osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Watch 15
Star 7
Wiki 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 4f0cac5ea6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4f0cac5ea6'
${ noResults }
com/vendor/github.com/markbates/goth/providers/gitea/gitea.go

187 lines
5.0KB
Raw Blame History 

  1. // Package gitea implements the OAuth2 protocol for authenticating users through gitea.

  2. // This package can be used as a reference implementation of an OAuth2 provider for Goth.

  3. package gitea

  4. 

  5. import (

  6. 	"bytes"

  7. 	"encoding/json"

  8. 	"io"

  9. 	"io/ioutil"

  10. 	"net/http"

  11. 	"net/url"

  12. 	"strconv"

  13. 

  14. 	"fmt"

  15. 	"github.com/markbates/goth"

  16. 	"golang.org/x/oauth2"

  17. )

  18. 

  19. // These vars define the default Authentication, Token, and Profile URLS for Gitea.

  20. //

  21. // Examples:

  22. //	gitea.AuthURL = "https://gitea.acme.com/oauth/authorize

  23. //	gitea.TokenURL = "https://gitea.acme.com/oauth/token

  24. //	gitea.ProfileURL = "https://gitea.acme.com/api/v3/user

  25. var (

  26. 	AuthURL    = "https://gitea.com/login/oauth/authorize"

  27. 	TokenURL   = "https://gitea.com/login/oauth/access_token"

  28. 	ProfileURL = "https://gitea.com/api/v1/user"

  29. )

  30. 

  31. // Provider is the implementation of `goth.Provider` for accessing Gitea.

  32. type Provider struct {

  33. 	ClientKey    string

  34. 	Secret       string

  35. 	CallbackURL  string

  36. 	HTTPClient   *http.Client

  37. 	config       *oauth2.Config

  38. 	providerName string

  39. 	authURL      string

  40. 	tokenURL     string

  41. 	profileURL   string

  42. }

  43. 

  44. // New creates a new Gitea provider and sets up important connection details.

  45. // You should always call `gitea.New` to get a new provider.  Never try to

  46. // create one manually.

  47. func New(clientKey, secret, callbackURL string, scopes ...string) *Provider {

  48. 	return NewCustomisedURL(clientKey, secret, callbackURL, AuthURL, TokenURL, ProfileURL, scopes...)

  49. }

  50. 

  51. // NewCustomisedURL is similar to New(...) but can be used to set custom URLs to connect to

  52. func NewCustomisedURL(clientKey, secret, callbackURL, authURL, tokenURL, profileURL string, scopes ...string) *Provider {

  53. 	p := &Provider{

  54. 		ClientKey:    clientKey,

  55. 		Secret:       secret,

  56. 		CallbackURL:  callbackURL,

  57. 		providerName: "gitea",

  58. 		profileURL:   profileURL,

  59. 	}

  60. 	p.config = newConfig(p, authURL, tokenURL, scopes)

  61. 	return p

  62. }

  63. 

  64. // Name is the name used to retrieve this provider later.

  65. func (p *Provider) Name() string {

  66. 	return p.providerName

  67. }

  68. 

  69. // SetName is to update the name of the provider (needed in case of multiple providers of 1 type)

  70. func (p *Provider) SetName(name string) {

  71. 	p.providerName = name

  72. }

  73. 

  74. func (p *Provider) Client() *http.Client {

  75. 	return goth.HTTPClientWithFallBack(p.HTTPClient)

  76. }

  77. 

  78. // Debug is a no-op for the gitea package.

  79. func (p *Provider) Debug(debug bool) {}

  80. 

  81. // BeginAuth asks Gitea for an authentication end-point.

  82. func (p *Provider) BeginAuth(state string) (goth.Session, error) {

  83. 	return &Session{

  84. 		AuthURL: p.config.AuthCodeURL(state),

  85. 	}, nil

  86. }

  87. 

  88. // FetchUser will go to Gitea and access basic information about the user.

  89. func (p *Provider) FetchUser(session goth.Session) (goth.User, error) {

  90. 	sess := session.(*Session)

  91. 	user := goth.User{

  92. 		AccessToken:  sess.AccessToken,

  93. 		Provider:     p.Name(),

  94. 		RefreshToken: sess.RefreshToken,

  95. 		ExpiresAt:    sess.ExpiresAt,

  96. 	}

  97. 

  98. 	if user.AccessToken == "" {

  99. 		// data is not yet retrieved since accessToken is still empty

  100. 		return user, fmt.Errorf("%s cannot get user information without accessToken", p.providerName)

  101. 	}

  102. 

  103. 	response, err := p.Client().Get(p.profileURL + "?access_token=" + url.QueryEscape(sess.AccessToken))

  104. 	if err != nil {

  105. 		if response != nil {

  106. 			response.Body.Close()

  107. 		}

  108. 		return user, err

  109. 	}

  110. 

  111. 	defer response.Body.Close()

  112. 

  113. 	if response.StatusCode != http.StatusOK {

  114. 		return user, fmt.Errorf("%s responded with a %d trying to fetch user information", p.providerName, response.StatusCode)

  115. 	}

  116. 

  117. 	bits, err := ioutil.ReadAll(response.Body)

  118. 	if err != nil {

  119. 		return user, err

  120. 	}

  121. 

  122. 	err = json.NewDecoder(bytes.NewReader(bits)).Decode(&user.RawData)

  123. 	if err != nil {

  124. 		return user, err

  125. 	}

  126. 

  127. 	err = userFromReader(bytes.NewReader(bits), &user)

  128. 

  129. 	return user, err

  130. }

  131. 

  132. func newConfig(provider *Provider, authURL, tokenURL string, scopes []string) *oauth2.Config {

  133. 	c := &oauth2.Config{

  134. 		ClientID:     provider.ClientKey,

  135. 		ClientSecret: provider.Secret,

  136. 		RedirectURL:  provider.CallbackURL,

  137. 		Endpoint: oauth2.Endpoint{

  138. 			AuthURL:  authURL,

  139. 			TokenURL: tokenURL,

  140. 		},

  141. 		Scopes: []string{},

  142. 	}

  143. 

  144. 	if len(scopes) > 0 {

  145. 		for _, scope := range scopes {

  146. 			c.Scopes = append(c.Scopes, scope)

  147. 		}

  148. 	}

  149. 	return c

  150. }

  151. 

  152. func userFromReader(r io.Reader, user *goth.User) error {

  153. 	u := struct {

  154. 		Name      string `json:"full_name"`

  155. 		Email     string `json:"email"`

  156. 		NickName  string `json:"login"`

  157. 		ID        int    `json:"id"`

  158. 		AvatarURL string `json:"avatar_url"`

  159. 	}{}

  160. 	err := json.NewDecoder(r).Decode(&u)

  161. 	if err != nil {

  162. 		return err

  163. 	}

  164. 	user.Email = u.Email

  165. 	user.Name = u.Name

  166. 	user.NickName = u.NickName

  167. 	user.UserID = strconv.Itoa(u.ID)

  168. 	user.AvatarURL = u.AvatarURL

  169. 	return nil

  170. }

  171. 

  172. //RefreshTokenAvailable refresh token is provided by auth provider or not

  173. func (p *Provider) RefreshTokenAvailable() bool {

  174. 	return true

  175. }

  176. 

  177. //RefreshToken get new access token based on the refresh token

  178. func (p *Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {

  179. 	token := &oauth2.Token{RefreshToken: refreshToken}

  180. 	ts := p.config.TokenSource(goth.ContextForClient(p.Client()), token)

  181. 	newToken, err := ts.Token()

  182. 	if err != nil {

  183. 		return nil, err

  184. 	}

  185. 	return newToken, err

  186. }
上海开阖软件有限公司 沪ICP备12045867号-1