forked from gitea/gitea
1
0
Fork 0

add google oauth2 support

This commit is contained in:
skyblue 2014-04-12 23:19:17 +08:00
parent 5d30bfc8ba
commit 2ce0c3befe
5 changed files with 190 additions and 98 deletions

View File

@ -26,7 +26,7 @@ type Oauth2 struct {
User *User `xorm:"-"` User *User `xorm:"-"`
Type int `xorm:"unique(s) unique(oauth)"` // twitter,github,google... Type int `xorm:"unique(s) unique(oauth)"` // twitter,github,google...
Identity string `xorm:"unique(s) unique(oauth)"` // id.. Identity string `xorm:"unique(s) unique(oauth)"` // id..
Token string `xorm:"VARCHAR(200) not null"` Token string `xorm:"TEXT not null"`
} }
func BindUserOauth2(userId, oauthId int64) error { func BindUserOauth2(userId, oauthId int64) error {
@ -48,7 +48,7 @@ func GetOauth2(identity string) (oa *Oauth2, err error) {
return return
} else if !isExist { } else if !isExist {
return nil, ErrOauth2RecordNotExists return nil, ErrOauth2RecordNotExists
} else if oa.Uid == 0 { } else if oa.Uid == -1 {
return oa, ErrOauth2NotAssociatedWithUser return oa, ErrOauth2NotAssociatedWithUser
} }
oa.User, err = GetUserById(oa.Uid) oa.User, err = GetUserById(oa.Uid)

View File

@ -6,65 +6,32 @@ package user
import ( import (
"encoding/json" "encoding/json"
"net/http" "fmt"
"net/url" "net/url"
"strconv"
"strings" "strings"
"code.google.com/p/goauth2/oauth" "code.google.com/p/goauth2/oauth"
"github.com/go-martini/martini"
"github.com/gogits/gogs/models" "github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/base" "github.com/gogits/gogs/modules/base"
"github.com/gogits/gogs/modules/log" "github.com/gogits/gogs/modules/log"
"github.com/gogits/gogs/modules/middleware" "github.com/gogits/gogs/modules/middleware"
) )
type BasicUserInfo struct {
Identity string
Name string
Email string
}
type SocialConnector interface { type SocialConnector interface {
Identity() string Type() int
Name() string SetRedirectUrl(string)
Email() string UserInfo(*oauth.Token) (*BasicUserInfo, error)
TokenString() string
}
type SocialGithub struct { AuthCodeURL(string) string
data struct { Exchange(string) (*oauth.Token, error)
Id int `json:"id"`
Name string `json:"login"`
Email string `json:"email"`
}
Token *oauth.Token
}
func (s *SocialGithub) Identity() string {
return strconv.Itoa(s.data.Id)
}
func (s *SocialGithub) Name() string {
return s.data.Name
}
func (s *SocialGithub) Email() string {
return s.data.Email
}
func (s *SocialGithub) TokenString() string {
data, _ := json.Marshal(s.Token)
return string(data)
}
// Github API refer: https://developer.github.com/v3/users/
func (s *SocialGithub) Update() error {
scope := "https://api.github.com/user"
transport := &oauth.Transport{
Token: s.Token,
}
log.Debug("update github info")
r, err := transport.Client().Get(scope)
if err != nil {
return err
}
defer r.Body.Close()
return json.NewDecoder(r.Body).Decode(&s.data)
} }
func extractPath(next string) string { func extractPath(next string) string {
@ -75,85 +42,76 @@ func extractPath(next string) string {
return n.Path return n.Path
} }
// github && google && ... var (
func SocialSignIn(ctx *middleware.Context) { SocialBaseUrl = "/user/login"
//if base.OauthService != nil && base.OauthService.GitHub.Enabled { SocialMap = make(map[string]SocialConnector)
//} )
var socid int64 // github && google && ...
var ok bool func SocialSignIn(params martini.Params, ctx *middleware.Context) {
next := extractPath(ctx.Query("next")) if base.OauthService == nil || !base.OauthService.GitHub.Enabled {
log.Debug("social signed check %s", next) ctx.Handle(404, "social login not enabled", nil)
if socid, ok = ctx.Session.Get("socialId").(int64); ok && socid != 0 {
// already login
ctx.Redirect(next)
log.Info("login soc id: %v", socid)
return return
} }
next := extractPath(ctx.Query("next"))
config := &oauth.Config{ name := params["name"]
ClientId: base.OauthService.GitHub.ClientId, connect, ok := SocialMap[name]
ClientSecret: base.OauthService.GitHub.ClientSecret, if !ok {
RedirectURL: strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.RequestURI(), ctx.Handle(404, "social login", nil)
Scope: base.OauthService.GitHub.Scopes, return
AuthURL: "https://github.com/login/oauth/authorize",
TokenURL: "https://github.com/login/oauth/access_token",
}
transport := &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
} }
code := ctx.Query("code") code := ctx.Query("code")
if code == "" { if code == "" {
// redirect to social login page // redirect to social login page
ctx.Redirect(config.AuthCodeURL(next)) connect.SetRedirectUrl(strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.RequestURI())
ctx.Redirect(connect.AuthCodeURL(next))
return return
} }
// handle call back // handle call back
tk, err := transport.Exchange(code) tk, err := connect.Exchange(code) // transport.Exchange(code)
if err != nil { if err != nil {
log.Error("oauth2 handle callback error: %v", err) log.Error("oauth2 handle callback error: %v", err)
return // FIXME, need error page 501 ctx.Handle(500, "exchange code error", nil)
}
next = extractPath(ctx.Query("state"))
log.Debug("success token: %v", tk)
gh := &SocialGithub{Token: tk}
if err = gh.Update(); err != nil {
// FIXME: handle error page 501
log.Error("connect with github error: %s", err)
return return
} }
var soc SocialConnector = gh next = extractPath(ctx.Query("state"))
log.Info("login: %s", soc.Name()) log.Trace("success get token")
oa, err := models.GetOauth2(soc.Identity())
ui, err := connect.UserInfo(tk)
if err != nil {
ctx.Handle(500, fmt.Sprintf("get infomation from %s error: %v", name, err), nil)
log.Error("social connect error: %s", err)
return
}
log.Info("social login: %s", ui)
oa, err := models.GetOauth2(ui.Identity)
switch err { switch err {
case nil: case nil:
ctx.Session.Set("userId", oa.User.Id) ctx.Session.Set("userId", oa.User.Id)
ctx.Session.Set("userName", oa.User.Name) ctx.Session.Set("userName", oa.User.Name)
case models.ErrOauth2RecordNotExists: case models.ErrOauth2RecordNotExists:
oa = &models.Oauth2{} oa = &models.Oauth2{}
raw, _ := json.Marshal(tk) // json encode
oa.Token = string(raw)
oa.Uid = -1 oa.Uid = -1
oa.Type = models.OT_GITHUB oa.Type = connect.Type()
oa.Token = soc.TokenString() oa.Identity = ui.Identity
oa.Identity = soc.Identity() log.Trace("oa: %v", oa)
log.Debug("oa: %v", oa)
if err = models.AddOauth2(oa); err != nil { if err = models.AddOauth2(oa); err != nil {
log.Error("add oauth2 %v", err) // 501 log.Error("add oauth2 %v", err) // 501
return return
} }
case models.ErrOauth2NotAssociatedWithUser: case models.ErrOauth2NotAssociatedWithUser:
ctx.Session.Set("socialId", oa.Id) next = "/user/sign_up"
ctx.Session.Set("socialName", soc.Name())
ctx.Session.Set("socialEmail", soc.Email())
ctx.Redirect("/user/sign_up")
return
default: default:
log.Error(err.Error()) // FIXME: handle error page log.Error("other error: %v", err)
ctx.Handle(500, err.Error(), nil)
return return
} }
ctx.Session.Set("socialId", oa.Id) ctx.Session.Set("socialId", oa.Id)
log.Debug("socialId: %v", oa.Id) ctx.Session.Set("socialName", ui.Name)
ctx.Session.Set("socialEmail", ui.Email)
log.Trace("socialId: %v", oa.Id)
ctx.Redirect(next) ctx.Redirect(next)
} }

View File

@ -0,0 +1,68 @@
package user
import (
"encoding/json"
"net/http"
"strconv"
"strings"
"code.google.com/p/goauth2/oauth"
"github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/base"
)
type SocialGithub struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialGithub) Type() int {
return models.OT_GITHUB
}
func init() {
github := &SocialGithub{}
name := "github"
config := &oauth.Config{
ClientId: "09383403ff2dc16daaa1", //base.OauthService.GitHub.ClientId, // FIXME: panic when set
ClientSecret: "0e4aa0c3630df396cdcea01a9d45cacf79925fea", //base.OauthService.GitHub.ClientSecret,
RedirectURL: strings.TrimSuffix(base.AppUrl, "/") + "/user/login/" + name, //ctx.Req.URL.RequestURI(),
Scope: "https://api.github.com/user",
AuthURL: "https://github.com/login/oauth/authorize",
TokenURL: "https://github.com/login/oauth/access_token",
}
github.Transport = &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
SocialMap[name] = github
}
func (s *SocialGithub) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialGithub) UserInfo(token *oauth.Token) (*BasicUserInfo, error) {
transport := &oauth.Transport{
Token: token,
}
var data struct {
Id int `json:"id"`
Name string `json:"login"`
Email string `json:"email"`
}
var err error
r, err := transport.Client().Get(s.Transport.Scope)
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: strconv.Itoa(data.Id),
Name: data.Name,
Email: data.Email,
}, nil
}

View File

@ -0,0 +1,66 @@
package user
import (
"encoding/json"
"net/http"
"github.com/gogits/gogs/models"
"code.google.com/p/goauth2/oauth"
)
type SocialGoogle struct {
Token *oauth.Token
*oauth.Transport
}
func (s *SocialGoogle) Type() int {
return models.OT_GOOGLE
}
func init() {
google := &SocialGoogle{}
name := "google"
// get client id and secret from
// https://console.developers.google.com/project
config := &oauth.Config{
ClientId: "849753812404-mpd7ilvlb8c7213qn6bre6p6djjskti9.apps.googleusercontent.com", //base.OauthService.GitHub.ClientId, // FIXME: panic when set
ClientSecret: "VukKc4MwaJUSmiyv3D7ANVCa", //base.OauthService.GitHub.ClientSecret,
Scope: "https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile",
AuthURL: "https://accounts.google.com/o/oauth2/auth",
TokenURL: "https://accounts.google.com/o/oauth2/token",
}
google.Transport = &oauth.Transport{
Config: config,
Transport: http.DefaultTransport,
}
SocialMap[name] = google
}
func (s *SocialGoogle) SetRedirectUrl(url string) {
s.Transport.Config.RedirectURL = url
}
func (s *SocialGoogle) UserInfo(token *oauth.Token) (*BasicUserInfo, error) {
transport := &oauth.Transport{Token: token}
var data struct {
Id string `json:"id"`
Name string `json:"name"`
Email string `json:"email"`
}
var err error
reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
r, err := transport.Client().Get(reqUrl)
if err != nil {
return nil, err
}
defer r.Body.Close()
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
return nil, err
}
return &BasicUserInfo{
Identity: data.Id,
Name: data.Name,
Email: data.Email,
}, nil
}

2
web.go
View File

@ -88,7 +88,7 @@ func runWeb(*cli.Context) {
m.Group("/user", func(r martini.Router) { m.Group("/user", func(r martini.Router) {
r.Get("/login", user.SignIn) r.Get("/login", user.SignIn)
r.Post("/login", bindIgnErr(auth.LogInForm{}), user.SignInPost) r.Post("/login", bindIgnErr(auth.LogInForm{}), user.SignInPost)
r.Get("/login/github", user.SocialSignIn) r.Get("/login/:name", user.SocialSignIn)
r.Get("/sign_up", user.SignUp) r.Get("/sign_up", user.SignUp)
r.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost) r.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost)
r.Get("/reset_password", user.ResetPasswd) r.Get("/reset_password", user.ResetPasswd)