint{c.AuthURL, c.TokenURL, oauth2.AuthStyleAutoDetect},
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// GetUser returns github primary email
|
||||
func (p GiteaProvider) GetUser(app *Bouquins, token *oauth2.Token) (string, error) {
|
||||
apiReq, err := http.NewRequest("GET", p.ProfileURL(app.Conf), nil)
|
||||
apiReq.Header.Add("Accept", "application/json")
|
||||
apiReq.Header.Add("Authorization", "token "+token.AccessToken)
|
||||
client := &http.Client{}
|
||||
response, err := client.Do(apiReq)
|
||||
defer response.Body.Close()
|
||||
if err != nil {
|
||||
log.Println("Auth error", err)
|
||||
return "", fmt.Errorf("Authentification error")
|
||||
}
|
||||
|
||||
dec := json.NewDecoder(response.Body)
|
||||
var profile giteaProfile
|
||||
err = dec.Decode(&profile)
|
||||
if err != nil {
|
||||
log.Printf("Error reading %s API response %v", p.Name(), err)
|
||||
return "", fmt.Errorf("Error reading %s API response", p.Name())
|
||||
}
|
||||
userEmail := profile.Email
|
||||
log.Println("User email:", userEmail)
|
||||
return userEmail, nil
|
||||
}
|
@ -55,7 +55,7 @@ func (p GithubProvider) Config(conf *Conf) *oauth2.Config {
|
||||
}
|
||||
|
||||
// GetUser returns github primary email
|
||||
func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
func (p GithubProvider) GetUser(app *Bouquins, token *oauth2.Token) (string, error) {
|
||||
apiReq, err := http.NewRequest("GET", "https://api.github.com/user/emails", nil)
|
||||
apiReq.Header.Add("Accept", "application/vnd.github.v3+json")
|
||||
apiReq.Header.Add("Authorization", "token "+token.AccessToken)
|
||||
@ -83,12 +83,3 @@ func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
log.Println("User email:", userEmail)
|
||||
return userEmail, nil
|
||||
}
|
||||
|
||||
func findProvider(name string) OAuth2Provider {
|
||||
for _, p := range Providers {
|
||||
if p.Name() == name {
|
||||
return p
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
@ -60,7 +60,7 @@ func (p GoogleProvider) Config(conf *Conf) *oauth2.Config {
|
||||
}
|
||||
|
||||
// GetUser returns github primary email
|
||||
func (p GoogleProvider) GetUser(token *oauth2.Token) (string, error) {
|
||||
func (p GoogleProvider) GetUser(app *Bouquins, token *oauth2.Token) (string, error) {
|
||||
apiRes, err := http.Post("https://www.googleapis.com/oauth2/v2/tokeninfo?access_token="+token.AccessToken, "application/json", nil)
|
||||
defer apiRes.Body.Close()
|
||||
if err != nil {
|
||||
|
Loading…
Reference in New Issue
Block a user