meutel/go-bouquins
1
0
Fork 0
Code Issues Pull Requests Releases 4 Activity

Compare commits

base: meutel:6eba2b1879939d920f073a92389ef60d25288e66
Branches Tags
meutel:master
meutel:0.1.8
meutel:0.1.6
meutel:0.1.4
meutel:0.1.5
meutel:0.1.3
meutel:v0.1.3
meutel:v0.1.2
meutel:v0.1.1
meutel:v0.1.0
meutel:v0.0.0
..
compare: meutel:54bf239e3807c1cd30d1da97e38773a604442d28
Branches Tags
meutel:master
meutel:0.1.8
meutel:0.1.6
meutel:0.1.4
meutel:0.1.5
meutel:0.1.3
meutel:v0.1.3
meutel:v0.1.2
meutel:v0.1.1
meutel:v0.1.0
meutel:v0.0.0

No commits in common. "6eba2b1879939d920f073a92389ef60d25288e66" and "54bf239e3807c1cd30d1da97e38773a604442d28" have entirely different histories.
6eba2b1879 ... 54bf239e38

6 changed files with 27 additions and 137 deletions
Show Stats Expand all files Collapse all files

19
bouquins/auth.go
View File

@ -25,24 +25,10 @@ var (
Providers []OAuth2Provider Providers []OAuth2Provider
) )
// LoginModel is login page model
type LoginModel struct {
Model
Providers []OAuth2Provider
}
// NewLoginModel constructor for LoginModel
func (app *Bouquins) NewLoginModel(req *http.Request) *LoginModel {
return &LoginModel{*app.NewModel("Authentification", "provider", req), Providers}
}
// OAuth2Provider allows to get a user from an OAuth2 token // OAuth2Provider allows to get a user from an OAuth2 token
type OAuth2Provider interface { type OAuth2Provider interface {
GetUser(token *oauth2.Token) (string, error) GetUser(token *oauth2.Token) (string, error)
Config(conf *BouquinsConf) *oauth2.Config
Name() string Name() string
Label() string
Icon() string
} }
// generates a 16 characters long random string // generates a 16 characters long random string
@ -85,12 +71,11 @@ func (app *Bouquins) LoginPage(res http.ResponseWriter, req *http.Request) error
state := securedRandString() state := securedRandString()
app.SessionSet(sessionOAuthState, state, res, req) app.SessionSet(sessionOAuthState, state, res, req)
url := oauth.AuthCodeURL(state) url := oauth.AuthCodeURL(state)
log.Println("OAuth redirect", url)
http.Redirect(res, req, url, http.StatusTemporaryRedirect) http.Redirect(res, req, url, http.StatusTemporaryRedirect)
return nil return nil
} }
// choose provider // choose provider
return app.render(res, tplProvider, app.NewLoginModel(req)) return app.render(res, tplProvider, app.NewModel("Authentification", "provider", req))
} }
// LogoutPage logout connected user // LogoutPage logout connected user
@ -128,7 +113,7 @@ func (app *Bouquins) CallbackPage(res http.ResponseWriter, req *http.Request) er
return err return err
} }
// FIXME list allowed users // FIXME list allowed users
if userEmail == "meutel@gmail.com" || userEmail == "meutel+github@meutel.net" { if userEmail == "meutel+github@meutel.net" {
app.SessionSet(sessionUser, "Meutel", res, req) app.SessionSet(sessionUser, "Meutel", res, req)
log.Println("User logged in", userEmail) log.Println("User logged in", userEmail)
return RedirectHome(res, req) return RedirectHome(res, req)

10
bouquins/bouquins.go
View File

@ -65,14 +65,6 @@ const (
URLCalibre = "/calibre/" URLCalibre = "/calibre/"
) )
// BouquinsConf App configuration
type BouquinsConf struct {
BindAddress string `json:"bind-address"`
DbPath string `json:"db-path"`
CalibrePath string `json:"calibre-path"`
Prod bool `json:"prod"`
}
// Bouquins contains application common resources: templates, database // Bouquins contains application common resources: templates, database
type Bouquins struct { type Bouquins struct {
Tpl *template.Template Tpl *template.Template
@ -165,7 +157,7 @@ type Model struct {
Username string Username string
} }
// NewModel constructor for Model // NewModel constuctor for Model
func (app *Bouquins) NewModel(title, page string, req *http.Request) *Model { func (app *Bouquins) NewModel(title, page string, req *http.Request) *Model {
return &Model{ return &Model{
Title: title, Title: title,

26
bouquins/github.go
View File

@ -7,13 +7,12 @@ import (
"net/http" "net/http"
"golang.org/x/oauth2" "golang.org/x/oauth2"
"golang.org/x/oauth2/github"
) )
// GithubProvider implements OAuth2 client with github.com // GithubProvider implements OAuth2 client with github.com
type GithubProvider string type GithubProvider string
type githubEmail struct { type gitHubEmail struct {
Email string `json:"email"` Email string `json:"email"`
Primary bool `json:"primary"` Primary bool `json:"primary"`
Verified bool `json:"verified"` Verified bool `json:"verified"`
@ -29,26 +28,6 @@ func (p GithubProvider) Name() string {
return string(p) return string(p)
} }
// Label returns label of provider
func (p GithubProvider) Label() string {
return "Github"
}
// Icon returns icon path for provider
func (p GithubProvider) Icon() string {
return "" // TODO
}
func (p GithubProvider) Config(conf *BouquinsConf) *oauth2.Config {
// FIXME client ID and secret in conf file
return &oauth2.Config{
ClientID: "8b0aedf07828f06918a0",
ClientSecret: "eb26ec9c986fc28bd169bdddf169b794861e0d65",
Scopes: []string{"user:email"},
Endpoint: github.Endpoint,
}
}
// GetUser returns github primary email // GetUser returns github primary email
func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) { func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
apiReq, err := http.NewRequest("GET", "https://api.github.com/user/emails", nil) apiReq, err := http.NewRequest("GET", "https://api.github.com/user/emails", nil)
@ -63,12 +42,13 @@ func (p GithubProvider) GetUser(token *oauth2.Token) (string, error) {
} }
dec := json.NewDecoder(response.Body) dec := json.NewDecoder(response.Body)
var emails []githubEmail var emails []gitHubEmail
err = dec.Decode(&emails) err = dec.Decode(&emails)
if err != nil { if err != nil {
log.Println("Error reading github API response", err) log.Println("Error reading github API response", err)
return "", fmt.Errorf("Error reading github API response") return "", fmt.Errorf("Error reading github API response")
} }
fmt.Printf("Content: %s\n", emails)
var userEmail string var userEmail string
for _, email := range emails { for _, email := range emails {
if email.Primary && email.Verified { if email.Primary && email.Verified {

79
bouquins/google.go
View File

@ -1,79 +0,0 @@
package bouquins
import (
"encoding/json"
"fmt"
"log"
"net/http"
"golang.org/x/oauth2"
"golang.org/x/oauth2/google"
)
// GoogleProvider implements OAuth2 client with google account
type GoogleProvider string
type GoogleTokenInfo struct {
IssuedTo string `json:"issued_to"`
Audience string `json:"audience"`
UserId string `json:"user_id"`
Scope string `json:"scope"`
ExpiresIn int64 `json:"expires_in"`
Email string `json:"email"`
VerifiedEmail bool `json:"verified_email"`
AccessType string `json:"access_type"`
}
func init() {
Providers = append(Providers, GoogleProvider("google"))
}
// Name returns name of provider
func (p GoogleProvider) Name() string {
return string(p)
}
// Label returns label of provider
func (p GoogleProvider) Label() string {
return "Google"
}
// Icon returns icon path for provider
func (p GoogleProvider) Icon() string {
return "" // TODO
}
func (p GoogleProvider) Config(conf *BouquinsConf) *oauth2.Config {
// FIXME client ID and secret in conf file
return &oauth2.Config{
ClientID: "51149464161-8mu7ohfujn655p0qas5uj1echn36m9uu.apps.googleusercontent.com",
ClientSecret: "5IWFxm_9NoWb5hfGt6Wj1oSV",
Scopes: []string{"https://www.googleapis.com/auth/userinfo.email"},
Endpoint: google.Endpoint,
RedirectURL: "http://localhost:9000" + URLCallback, // FIXME
}
}
// GetUser returns github primary email
func (p GoogleProvider) GetUser(token *oauth2.Token) (string, error) {
// POST https://www.googleapis.com/oauth2/v2/tokeninfo access_token
apiRes, err := http.Post("https://www.googleapis.com/oauth2/v2/tokeninfo?access_token="+token.AccessToken, "application/json", nil)
defer apiRes.Body.Close()
if err != nil {
log.Println("Auth error", err)
return "", fmt.Errorf("Authentification error")
}
dec := json.NewDecoder(apiRes.Body)
var tokenInfo GoogleTokenInfo
err = dec.Decode(&tokenInfo)
if err != nil {
log.Println("Error reading google API response", err)
return "", fmt.Errorf("Error reading google API response")
}
var userEmail string
if tokenInfo.VerifiedEmail {
userEmail = tokenInfo.Email
}
log.Println("User email:", userEmail)
return userEmail, nil
}

24
main.go
View File

@ -8,6 +8,7 @@ import (
"os" "os"
"golang.org/x/oauth2" "golang.org/x/oauth2"
"golang.org/x/oauth2/github"
"github.com/gorilla/sessions" "github.com/gorilla/sessions"
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
@ -15,11 +16,19 @@ import (
"meutel.net/meutel/go-bouquins/bouquins" "meutel.net/meutel/go-bouquins/bouquins"
) )
// BouquinsConf App configuration
type BouquinsConf struct {
BindAddress string `json:"bind-address"`
DbPath string `json:"db-path"`
CalibrePath string `json:"calibre-path"`
Prod bool `json:"prod"`
}
var db *sql.DB var db *sql.DB
// ReadConfig loads configuration file and initialize default value // ReadConfig loads configuration file and initialize default value
func ReadConfig() (*bouquins.BouquinsConf, error) { func ReadConfig() (*BouquinsConf, error) {
conf := new(bouquins.BouquinsConf) conf := new(BouquinsConf)
confPath := "bouquins.json" confPath := "bouquins.json"
if len(os.Args) > 1 { if len(os.Args) > 1 {
confPath = os.Args[1] confPath = os.Args[1]
@ -45,7 +54,7 @@ func ReadConfig() (*bouquins.BouquinsConf, error) {
return conf, err return conf, err
} }
func initApp() *bouquins.BouquinsConf { func initApp() *BouquinsConf {
log.SetFlags(log.LstdFlags | log.Lshortfile) log.SetFlags(log.LstdFlags | log.Lshortfile)
conf, err := ReadConfig() conf, err := ReadConfig()
if err != nil { if err != nil {
@ -61,10 +70,15 @@ func initApp() *bouquins.BouquinsConf {
log.Fatalln(err) log.Fatalln(err)
} }
// TODO conf by provider, client ID and secret in conf file
oauthConf := make(map[string]*oauth2.Config) oauthConf := make(map[string]*oauth2.Config)
for _, provider := range bouquins.Providers { oauthConf["github"] = &oauth2.Config{
oauthConf[provider.Name()] = provider.Config(conf) ClientID: "8b0aedf07828f06918a0",
ClientSecret: "eb26ec9c986fc28bd169bdddf169b794861e0d65",
Scopes: []string{"user:email"},
Endpoint: github.Endpoint,
} }
// FIXME constructor, conf cookies secret // FIXME constructor, conf cookies secret
app := &bouquins.Bouquins{Tpl: tpl, DB: db, OAuthConf: oauthConf, Cookies: sessions.NewCookieStore([]byte("flQ6QzM/c3Jtdl9ycDx6OXRIfFgK"))} app := &bouquins.Bouquins{Tpl: tpl, DB: db, OAuthConf: oauthConf, Cookies: sessions.NewCookieStore([]byte("flQ6QzM/c3Jtdl9ycDx6OXRIfFgK"))}
err = app.PrepareAll() err = app.PrepareAll()

6
templates/provider.html
View File

@ -2,10 +2,8 @@
<div class="container" id="provider"> <div class="container" id="provider">
<p>Veuillez sélectionner un mode d'authentification:<p> <p>Veuillez sélectionner un mode d'authentification:<p>
<ul> <ul>
{{ range .Providers }} <!-- TODO list providers, icon -->
<!-- TODO icon --> <li><a href="/login?provider=github">Github</a></li>
<li><a href="/login?provider={{ .Name }}">{{ .Label }}</a></li>
{{ end }}
</ul> </ul>
</div> </div>
{{ template "footer.html" . }} {{ template "footer.html" . }}