fix oauth2
This commit is contained in:
parent
9adc8e9d3f
commit
d6132aaa88
10 changed files with 185 additions and 251 deletions
|
@ -21,6 +21,7 @@ github.com/macaron-contrib/cache = commit:0bb9e6c9ef
|
||||||
github.com/macaron-contrib/captcha = commit:3567dc48b8
|
github.com/macaron-contrib/captcha = commit:3567dc48b8
|
||||||
github.com/macaron-contrib/csrf = commit:422b79675c
|
github.com/macaron-contrib/csrf = commit:422b79675c
|
||||||
github.com/macaron-contrib/i18n =
|
github.com/macaron-contrib/i18n =
|
||||||
|
github.com/macaron-contrib/oauth2 =
|
||||||
github.com/macaron-contrib/session = commit:f00d48fd4f
|
github.com/macaron-contrib/session = commit:f00d48fd4f
|
||||||
github.com/macaron-contrib/toolbox = commit:57127bcc89
|
github.com/macaron-contrib/toolbox = commit:57127bcc89
|
||||||
github.com/mattn/go-sqlite3 = commit:a80c27ba33
|
github.com/mattn/go-sqlite3 = commit:a80c27ba33
|
||||||
|
|
10
cmd/web.go
10
cmd/web.go
|
@ -21,6 +21,7 @@ import (
|
||||||
"github.com/macaron-contrib/captcha"
|
"github.com/macaron-contrib/captcha"
|
||||||
"github.com/macaron-contrib/csrf"
|
"github.com/macaron-contrib/csrf"
|
||||||
"github.com/macaron-contrib/i18n"
|
"github.com/macaron-contrib/i18n"
|
||||||
|
"github.com/macaron-contrib/oauth2"
|
||||||
"github.com/macaron-contrib/session"
|
"github.com/macaron-contrib/session"
|
||||||
"github.com/macaron-contrib/toolbox"
|
"github.com/macaron-contrib/toolbox"
|
||||||
|
|
||||||
|
@ -140,6 +141,11 @@ func newMacaron() *macaron.Macaron {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
// OAuth 2.
|
||||||
|
for _, info := range setting.OauthService.OauthInfos {
|
||||||
|
m.Use(oauth2.NewOAuth2Provider(info.Options, info.AuthUrl, info.TokenUrl))
|
||||||
|
}
|
||||||
m.Use(middleware.Contexter())
|
m.Use(middleware.Contexter())
|
||||||
return m
|
return m
|
||||||
}
|
}
|
||||||
|
@ -213,7 +219,7 @@ func runWeb(*cli.Context) {
|
||||||
m.Group("/user", func() {
|
m.Group("/user", func() {
|
||||||
m.Get("/login", user.SignIn)
|
m.Get("/login", user.SignIn)
|
||||||
m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost)
|
m.Post("/login", bindIgnErr(auth.SignInForm{}), user.SignInPost)
|
||||||
m.Get("/login/:name", user.SocialSignIn)
|
m.Get("/info/:name", user.SocialSignIn)
|
||||||
m.Get("/sign_up", user.SignUp)
|
m.Get("/sign_up", user.SignUp)
|
||||||
m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost)
|
m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost)
|
||||||
m.Get("/reset_password", user.ResetPasswd)
|
m.Get("/reset_password", user.ResetPasswd)
|
||||||
|
@ -406,7 +412,7 @@ func runWeb(*cli.Context) {
|
||||||
m.Get("/issues2/", repo.Issues2)
|
m.Get("/issues2/", repo.Issues2)
|
||||||
m.Get("/pulls2/", repo.PullRequest2)
|
m.Get("/pulls2/", repo.PullRequest2)
|
||||||
m.Get("/labels2/", repo.Labels2)
|
m.Get("/labels2/", repo.Labels2)
|
||||||
m.Get("/milestone2/",repo.Milestones2)
|
m.Get("/milestone2/", repo.Milestones2)
|
||||||
|
|
||||||
m.Group("", func() {
|
m.Group("", func() {
|
||||||
m.Get("/src/*", repo.Home)
|
m.Get("/src/*", repo.Home)
|
||||||
|
|
|
@ -125,13 +125,10 @@ TOKEN_URL = https://accounts.google.com/o/oauth2/token
|
||||||
ENABLED = false
|
ENABLED = false
|
||||||
CLIENT_ID =
|
CLIENT_ID =
|
||||||
CLIENT_SECRET =
|
CLIENT_SECRET =
|
||||||
SCOPES = all
|
SCOPES = get_user_info
|
||||||
; QQ 互联
|
; QQ 互联
|
||||||
; AUTH_URL = https://graph.qq.com/oauth2.0/authorize
|
AUTH_URL = https://graph.qq.com/oauth2.0/authorize
|
||||||
; TOKEN_URL = https://graph.qq.com/oauth2.0/token
|
TOKEN_URL = https://graph.qq.com/oauth2.0/token
|
||||||
; Tencent weibo
|
|
||||||
AUTH_URL = https://open.t.qq.com/cgi-bin/oauth2/authorize
|
|
||||||
TOKEN_URL = https://open.t.qq.com/cgi-bin/oauth2/access_token
|
|
||||||
|
|
||||||
[oauth.weibo]
|
[oauth.weibo]
|
||||||
ENABLED = false
|
ENABLED = false
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
# This file lists all individuals having contributed content to the translation.
|
# This file lists all PUBLIC individuals having contributed content to the translation.
|
||||||
|
# Order of name is meaningless.
|
||||||
|
|
||||||
Thomas Fanninger <gogs.thomas@fanninger.at>
|
Thomas Fanninger <gogs.thomas@fanninger.at>
|
||||||
|
Łukasz Jan Niemier <lukasz@niemier.pl>
|
2
gogs.go
2
gogs.go
|
@ -17,7 +17,7 @@ import (
|
||||||
"github.com/gogits/gogs/modules/setting"
|
"github.com/gogits/gogs/modules/setting"
|
||||||
)
|
)
|
||||||
|
|
||||||
const APP_VER = "0.5.8.1125 Beta"
|
const APP_VER = "0.5.8.1128 Beta"
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
runtime.GOMAXPROCS(runtime.NumCPU())
|
runtime.GOMAXPROCS(runtime.NumCPU())
|
||||||
|
|
|
@ -17,6 +17,7 @@ import (
|
||||||
|
|
||||||
"github.com/Unknwon/com"
|
"github.com/Unknwon/com"
|
||||||
"github.com/Unknwon/goconfig"
|
"github.com/Unknwon/goconfig"
|
||||||
|
"github.com/macaron-contrib/oauth2"
|
||||||
"github.com/macaron-contrib/session"
|
"github.com/macaron-contrib/session"
|
||||||
|
|
||||||
"github.com/gogits/gogs/modules/log"
|
"github.com/gogits/gogs/modules/log"
|
||||||
|
@ -434,9 +435,8 @@ type Mailer struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type OauthInfo struct {
|
type OauthInfo struct {
|
||||||
ClientId, ClientSecret string
|
oauth2.Options
|
||||||
Scopes string
|
AuthUrl, TokenUrl string
|
||||||
AuthUrl, TokenUrl string
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Oauther represents oauth service.
|
// Oauther represents oauth service.
|
||||||
|
|
|
@ -7,12 +7,12 @@ package social
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
|
||||||
|
|
||||||
oauth "github.com/gogits/oauth2"
|
"github.com/macaron-contrib/oauth2"
|
||||||
|
|
||||||
"github.com/gogits/gogs/models"
|
"github.com/gogits/gogs/models"
|
||||||
"github.com/gogits/gogs/modules/log"
|
"github.com/gogits/gogs/modules/log"
|
||||||
|
@ -27,16 +27,11 @@ type BasicUserInfo struct {
|
||||||
|
|
||||||
type SocialConnector interface {
|
type SocialConnector interface {
|
||||||
Type() int
|
Type() int
|
||||||
SetRedirectUrl(string)
|
UserInfo(*oauth2.Token, *url.URL) (*BasicUserInfo, error)
|
||||||
UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error)
|
|
||||||
|
|
||||||
AuthCodeURL(string) string
|
|
||||||
Exchange(string) (*oauth.Token, error)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
SocialBaseUrl = "/user/login"
|
SocialMap = make(map[string]SocialConnector)
|
||||||
SocialMap = make(map[string]SocialConnector)
|
|
||||||
)
|
)
|
||||||
|
|
||||||
func NewOauthService() {
|
func NewOauthService() {
|
||||||
|
@ -47,24 +42,29 @@ func NewOauthService() {
|
||||||
setting.OauthService = &setting.Oauther{}
|
setting.OauthService = &setting.Oauther{}
|
||||||
setting.OauthService.OauthInfos = make(map[string]*setting.OauthInfo)
|
setting.OauthService.OauthInfos = make(map[string]*setting.OauthInfo)
|
||||||
|
|
||||||
socialConfigs := make(map[string]*oauth.Config)
|
socialConfigs := make(map[string]*oauth2.Options)
|
||||||
allOauthes := []string{"github", "google", "qq", "twitter", "weibo"}
|
allOauthes := []string{"github", "google", "qq", "twitter", "weibo"}
|
||||||
// Load all OAuth config data.
|
// Load all OAuth config data.
|
||||||
for _, name := range allOauthes {
|
for _, name := range allOauthes {
|
||||||
setting.OauthService.OauthInfos[name] = &setting.OauthInfo{
|
if !setting.Cfg.MustBool("oauth."+name, "ENABLED") {
|
||||||
ClientId: setting.Cfg.MustValue("oauth."+name, "CLIENT_ID"),
|
continue
|
||||||
ClientSecret: setting.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"),
|
|
||||||
Scopes: setting.Cfg.MustValue("oauth."+name, "SCOPES"),
|
|
||||||
AuthUrl: setting.Cfg.MustValue("oauth."+name, "AUTH_URL"),
|
|
||||||
TokenUrl: setting.Cfg.MustValue("oauth."+name, "TOKEN_URL"),
|
|
||||||
}
|
}
|
||||||
socialConfigs[name] = &oauth.Config{
|
setting.OauthService.OauthInfos[name] = &setting.OauthInfo{
|
||||||
ClientId: setting.OauthService.OauthInfos[name].ClientId,
|
Options: oauth2.Options{
|
||||||
|
ClientID: setting.Cfg.MustValue("oauth."+name, "CLIENT_ID"),
|
||||||
|
ClientSecret: setting.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"),
|
||||||
|
Scopes: setting.Cfg.MustValueArray("oauth."+name, "SCOPES", " "),
|
||||||
|
PathLogin: "/user/login/oauth2/" + name,
|
||||||
|
PathCallback: setting.AppSubUrl + "/user/login/" + name,
|
||||||
|
RedirectURL: setting.AppUrl + "user/login/" + name,
|
||||||
|
},
|
||||||
|
AuthUrl: setting.Cfg.MustValue("oauth."+name, "AUTH_URL"),
|
||||||
|
TokenUrl: setting.Cfg.MustValue("oauth."+name, "TOKEN_URL"),
|
||||||
|
}
|
||||||
|
socialConfigs[name] = &oauth2.Options{
|
||||||
|
ClientID: setting.OauthService.OauthInfos[name].ClientID,
|
||||||
ClientSecret: setting.OauthService.OauthInfos[name].ClientSecret,
|
ClientSecret: setting.OauthService.OauthInfos[name].ClientSecret,
|
||||||
RedirectURL: strings.TrimSuffix(setting.AppUrl, "/") + SocialBaseUrl + name,
|
Scopes: setting.OauthService.OauthInfos[name].Scopes,
|
||||||
Scope: setting.OauthService.OauthInfos[name].Scopes,
|
|
||||||
AuthURL: setting.OauthService.OauthInfos[name].AuthUrl,
|
|
||||||
TokenURL: setting.OauthService.OauthInfos[name].TokenUrl,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
enabledOauths := make([]string, 0, 10)
|
enabledOauths := make([]string, 0, 10)
|
||||||
|
@ -91,11 +91,11 @@ func NewOauthService() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Twitter.
|
// Twitter.
|
||||||
if setting.Cfg.MustBool("oauth.twitter", "ENABLED") {
|
// if setting.Cfg.MustBool("oauth.twitter", "ENABLED") {
|
||||||
setting.OauthService.Twitter = true
|
// setting.OauthService.Twitter = true
|
||||||
newTwitterOauth(socialConfigs["twitter"])
|
// newTwitterOauth(socialConfigs["twitter"])
|
||||||
enabledOauths = append(enabledOauths, "Twitter")
|
// enabledOauths = append(enabledOauths, "Twitter")
|
||||||
}
|
// }
|
||||||
|
|
||||||
// Weibo.
|
// Weibo.
|
||||||
if setting.Cfg.MustBool("oauth.weibo", "ENABLED") {
|
if setting.Cfg.MustBool("oauth.weibo", "ENABLED") {
|
||||||
|
@ -115,38 +115,25 @@ func NewOauthService() {
|
||||||
// \/ \/ \/
|
// \/ \/ \/
|
||||||
|
|
||||||
type SocialGithub struct {
|
type SocialGithub struct {
|
||||||
Token *oauth.Token
|
opts *oauth2.Options
|
||||||
*oauth.Transport
|
}
|
||||||
|
|
||||||
|
func newGitHubOauth(opts *oauth2.Options) {
|
||||||
|
SocialMap["github"] = &SocialGithub{opts}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SocialGithub) Type() int {
|
func (s *SocialGithub) Type() int {
|
||||||
return int(models.GITHUB)
|
return int(models.GITHUB)
|
||||||
}
|
}
|
||||||
|
|
||||||
func newGitHubOauth(config *oauth.Config) {
|
func (s *SocialGithub) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) {
|
||||||
SocialMap["github"] = &SocialGithub{
|
transport := s.opts.NewTransportFromToken(token)
|
||||||
Transport: &oauth.Transport{
|
|
||||||
Config: config,
|
|
||||||
Transport: http.DefaultTransport,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialGithub) SetRedirectUrl(url string) {
|
|
||||||
s.Transport.Config.RedirectURL = url
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
||||||
transport := &oauth.Transport{
|
|
||||||
Token: token,
|
|
||||||
}
|
|
||||||
var data struct {
|
var data struct {
|
||||||
Id int `json:"id"`
|
Id int `json:"id"`
|
||||||
Name string `json:"login"`
|
Name string `json:"login"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
}
|
}
|
||||||
var err error
|
r, err := transport.Client().Get("https://api.github.com/user")
|
||||||
r, err := transport.Client().Get(s.Transport.Scope)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -169,38 +156,25 @@ func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo,
|
||||||
// \/ /_____/ \/
|
// \/ /_____/ \/
|
||||||
|
|
||||||
type SocialGoogle struct {
|
type SocialGoogle struct {
|
||||||
Token *oauth.Token
|
opts *oauth2.Options
|
||||||
*oauth.Transport
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SocialGoogle) Type() int {
|
func (s *SocialGoogle) Type() int {
|
||||||
return int(models.GOOGLE)
|
return int(models.GOOGLE)
|
||||||
}
|
}
|
||||||
|
|
||||||
func newGoogleOauth(config *oauth.Config) {
|
func newGoogleOauth(opts *oauth2.Options) {
|
||||||
SocialMap["google"] = &SocialGoogle{
|
SocialMap["google"] = &SocialGoogle{opts}
|
||||||
Transport: &oauth.Transport{
|
|
||||||
Config: config,
|
|
||||||
Transport: http.DefaultTransport,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SocialGoogle) SetRedirectUrl(url string) {
|
func (s *SocialGoogle) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) {
|
||||||
s.Transport.Config.RedirectURL = url
|
transport := s.opts.NewTransportFromToken(token)
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
||||||
transport := &oauth.Transport{Token: token}
|
|
||||||
var data struct {
|
var data struct {
|
||||||
Id string `json:"id"`
|
Id string `json:"id"`
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
}
|
}
|
||||||
var err error
|
r, err := transport.Client().Get("https://www.googleapis.com/userinfo/v2/me")
|
||||||
|
|
||||||
reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
|
|
||||||
r, err := transport.Client().Get(reqUrl)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -223,62 +197,35 @@ func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo,
|
||||||
// \__> \__>
|
// \__> \__>
|
||||||
|
|
||||||
type SocialTencent struct {
|
type SocialTencent struct {
|
||||||
Token *oauth.Token
|
opts *oauth2.Options
|
||||||
*oauth.Transport
|
}
|
||||||
reqUrl string
|
|
||||||
|
func newTencentOauth(opts *oauth2.Options) {
|
||||||
|
SocialMap["qq"] = &SocialTencent{opts}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SocialTencent) Type() int {
|
func (s *SocialTencent) Type() int {
|
||||||
return int(models.QQ)
|
return int(models.QQ)
|
||||||
}
|
}
|
||||||
|
|
||||||
func newTencentOauth(config *oauth.Config) {
|
func (s *SocialTencent) UserInfo(token *oauth2.Token, URL *url.URL) (*BasicUserInfo, error) {
|
||||||
SocialMap["qq"] = &SocialTencent{
|
r, err := http.Get("https://graph.z.qq.com/moc2/me?access_token=" + url.QueryEscape(token.AccessToken))
|
||||||
reqUrl: "https://open.t.qq.com/api/user/info",
|
|
||||||
Transport: &oauth.Transport{
|
|
||||||
Config: config,
|
|
||||||
Transport: http.DefaultTransport,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialTencent) SetRedirectUrl(url string) {
|
|
||||||
s.Transport.Config.RedirectURL = url
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) {
|
|
||||||
var data struct {
|
|
||||||
Data struct {
|
|
||||||
Id string `json:"openid"`
|
|
||||||
Name string `json:"name"`
|
|
||||||
Email string `json:"email"`
|
|
||||||
} `json:"data"`
|
|
||||||
}
|
|
||||||
var err error
|
|
||||||
// https://open.t.qq.com/api/user/info?
|
|
||||||
//oauth_consumer_key=APP_KEY&
|
|
||||||
//access_token=ACCESSTOKEN&openid=openid
|
|
||||||
//clientip=CLIENTIP&oauth_version=2.a
|
|
||||||
//scope=all
|
|
||||||
var urls = url.Values{
|
|
||||||
"oauth_consumer_key": {s.Transport.Config.ClientId},
|
|
||||||
"access_token": {token.AccessToken},
|
|
||||||
"openid": URL.Query()["openid"],
|
|
||||||
"oauth_version": {"2.a"},
|
|
||||||
"scope": {"all"},
|
|
||||||
}
|
|
||||||
r, err := http.Get(s.reqUrl + "?" + urls.Encode())
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
defer r.Body.Close()
|
defer r.Body.Close()
|
||||||
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
||||||
|
body, err := ioutil.ReadAll(r.Body)
|
||||||
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
vals, err := url.ParseQuery(string(body))
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
return &BasicUserInfo{
|
return &BasicUserInfo{
|
||||||
Identity: data.Data.Id,
|
Identity: vals.Get("openid"),
|
||||||
Name: data.Data.Name,
|
|
||||||
Email: data.Data.Email,
|
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -289,54 +236,54 @@ func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserIn
|
||||||
// |____| \/\_/ |__||__| |__| \___ >__|
|
// |____| \/\_/ |__||__| |__| \___ >__|
|
||||||
// \/
|
// \/
|
||||||
|
|
||||||
type SocialTwitter struct {
|
// type SocialTwitter struct {
|
||||||
Token *oauth.Token
|
// Token *oauth2.Token
|
||||||
*oauth.Transport
|
// *oauth2.Transport
|
||||||
}
|
// }
|
||||||
|
|
||||||
func (s *SocialTwitter) Type() int {
|
// func (s *SocialTwitter) Type() int {
|
||||||
return int(models.TWITTER)
|
// return int(models.TWITTER)
|
||||||
}
|
// }
|
||||||
|
|
||||||
func newTwitterOauth(config *oauth.Config) {
|
// func newTwitterOauth(config *oauth2.Config) {
|
||||||
SocialMap["twitter"] = &SocialTwitter{
|
// SocialMap["twitter"] = &SocialTwitter{
|
||||||
Transport: &oauth.Transport{
|
// Transport: &oauth.Transport{
|
||||||
Config: config,
|
// Config: config,
|
||||||
Transport: http.DefaultTransport,
|
// Transport: http.DefaultTransport,
|
||||||
},
|
// },
|
||||||
}
|
// }
|
||||||
}
|
// }
|
||||||
|
|
||||||
func (s *SocialTwitter) SetRedirectUrl(url string) {
|
// func (s *SocialTwitter) SetRedirectUrl(url string) {
|
||||||
s.Transport.Config.RedirectURL = url
|
// s.Transport.Config.RedirectURL = url
|
||||||
}
|
// }
|
||||||
|
|
||||||
//https://github.com/mrjones/oauth
|
// //https://github.com/mrjones/oauth
|
||||||
func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
// func (s *SocialTwitter) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) {
|
||||||
// transport := &oauth.Transport{Token: token}
|
// // transport := &oauth.Transport{Token: token}
|
||||||
// var data struct {
|
// // var data struct {
|
||||||
// Id string `json:"id"`
|
// // Id string `json:"id"`
|
||||||
// Name string `json:"name"`
|
// // Name string `json:"name"`
|
||||||
// Email string `json:"email"`
|
// // Email string `json:"email"`
|
||||||
// }
|
// // }
|
||||||
// var err error
|
// // var err error
|
||||||
|
|
||||||
// reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
|
// // reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
|
||||||
// r, err := transport.Client().Get(reqUrl)
|
// // r, err := transport.Client().Get(reqUrl)
|
||||||
// if err != nil {
|
// // if err != nil {
|
||||||
// return nil, err
|
// // return nil, err
|
||||||
// }
|
// // }
|
||||||
// defer r.Body.Close()
|
// // defer r.Body.Close()
|
||||||
// if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
// // if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
||||||
// return nil, err
|
// // return nil, err
|
||||||
// }
|
// // }
|
||||||
// return &BasicUserInfo{
|
// // return &BasicUserInfo{
|
||||||
// Identity: data.Id,
|
// // Identity: data.Id,
|
||||||
// Name: data.Name,
|
// // Name: data.Name,
|
||||||
// Email: data.Email,
|
// // Email: data.Email,
|
||||||
// }, nil
|
// // }, nil
|
||||||
return nil, nil
|
// return nil, nil
|
||||||
}
|
// }
|
||||||
|
|
||||||
// __ __ ._____.
|
// __ __ ._____.
|
||||||
// / \ / \ ____ |__\_ |__ ____
|
// / \ / \ ____ |__\_ |__ ____
|
||||||
|
@ -346,37 +293,25 @@ func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo
|
||||||
// \/ \/ \/
|
// \/ \/ \/
|
||||||
|
|
||||||
type SocialWeibo struct {
|
type SocialWeibo struct {
|
||||||
Token *oauth.Token
|
opts *oauth2.Options
|
||||||
*oauth.Transport
|
}
|
||||||
|
|
||||||
|
func newWeiboOauth(opts *oauth2.Options) {
|
||||||
|
SocialMap["weibo"] = &SocialWeibo{opts}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *SocialWeibo) Type() int {
|
func (s *SocialWeibo) Type() int {
|
||||||
return int(models.WEIBO)
|
return int(models.WEIBO)
|
||||||
}
|
}
|
||||||
|
|
||||||
func newWeiboOauth(config *oauth.Config) {
|
func (s *SocialWeibo) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) {
|
||||||
SocialMap["weibo"] = &SocialWeibo{
|
transport := s.opts.NewTransportFromToken(token)
|
||||||
Transport: &oauth.Transport{
|
|
||||||
Config: config,
|
|
||||||
Transport: http.DefaultTransport,
|
|
||||||
},
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialWeibo) SetRedirectUrl(url string) {
|
|
||||||
s.Transport.Config.RedirectURL = url
|
|
||||||
}
|
|
||||||
|
|
||||||
func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
||||||
transport := &oauth.Transport{Token: token}
|
|
||||||
var data struct {
|
var data struct {
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
}
|
}
|
||||||
var err error
|
|
||||||
|
|
||||||
var urls = url.Values{
|
var urls = url.Values{
|
||||||
"access_token": {token.AccessToken},
|
"access_token": {token.AccessToken},
|
||||||
"uid": {token.Extra["id_token"]},
|
"uid": {token.Extra("uid")},
|
||||||
}
|
}
|
||||||
reqUrl := "https://api.weibo.com/2/users/show.json"
|
reqUrl := "https://api.weibo.com/2/users/show.json"
|
||||||
r, err := transport.Client().Get(reqUrl + "?" + urls.Encode())
|
r, err := transport.Client().Get(reqUrl + "?" + urls.Encode())
|
||||||
|
@ -384,11 +319,12 @@ func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo,
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
defer r.Body.Close()
|
defer r.Body.Close()
|
||||||
|
|
||||||
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &BasicUserInfo{
|
return &BasicUserInfo{
|
||||||
Identity: token.Extra["id_token"],
|
Identity: token.Extra("uid"),
|
||||||
Name: data.Name,
|
Name: data.Name,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,10 +9,12 @@ import (
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
// "strings"
|
||||||
"time"
|
// "time"
|
||||||
|
|
||||||
"github.com/gogits/gogs/models"
|
"github.com/macaron-contrib/oauth2"
|
||||||
|
|
||||||
|
// "github.com/gogits/gogs/models"
|
||||||
"github.com/gogits/gogs/modules/log"
|
"github.com/gogits/gogs/modules/log"
|
||||||
"github.com/gogits/gogs/modules/middleware"
|
"github.com/gogits/gogs/modules/middleware"
|
||||||
"github.com/gogits/gogs/modules/setting"
|
"github.com/gogits/gogs/modules/setting"
|
||||||
|
@ -29,79 +31,69 @@ func extractPath(next string) string {
|
||||||
|
|
||||||
func SocialSignIn(ctx *middleware.Context) {
|
func SocialSignIn(ctx *middleware.Context) {
|
||||||
if setting.OauthService == nil {
|
if setting.OauthService == nil {
|
||||||
ctx.Handle(404, "social.SocialSignIn(oauth service not enabled)", nil)
|
ctx.Handle(404, "OAuth2 service not enabled", nil)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
info := ctx.Session.Get(oauth2.KEY_TOKEN)
|
||||||
|
if info == nil {
|
||||||
|
ctx.Redirect(setting.AppSubUrl + "/user/login")
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
next := extractPath(ctx.Query("next"))
|
|
||||||
name := ctx.Params(":name")
|
name := ctx.Params(":name")
|
||||||
connect, ok := social.SocialMap[name]
|
connect, ok := social.SocialMap[name]
|
||||||
if !ok {
|
if !ok {
|
||||||
ctx.Handle(404, "social.SocialSignIn(social login not enabled)", errors.New(name))
|
ctx.Handle(404, "social login not enabled", errors.New(name))
|
||||||
return
|
|
||||||
}
|
|
||||||
appUrl := strings.TrimSuffix(setting.AppUrl, "/")
|
|
||||||
if name == "weibo" {
|
|
||||||
appUrl = strings.Replace(appUrl, "localhost", "127.0.0.1", 1)
|
|
||||||
}
|
|
||||||
|
|
||||||
code := ctx.Query("code")
|
|
||||||
if code == "" {
|
|
||||||
// redirect to social login page
|
|
||||||
connect.SetRedirectUrl(appUrl + ctx.Req.URL.Path)
|
|
||||||
ctx.Redirect(connect.AuthCodeURL(next))
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// handle call back
|
tk := new(oauth2.Token)
|
||||||
tk, err := connect.Exchange(code)
|
if err := json.Unmarshal(info.([]byte), tk); err != nil {
|
||||||
if err != nil {
|
ctx.Handle(500, "Unmarshal token", err)
|
||||||
ctx.Handle(500, "social.SocialSignIn(Exchange)", err)
|
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
next = extractPath(ctx.Query("state"))
|
|
||||||
log.Trace("social.SocialSignIn(Got token)")
|
|
||||||
|
|
||||||
ui, err := connect.UserInfo(tk, ctx.Req.URL)
|
ui, err := connect.UserInfo(tk, ctx.Req.URL)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.Handle(500, fmt.Sprintf("social.SocialSignIn(get info from %s)", name), err)
|
ctx.Handle(500, fmt.Sprintf("UserInfo(%s)", name), err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
log.Info("social.SocialSignIn(social login): %s", ui)
|
log.Info("social.SocialSignIn(social login): %s", ui)
|
||||||
|
|
||||||
oa, err := models.GetOauth2(ui.Identity)
|
// oa, err := models.GetOauth2(ui.Identity)
|
||||||
switch err {
|
// switch err {
|
||||||
case nil:
|
// case nil:
|
||||||
ctx.Session.Set("uid", oa.User.Id)
|
// ctx.Session.Set("uid", oa.User.Id)
|
||||||
ctx.Session.Set("uname", oa.User.Name)
|
// ctx.Session.Set("uname", oa.User.Name)
|
||||||
case models.ErrOauth2RecordNotExist:
|
// case models.ErrOauth2RecordNotExist:
|
||||||
raw, _ := json.Marshal(tk)
|
// raw, _ := json.Marshal(tk)
|
||||||
oa = &models.Oauth2{
|
// oa = &models.Oauth2{
|
||||||
Uid: -1,
|
// Uid: -1,
|
||||||
Type: connect.Type(),
|
// Type: connect.Type(),
|
||||||
Identity: ui.Identity,
|
// Identity: ui.Identity,
|
||||||
Token: string(raw),
|
// Token: string(raw),
|
||||||
}
|
// }
|
||||||
log.Trace("social.SocialSignIn(oa): %v", oa)
|
// log.Trace("social.SocialSignIn(oa): %v", oa)
|
||||||
if err = models.AddOauth2(oa); err != nil {
|
// if err = models.AddOauth2(oa); err != nil {
|
||||||
log.Error(4, "social.SocialSignIn(add oauth2): %v", err) // 501
|
// log.Error(4, "social.SocialSignIn(add oauth2): %v", err) // 501
|
||||||
return
|
// return
|
||||||
}
|
// }
|
||||||
case models.ErrOauth2NotAssociated:
|
// case models.ErrOauth2NotAssociated:
|
||||||
next = setting.AppSubUrl + "/user/sign_up"
|
// next = setting.AppSubUrl + "/user/sign_up"
|
||||||
default:
|
// default:
|
||||||
ctx.Handle(500, "social.SocialSignIn(GetOauth2)", err)
|
// ctx.Handle(500, "social.SocialSignIn(GetOauth2)", err)
|
||||||
return
|
// return
|
||||||
}
|
// }
|
||||||
|
|
||||||
oa.Updated = time.Now()
|
// oa.Updated = time.Now()
|
||||||
if err = models.UpdateOauth2(oa); err != nil {
|
// if err = models.UpdateOauth2(oa); err != nil {
|
||||||
log.Error(4, "UpdateOauth2: %v", err)
|
// log.Error(4, "UpdateOauth2: %v", err)
|
||||||
}
|
// }
|
||||||
|
|
||||||
ctx.Session.Set("socialId", oa.Id)
|
// ctx.Session.Set("socialId", oa.Id)
|
||||||
ctx.Session.Set("socialName", ui.Name)
|
// ctx.Session.Set("socialName", ui.Name)
|
||||||
ctx.Session.Set("socialEmail", ui.Email)
|
// ctx.Session.Set("socialEmail", ui.Email)
|
||||||
log.Trace("social.SocialSignIn(social ID): %v", oa.Id)
|
// log.Trace("social.SocialSignIn(social ID): %v", oa.Id)
|
||||||
ctx.Redirect(next)
|
// ctx.Redirect(next)
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
0.5.8.1125 Beta
|
0.5.8.1128 Beta
|
|
@ -1,4 +1,4 @@
|
||||||
{{if .OauthService.GitHub}}<a class="btn github" href="{{AppSubUrl}}/user/login/github?next=/user/sign_up"><i class="fa fa-github"></i>GitHub</a>{{end}}
|
{{if .OauthService.GitHub}}<a class="btn github" href="{{AppSubUrl}}/user/login/oauth2/github?next={{AppSubUrl}}/user/info/github"><i class="fa fa-github"></i>GitHub</a>{{end}}
|
||||||
{{if .OauthService.Google}}<a class="btn google" href="{{AppSubUrl}}/user/login/google?next=/user/sign_up"><i class="fa fa-google"></i>Google +</a>{{end}}
|
{{if .OauthService.Google}}<a class="btn google" href="{{AppSubUrl}}/user/login/oauth2/google?next={{AppSubUrl}}/user/info/google"><i class="fa fa-google"></i>Google +</a>{{end}}
|
||||||
{{if .OauthService.Weibo}}<a class="btn weibo" href="{{AppSubUrl}}/user/login/weibo?next=/user/sign_up"><i class="fa fa-weibo"></i>新浪微博</a>{{end}}
|
{{if .OauthService.Weibo}}<a class="btn weibo" href="{{AppSubUrl}}/user/login/oauth2/weibo?next={{AppSubUrl}}/user/info/weibo"><i class="fa fa-weibo"></i>新浪微博</a>{{end}}
|
||||||
{{if .OauthService.Tencent}}<a class="btn qq" href="{{AppSubUrl}}/user/login/qq?next=/user/sign_up"><i class="fa fa-qq"></i>腾讯 QQ </a>{{end}}
|
{{if .OauthService.Tencent}}<a class="btn qq" href="{{AppSubUrl}}/user/login/oauth2/qq?next={{AppSubUrl}}/user/info/qq"><i class="fa fa-qq"></i>腾讯 QQ </a>{{end}}
|
Loading…
Reference in a new issue