forkjo/models/oauth2.go

// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package models

import (
	"sort"

	"code.gitea.io/gitea/modules/auth/oauth2"
)

// OAuth2Provider describes the display values of a single OAuth2 provider
type OAuth2Provider struct {
	Name             string
	DisplayName      string
	Image            string
	CustomURLMapping *oauth2.CustomURLMapping
}

// OAuth2Providers contains the map of registered OAuth2 providers in Gitea (based on goth)
// key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider)
// value is used to store display data
var OAuth2Providers = map[string]OAuth2Provider{
	"bitbucket": {Name: "bitbucket", DisplayName: "Bitbucket", Image: "/img/auth/bitbucket.png"},
	"dropbox":   {Name: "dropbox", DisplayName: "Dropbox", Image: "/img/auth/dropbox.png"},
	"facebook":  {Name: "facebook", DisplayName: "Facebook", Image: "/img/auth/facebook.png"},
	"github": {Name: "github", DisplayName: "GitHub", Image: "/img/auth/github.png",
		CustomURLMapping: &oauth2.CustomURLMapping{
			TokenURL:   oauth2.GetDefaultTokenURL("github"),
			AuthURL:    oauth2.GetDefaultAuthURL("github"),
			ProfileURL: oauth2.GetDefaultProfileURL("github"),
			EmailURL:   oauth2.GetDefaultEmailURL("github"),
		},
	},
	"gitlab": {Name: "gitlab", DisplayName: "GitLab", Image: "/img/auth/gitlab.png",
		CustomURLMapping: &oauth2.CustomURLMapping{
			TokenURL:   oauth2.GetDefaultTokenURL("gitlab"),
			AuthURL:    oauth2.GetDefaultAuthURL("gitlab"),
			ProfileURL: oauth2.GetDefaultProfileURL("gitlab"),
		},
	},
	"gplus":         {Name: "gplus", DisplayName: "Google+", Image: "/img/auth/google_plus.png"},
	"openidConnect": {Name: "openidConnect", DisplayName: "OpenID Connect", Image: "/img/auth/openid_connect.png"},
	"twitter":       {Name: "twitter", DisplayName: "Twitter", Image: "/img/auth/twitter.png"},
	"discord":       {Name: "discord", DisplayName: "Discord", Image: "/img/auth/discord.png"},
}

// OAuth2DefaultCustomURLMappings contains the map of default URL's for OAuth2 providers that are allowed to have custom urls
// key is used to map the OAuth2Provider
// value is the mapping as defined for the OAuth2Provider
var OAuth2DefaultCustomURLMappings = map[string]*oauth2.CustomURLMapping{
	"github": OAuth2Providers["github"].CustomURLMapping,
	"gitlab": OAuth2Providers["gitlab"].CustomURLMapping,
}

// GetActiveOAuth2ProviderLoginSources returns all actived LoginOAuth2 sources
func GetActiveOAuth2ProviderLoginSources() ([]*LoginSource, error) {
	sources := make([]*LoginSource, 0, 1)
	if err := x.Where("is_actived = ? and type = ?", true, LoginOAuth2).Find(&sources); err != nil {
		return nil, err
	}
	return sources, nil
}

// GetActiveOAuth2LoginSourceByName returns a OAuth2 LoginSource based on the given name
func GetActiveOAuth2LoginSourceByName(name string) (*LoginSource, error) {
	loginSource := new(LoginSource)
	has, err := x.Where("name = ? and type = ? and is_actived = ?", name, LoginOAuth2, true).Get(loginSource)
	if !has || err != nil {
		return nil, err
	}

	return loginSource, nil
}

// GetActiveOAuth2Providers returns the map of configured active OAuth2 providers
// key is used as technical name (like in the callbackURL)
// values to display
func GetActiveOAuth2Providers() ([]string, map[string]OAuth2Provider, error) {
	// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type

	loginSources, err := GetActiveOAuth2ProviderLoginSources()
	if err != nil {
		return nil, nil, err
	}

	var orderedKeys []string
	providers := make(map[string]OAuth2Provider)
	for _, source := range loginSources {
		providers[source.Name] = OAuth2Providers[source.OAuth2().Provider]
		orderedKeys = append(orderedKeys, source.Name)
	}

	sort.Strings(orderedKeys)

	return orderedKeys, providers, nil
}

// InitOAuth2 initialize the OAuth2 lib and register all active OAuth2 providers in the library
func InitOAuth2() error {
	if err := oauth2.Init(x); err != nil {
		return err
	}
	loginSources, _ := GetActiveOAuth2ProviderLoginSources()

	for _, source := range loginSources {
		oAuth2Config := source.OAuth2()
		err := oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)
		if err != nil {
			return err
		}
	}
	return nil
}

// wrapOpenIDConnectInitializeError is used to wrap the error but this cannot be done in modules/auth/oauth2
// inside oauth2: import cycle not allowed models -> modules/auth/oauth2 -> models
func wrapOpenIDConnectInitializeError(err error, providerName string, oAuth2Config *OAuth2Config) error {
	if err != nil && "openidConnect" == oAuth2Config.Provider {
		err = ErrOpenIDConnectInitialize{ProviderName: providerName, OpenIDConnectAutoDiscoveryURL: oAuth2Config.OpenIDConnectAutoDiscoveryURL, Cause: err}
	}
	return err
}
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`// Copyright 2017 The Gitea Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

			`package models`

			`import (`
			`"sort"`
gofmt (#1662) 2017-05-04 07:54:56 +02:00
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`"code.gitea.io/gitea/modules/auth/oauth2"`
			`)`

			`// OAuth2Provider describes the display values of a single OAuth2 provider`
			`type OAuth2Provider struct {`
gofmt (#1662) 2017-05-04 07:54:56 +02:00			`Name string`
			`DisplayName string`
			`Image string`
			`CustomURLMapping *oauth2.CustomURLMapping`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`}`

			`// OAuth2Providers contains the map of registered OAuth2 providers in Gitea (based on goth)`
			`// key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider)`
			`// value is used to store display data`
			`var OAuth2Providers = map[string]OAuth2Provider{`
			`"bitbucket": {Name: "bitbucket", DisplayName: "Bitbucket", Image: "/img/auth/bitbucket.png"},`
			`"dropbox": {Name: "dropbox", DisplayName: "Dropbox", Image: "/img/auth/dropbox.png"},`
			`"facebook": {Name: "facebook", DisplayName: "Facebook", Image: "/img/auth/facebook.png"},`
			`"github": {Name: "github", DisplayName: "GitHub", Image: "/img/auth/github.png",`
			`CustomURLMapping: &oauth2.CustomURLMapping{`
			`TokenURL: oauth2.GetDefaultTokenURL("github"),`
			`AuthURL: oauth2.GetDefaultAuthURL("github"),`
			`ProfileURL: oauth2.GetDefaultProfileURL("github"),`
			`EmailURL: oauth2.GetDefaultEmailURL("github"),`
			`},`
			`},`
			`"gitlab": {Name: "gitlab", DisplayName: "GitLab", Image: "/img/auth/gitlab.png",`
			`CustomURLMapping: &oauth2.CustomURLMapping{`
			`TokenURL: oauth2.GetDefaultTokenURL("gitlab"),`
			`AuthURL: oauth2.GetDefaultAuthURL("gitlab"),`
			`ProfileURL: oauth2.GetDefaultProfileURL("gitlab"),`
			`},`
			`},`
			`"gplus": {Name: "gplus", DisplayName: "Google+", Image: "/img/auth/google_plus.png"},`
			`"openidConnect": {Name: "openidConnect", DisplayName: "OpenID Connect", Image: "/img/auth/openid_connect.png"},`
			`"twitter": {Name: "twitter", DisplayName: "Twitter", Image: "/img/auth/twitter.png"},`
Discord Oauth2 support (#4476) * add discord auth * add vendor for discord * fix syntax error * make fmt * update version of goth in use * update markbates/goth 2019-01-13 20:06:22 +01:00			`"discord": {Name: "discord", DisplayName: "Discord", Image: "/img/auth/discord.png"},`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`}`

			`// OAuth2DefaultCustomURLMappings contains the map of default URL's for OAuth2 providers that are allowed to have custom urls`
			`// key is used to map the OAuth2Provider`
			`// value is the mapping as defined for the OAuth2Provider`
gofmt (#1662) 2017-05-04 07:54:56 +02:00			`var OAuth2DefaultCustomURLMappings = map[string]*oauth2.CustomURLMapping{`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`"github": OAuth2Providers["github"].CustomURLMapping,`
			`"gitlab": OAuth2Providers["gitlab"].CustomURLMapping,`
			`}`

			`// GetActiveOAuth2ProviderLoginSources returns all actived LoginOAuth2 sources`
			`func GetActiveOAuth2ProviderLoginSources() ([]*LoginSource, error) {`
			`sources := make([]*LoginSource, 0, 1)`
Replace calls to xorm UseBool with Where (#2237) 2017-08-01 07:47:31 +02:00			`if err := x.Where("is_actived = ? and type = ?", true, LoginOAuth2).Find(&sources); err != nil {`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`return nil, err`
			`}`
			`return sources, nil`
			`}`

			`// GetActiveOAuth2LoginSourceByName returns a OAuth2 LoginSource based on the given name`
			`func GetActiveOAuth2LoginSourceByName(name string) (*LoginSource, error) {`
Replace calls to xorm UseBool with Where (#2237) 2017-08-01 07:47:31 +02:00			`loginSource := new(LoginSource)`
			`has, err := x.Where("name = ? and type = ? and is_actived = ?", name, LoginOAuth2, true).Get(loginSource)`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`if !has \|\| err != nil {`
			`return nil, err`
			`}`

			`return loginSource, nil`
			`}`

			`// GetActiveOAuth2Providers returns the map of configured active OAuth2 providers`
			`// key is used as technical name (like in the callbackURL)`
			`// values to display`
			`func GetActiveOAuth2Providers() ([]string, map[string]OAuth2Provider, error) {`
			`// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type`

			`loginSources, err := GetActiveOAuth2ProviderLoginSources()`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`var orderedKeys []string`
			`providers := make(map[string]OAuth2Provider)`
			`for _, source := range loginSources {`
			`providers[source.Name] = OAuth2Providers[source.OAuth2().Provider]`
			`orderedKeys = append(orderedKeys, source.Name)`
			`}`

			`sort.Strings(orderedKeys)`

			`return orderedKeys, providers, nil`
			`}`

			`// InitOAuth2 initialize the OAuth2 lib and register all active OAuth2 providers in the library`
Store OAuth2 session data in database (#3660) * Store OAuth2 session data in database * Rename table to `oauth2_session` and do not skip xormstorage initialization error 2018-04-29 08:09:24 +02:00			`func InitOAuth2() error {`
			`if err := oauth2.Init(x); err != nil {`
			`return err`
			`}`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`loginSources, _ := GetActiveOAuth2ProviderLoginSources()`

			`for _, source := range loginSources {`
			`oAuth2Config := source.OAuth2()`
Add golangci (#6418) 2019-06-12 21:41:28 +02:00			`err := oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)`
			`if err != nil {`
			`return err`
			`}`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`}`
Store OAuth2 session data in database (#3660) * Store OAuth2 session data in database * Rename table to `oauth2_session` and do not skip xormstorage initialization error 2018-04-29 08:09:24 +02:00			`return nil`
Additional OAuth2 providers (#1010) * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency 2017-05-01 15:26:53 +02:00			`}`

			`// wrapOpenIDConnectInitializeError is used to wrap the error but this cannot be done in modules/auth/oauth2`
			`// inside oauth2: import cycle not allowed models -> modules/auth/oauth2 -> models`
			`func wrapOpenIDConnectInitializeError(err error, providerName string, oAuth2Config *OAuth2Config) error {`
			`if err != nil && "openidConnect" == oAuth2Config.Provider {`
			`err = ErrOpenIDConnectInitialize{ProviderName: providerName, OpenIDConnectAutoDiscoveryURL: oAuth2Config.OpenIDConnectAutoDiscoveryURL, Cause: err}`
			`}`
			`return err`
			`}`