Merge branch 'feature/auth_gitea' of meutel/go-bouquins into master

This commit is contained in:
Meutel 2019-09-08 09:33:24 +00:00 committed by Gitea
commit 7f8165e72b
7 changed files with 283 additions and 14 deletions

View File

@ -12,3 +12,7 @@ span.providericon {
.googleicon { .googleicon {
background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAB1FBMVEUAAAD/AADsQzXrQzbqQzXpRDTqQzXqQjXqQzXqRDToRjbqQzXqQzXqQzXqRDXrRTHxRznqQzXpQzXqQzXpQzTjOTnrQTTqQzXqQzToRDPpQjfqQzXqQzXpQzbsRDjqQzXoRDfqQzXqQzXrQzXqRDXqQjXqQzbqQzXqQzXqQzTsQjn/rxDqRDTqQzXqRDXoRjr8vAX5sQrsTDHrQjT//wD7vAT7ugbvZif6vgX1jRjqQzX7vAT5sAo/jss9kb77uwRAieH6vQX6vQX6vAX6vQVBiOnkuA4/i9r6vAWstCQ1qVI3pFI9k7E+j8n4vAZvrT00qFM0p1M/jso+lLn8vAXkug1CqU00qFQ8lK45l6ffvxg3qFI0qFM9lqpBieU/jc00qFQzqFM1p09An2A0plk/jdA5lqwtpVo0qFM0qFM1qVQ1qFM1p1I0p1IzqVI1qFM1qFM+j8gzplM0qFNAi91Cl6o1qVM0qFM/jNQ7m602qFE0qFM1qFMxpVI0qVM0qFM0qFM0qFQktkk4p1A0qFM0qVM0qVMzo1IA/wA2p1M0qFIzqFIzp1QzqFI0p1PqQzX7vAVChfRChu9BhvA0qFNChfJBhfM1p1o9krs5mpQ3oHf////8WgVEAAAAj3RSTlMAATVylKafh24xIZXl5o8aEpD5940JJ9nWLUby8Tkp8Dje+rt8YF/7/pwbIOX2VhaV58xZAeP7xTfK63Kv47x8+6VgpGH+sfU1y+wcfd/7xv6d36SU6NJYYjEg5fdL/OePnx0IcPxQEdz7vX5gXXOl7tko8PgbRPH6OCbYzB+O+PaJByCT4+YZATRwpIZtMQ4TRwgAAAABYktHRJvv2FeEAAAAB3RJTUUH4QgKAjghFnOx6QAAAWBJREFUOMtjYCABMDIxs7CysXNwMmKV5uLm6YcCXj5+DGkBQaF+JCAsIooqLybejwYkJJHlpaTR5ftlZJHk5eQx5RWQ7VeEiiopq6iqqSiro+lnEIRIa2hqQf3DiqKfQVsHLK+rhxDSR/GBgaERSL8xrvAzMZ1gZq7Rr4kzgC0mAIGllRZOBdYgBRNsYFxbZGAHdgJYgT1MwURk4AAScQQrcMKqYBJIxBmswAWrgsmErHBFONINqwJ3kIgHSN7TyxvVbz5gBb7QgPLzD5gSiKogCKwgGMwOCQ2bMmVKQDiyfMRUkPy0SDAnKnoKCMQgqYiNAxsQD+UmgBVMCUhMgvCTU1LB8lPToArSMyAqpmRmZefk5uUXTJk+A6SgEG5iUfEUdDBz8sSSUoSdZeUYKmZVVCK7uqoaXUFNLaq/0+vqkaUbGpsw0kVzSytMui2hHWvS6ejsaulO7Ont6yAlywMAh+DsfszQdOIAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTctMDgtMTBUMDI6NTY6MzMrMDA6MDAy1cN5AAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE3LTA4LTEwVDAyOjU2OjMzKzAwOjAwQ4h7xQAAAABJRU5ErkJggg==); background-image: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAMAAABEpIrGAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAB1FBMVEUAAAD/AADsQzXrQzbqQzXpRDTqQzXqQjXqQzXqRDToRjbqQzXqQzXqQzXqRDXrRTHxRznqQzXpQzXqQzXpQzTjOTnrQTTqQzXqQzToRDPpQjfqQzXqQzXpQzbsRDjqQzXoRDfqQzXqQzXrQzXqRDXqQjXqQzbqQzXqQzXqQzTsQjn/rxDqRDTqQzXqRDXoRjr8vAX5sQrsTDHrQjT//wD7vAT7ugbvZif6vgX1jRjqQzX7vAT5sAo/jss9kb77uwRAieH6vQX6vQX6vAX6vQVBiOnkuA4/i9r6vAWstCQ1qVI3pFI9k7E+j8n4vAZvrT00qFM0p1M/jso+lLn8vAXkug1CqU00qFQ8lK45l6ffvxg3qFI0qFM9lqpBieU/jc00qFQzqFM1p09An2A0plk/jdA5lqwtpVo0qFM0qFM1qVQ1qFM1p1I0p1IzqVI1qFM1qFM+j8gzplM0qFNAi91Cl6o1qVM0qFM/jNQ7m602qFE0qFM1qFMxpVI0qVM0qFM0qFM0qFQktkk4p1A0qFM0qVM0qVMzo1IA/wA2p1M0qFIzqFIzp1QzqFI0p1PqQzX7vAVChfRChu9BhvA0qFNChfJBhfM1p1o9krs5mpQ3oHf////8WgVEAAAAj3RSTlMAATVylKafh24xIZXl5o8aEpD5940JJ9nWLUby8Tkp8Dje+rt8YF/7/pwbIOX2VhaV58xZAeP7xTfK63Kv47x8+6VgpGH+sfU1y+wcfd/7xv6d36SU6NJYYjEg5fdL/OePnx0IcPxQEdz7vX5gXXOl7tko8PgbRPH6OCbYzB+O+PaJByCT4+YZATRwpIZtMQ4TRwgAAAABYktHRJvv2FeEAAAAB3RJTUUH4QgKAjghFnOx6QAAAWBJREFUOMtjYCABMDIxs7CysXNwMmKV5uLm6YcCXj5+DGkBQaF+JCAsIooqLybejwYkJJHlpaTR5ftlZJHk5eQx5RWQ7VeEiiopq6iqqSiro+lnEIRIa2hqQf3DiqKfQVsHLK+rhxDSR/GBgaERSL8xrvAzMZ1gZq7Rr4kzgC0mAIGllRZOBdYgBRNsYFxbZGAHdgJYgT1MwURk4AAScQQrcMKqYBJIxBmswAWrgsmErHBFONINqwJ3kIgHSN7TyxvVbz5gBb7QgPLzD5gSiKogCKwgGMwOCQ2bMmVKQDiyfMRUkPy0SDAnKnoKCMQgqYiNAxsQD+UmgBVMCUhMgvCTU1LB8lPToArSMyAqpmRmZefk5uUXTJk+A6SgEG5iUfEUdDBz8sSSUoSdZeUYKmZVVCK7uqoaXUFNLaq/0+vqkaUbGpsw0kVzSytMui2hHWvS6ejsaulO7Ont6yAlywMAh+DsfszQdOIAAAAldEVYdGRhdGU6Y3JlYXRlADIwMTctMDgtMTBUMDI6NTY6MzMrMDA6MDAy1cN5AAAAJXRFWHRkYXRlOm1vZGlmeQAyMDE3LTA4LTEwVDAyOjU2OjMzKzAwOjAwQ4h7xQAAAABJRU5ErkJggg==);
} }
.giteaicon {
background-image: url(./gitea.svg);
}

160
assets/css/gitea.svg Normal file
View File

@ -0,0 +1,160 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="512"
height="512"
viewBox="0 0 135.46667 135.46667"
version="1.1"
id="svg8"
sodipodi:docname="logo.svg"
inkscape:version="0.92.1 r15371"
inkscape:export-filename=""
inkscape:export-xdpi="48.000004"
inkscape:export-ydpi="48.000004">
<defs
id="defs2" />
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
inkscape:pageopacity="0"
inkscape:pageshadow="2"
inkscape:zoom="0.70710678"
inkscape:cx="418.13805"
inkscape:cy="177.57445"
inkscape:document-units="mm"
inkscape:current-layer="layer2"
showgrid="false"
units="px"
width="256px"
showguides="false"
inkscape:window-width="1920"
inkscape:window-height="1137"
inkscape:window-x="1912"
inkscape:window-y="-8"
inkscape:window-maximized="1"
inkscape:pagecheckerboard="false"
inkscape:measure-start="283.373,243.952"
inkscape:measure-end="290.267,236.527">
<sodipodi:guide
position="0,0"
orientation="0,512"
id="guide3699"
inkscape:locked="false" />
<sodipodi:guide
position="135.46667,0"
orientation="-512,0"
id="guide3701"
inkscape:locked="false" />
<sodipodi:guide
position="135.46667,135.46667"
orientation="0,-512"
id="guide3703"
inkscape:locked="false" />
<sodipodi:guide
position="0,135.46667"
orientation="512,0"
id="guide3705"
inkscape:locked="false" />
</sodipodi:namedview>
<metadata
id="metadata5">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title>
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1"
transform="translate(0,-161.53334)"
style="display:inline">
<path
style="fill:#609926;fill-opacity:1;stroke:#428f29;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;stroke-miterlimit:4;stroke-dasharray:none"
d="m 27.709937,195.15095 c -9.546573,-0.0272 -22.3392732,6.79805 -21.6317552,23.90397 1.105534,26.72889 25.4565952,29.20839 35.1916502,29.42301 1.068023,5.01357 12.521798,22.30563 21.001818,23.21667 h 37.15277 c 22.27763,-1.66785 38.9607,-75.75671 26.59321,-76.03825 -46.781583,2.47691 -49.995146,2.13838 -88.599758,0 -2.495053,-0.0266 -5.972321,-0.49474 -9.707935,-0.5054 z m 2.491319,9.45886 c 1.351378,13.69267 3.555849,21.70359 8.018216,33.94345 -11.382872,-1.50473 -21.069822,-5.22443 -22.851515,-19.10984 -0.950962,-7.4112 2.390428,-15.16769 14.833299,-14.83361 z"
id="path3722"
inkscape:connector-curvature="0"
sodipodi:nodetypes="sscccccsccsc" />
</g>
<g
inkscape:groupmode="layer"
id="layer2"
inkscape:label="Layer 2"
style="display:inline">
<rect
style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.24757317;stroke-opacity:1"
id="rect4599"
width="34.762054"
height="34.762054"
x="87.508659"
y="18.291576"
transform="rotate(25.914715)"
ry="5.4825778" />
<path
style="display:inline;fill:#ffffff;fill-opacity:1;stroke:none;stroke-width:0.26644793px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
d="m 79.804947,57.359056 3.241146,1.609954 V 35.255731 h -3.262698 z"
id="path4525"
inkscape:connector-curvature="0"
sodipodi:nodetypes="ccccc" />
</g>
<g
inkscape:groupmode="layer"
id="layer3"
inkscape:label="Layer 3"
style="display:inline">
<g
style="display:inline"
id="g4539">
<circle
transform="rotate(-19.796137)"
r="3.4745038"
cy="90.077766"
cx="49.064713"
id="path4606"
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
<circle
transform="rotate(-19.796137)"
r="3.4745038"
cy="102.1049"
cx="36.810425"
id="path4606-3"
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
<circle
transform="rotate(-19.796137)"
r="3.4745038"
cy="111.43928"
cx="46.484283"
id="path4606-1"
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.26458332;stroke-opacity:1" />
<rect
transform="rotate(26.024158)"
y="18.061695"
x="97.333458"
height="27.261492"
width="2.6726954"
id="rect4629-8"
style="fill:#609926;fill-opacity:1;stroke:none;stroke-width:0.27444693;stroke-opacity:1" />
<path
sodipodi:nodetypes="cc"
inkscape:connector-curvature="0"
id="path4514"
d="m 76.558096,68.116343 c 12.97589,6.395378 13.012989,4.101862 4.890858,20.907244"
style="fill:none;stroke:#609926;stroke-width:2.68000007;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
</g>
</g>
</svg>

After

Width:  |  Height:  |  Size: 5.6 KiB

View File

@ -33,18 +33,35 @@ type LoginModel struct {
// NewLoginModel constructor for LoginModel // NewLoginModel constructor for LoginModel
func (app *Bouquins) NewLoginModel(req *http.Request) *LoginModel { func (app *Bouquins) NewLoginModel(req *http.Request) *LoginModel {
return &LoginModel{*app.NewModel("Authentification", "provider", req), Providers} var configured []OAuth2Provider
for _, p := range Providers {
for _, provConf := range app.Conf.ProvidersConf {
if provConf.Name == p.Name() {
configured = append(configured, p)
}
}
}
return &LoginModel{*app.NewModel("Authentification", "provider", req), configured}
} }
// OAuth2Provider allows to get a user from an OAuth2 token // OAuth2Provider allows to get a user from an OAuth2 token
type OAuth2Provider interface { type OAuth2Provider interface {
GetUser(token *oauth2.Token) (string, error) GetUser(app *Bouquins, token *oauth2.Token) (string, error)
Config(conf *Conf) *oauth2.Config Config(conf *Conf) *oauth2.Config
Name() string Name() string
Label() string Label() string
Icon() string Icon() string
} }
func findProvider(name string) OAuth2Provider {
for _, p := range Providers {
if p.Name() == name {
return p
}
}
return nil
}
// generates a 16 characters long random string // generates a 16 characters long random string
func securedRandString() string { func securedRandString() string {
b := make([]byte, 16) b := make([]byte, 16)
@ -123,7 +140,7 @@ func (app *Bouquins) CallbackPage(res http.ResponseWriter, req *http.Request) er
if err != nil { if err != nil {
return fmt.Errorf("Code exchange failed with '%s'", err) return fmt.Errorf("Code exchange failed with '%s'", err)
} }
userEmail, err := provider.GetUser(token) userEmail, err := provider.GetUser(app, token)
if err != nil { if err != nil {
return err return err
} }

View File

@ -85,6 +85,9 @@ type ProviderConf struct {
Name string `json:"name"` Name string `json:"name"`
ClientID string `json:"client-id"` ClientID string `json:"client-id"`
ClientSecret string `json:"client-secret"` ClientSecret string `json:"client-secret"`
AuthURL string `json:"auth-url"`
TokenURL string `json:"token-url"`
ProfileURL string `json:"profile-url"`
} }
// Bouquins contains application common resources: templates, database // Bouquins contains application common resources: templates, database

94
bouquins/gitea.go Normal file
View File

@ -0,0 +1,94 @@
package bouquins
import (
"encoding/json"
"fmt"
"log"
"net/http"
"golang.org/x/oauth2"
)
// GithubProvider implements OAuth2 client with github.com
type GiteaProvider string
type giteaProfile struct {
AvatarURL string `json:"avatar_url"`
Created string `json:"created"`
Email string `json:"email"`
FullName string `json:"full_name"`
ID int64 `json:"id"`
IsAdmin bool `json:"is_admin"`
Language string `json:"language"`
LastLogin string `json:"last_login"`
Login string `json:"login"`
}
func init() {
Providers = append(Providers, GiteaProvider("gitea"))
}
// Name returns name of provider
func (p GiteaProvider) Name() string {
return string(p)
}
// Label returns label of provider
func (p GiteaProvider) Label() string {
return "Gitea"
}
// ProfileURL returns redirect URL for oauth2 auth
func (p GiteaProvider) ProfileURL(conf *Conf) string {
for _, c := range conf.ProvidersConf {
if c.Name == p.Name() {
return c.ProfileURL
}
}
return ""
}
// Icon returns icon CSS class for provider
func (p GiteaProvider) Icon() string {
return "giteaicon"
}
// Config returns OAuth configuration for this provider
func (p GiteaProvider) Config(conf *Conf) *oauth2.Config {
for _, c := range conf.ProvidersConf {
if c.Name == p.Name() {
return &oauth2.Config{
ClientID: c.ClientID,
ClientSecret: c.ClientSecret,
RedirectURL: conf.ExternalURL + "/callback",
Endpoint: oauth2.Endpoint{c.AuthURL, c.TokenURL, oauth2.AuthStyleAutoDetect},
}
}
}
return nil
}
// GetUser returns github primary email
func (p GiteaProvider) GetUser(app *Bouquins, token *oauth2.Token) (string, error) {
apiReq, err := http.NewRequest("GET", p.ProfileURL(app.Conf), nil)
apiReq.Header.Add("Accept", "application/json")
apiReq.Header.Add("Authorization", "token "+token.AccessToken)
client := &http.Client{}
response, err := client.Do(apiReq)
defer response.Body.Close()
if err != nil {
log.Println("Auth error", err)
return "", fmt.Errorf("Authentification error")
}
dec := json.NewDecoder(response.Body)
var profile giteaProfile
err = dec.Decode(&profile)
if err != nil {
log.Printf("Error reading %s API response %v", p.Name(), err)
return "", fmt.Errorf("Error reading %s API response", p.Name())
}
userEmail := profile.Email
log.Println("User email:", userEmail)
return userEmail, nil
}

View File

@ -55,7 +55,7 @@ func (p GithubProvider) Config(conf *Conf) *oauth2.Config {
} }
// GetUser returns github primary email // GetUser returns github primary email
func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) { func (p GithubProvider) GetUser(app *Bouquins, token *oauth2.Token) (string, error) {
apiReq, err := http.NewRequest("GET", "https://api.github.com/user/emails", nil) apiReq, err := http.NewRequest("GET", "https://api.github.com/user/emails", nil)
apiReq.Header.Add("Accept", "application/vnd.github.v3+json") apiReq.Header.Add("Accept", "application/vnd.github.v3+json")
apiReq.Header.Add("Authorization", "token "+token.AccessToken) apiReq.Header.Add("Authorization", "token "+token.AccessToken)
@ -83,12 +83,3 @@ func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
log.Println("User email:", userEmail) log.Println("User email:", userEmail)
return userEmail, nil return userEmail, nil
} }
func findProvider(name string) OAuth2Provider {
for _, p := range Providers {
if p.Name() == name {
return p
}
}
return nil
}

View File

@ -60,7 +60,7 @@ func (p GoogleProvider) Config(conf *Conf) *oauth2.Config {
} }
// GetUser returns github primary email // GetUser returns github primary email
func (p GoogleProvider) GetUser(token *oauth2.Token) (string, error) { func (p GoogleProvider) GetUser(app *Bouquins, token *oauth2.Token) (string, error) {
apiRes, err := http.Post("https://www.googleapis.com/oauth2/v2/tokeninfo?access_token="+token.AccessToken, "application/json", nil) apiRes, err := http.Post("https://www.googleapis.com/oauth2/v2/tokeninfo?access_token="+token.AccessToken, "application/json", nil)
defer apiRes.Body.Close() defer apiRes.Body.Close()
if err != nil { if err != nil {