osbzr
/
com
项目红包剩余9514,下一贡献奖励5%,即 476个红包
Watch 15
Star 7
Wiki 捐赠
本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 4f0cac5ea6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4f0cac5ea6'
${ noResults }
com/vendor/github.com/markbates/goth/providers/github/github.go

234 lines
6.2KB
Raw Blame History 

  1. // Package github implements the OAuth2 protocol for authenticating users through Github.

  2. // This package can be used as a reference implementation of an OAuth2 provider for Goth.

  3. package github

  4. 

  5. import (

  6. 	"bytes"

  7. 	"encoding/json"

  8. 	"errors"

  9. 	"fmt"

  10. 	"io"

  11. 	"io/ioutil"

  12. 	"net/http"

  13. 	"net/url"

  14. 	"strconv"

  15. 	"strings"

  16. 

  17. 	"github.com/markbates/goth"

  18. 	"golang.org/x/oauth2"

  19. )

  20. 

  21. // These vars define the Authentication, Token, and API URLS for GitHub. If

  22. // using GitHub enterprise you should change these values before calling New.

  23. //

  24. // Examples:

  25. //	github.AuthURL = "https://github.acme.com/login/oauth/authorize

  26. //	github.TokenURL = "https://github.acme.com/login/oauth/access_token

  27. //	github.ProfileURL = "https://github.acme.com/api/v3/user

  28. //	github.EmailURL = "https://github.acme.com/api/v3/user/emails

  29. var (

  30. 	AuthURL    = "https://github.com/login/oauth/authorize"

  31. 	TokenURL   = "https://github.com/login/oauth/access_token"

  32. 	ProfileURL = "https://api.github.com/user"

  33. 	EmailURL   = "https://api.github.com/user/emails"

  34. )

  35. 

  36. // New creates a new Github provider, and sets up important connection details.

  37. // You should always call `github.New` to get a new Provider. Never try to create

  38. // one manually.

  39. func New(clientKey, secret, callbackURL string, scopes ...string) *Provider {

  40. 	return NewCustomisedURL(clientKey, secret, callbackURL, AuthURL, TokenURL, ProfileURL, EmailURL, scopes...)

  41. }

  42. 

  43. // NewCustomisedURL is similar to New(...) but can be used to set custom URLs to connect to

  44. func NewCustomisedURL(clientKey, secret, callbackURL, authURL, tokenURL, profileURL, emailURL string, scopes ...string) *Provider {

  45. 	p := &Provider{

  46. 		ClientKey:    clientKey,

  47. 		Secret:       secret,

  48. 		CallbackURL:  callbackURL,

  49. 		providerName: "github",

  50. 		profileURL:   profileURL,

  51. 		emailURL:     emailURL,

  52. 	}

  53. 	p.config = newConfig(p, authURL, tokenURL, scopes)

  54. 	return p

  55. }

  56. 

  57. // Provider is the implementation of `goth.Provider` for accessing Github.

  58. type Provider struct {

  59. 	ClientKey    string

  60. 	Secret       string

  61. 	CallbackURL  string

  62. 	HTTPClient   *http.Client

  63. 	config       *oauth2.Config

  64. 	providerName string

  65. 	profileURL   string

  66. 	emailURL     string

  67. }

  68. 

  69. // Name is the name used to retrieve this provider later.

  70. func (p *Provider) Name() string {

  71. 	return p.providerName

  72. }

  73. 

  74. // SetName is to update the name of the provider (needed in case of multiple providers of 1 type)

  75. func (p *Provider) SetName(name string) {

  76. 	p.providerName = name

  77. }

  78. 

  79. func (p *Provider) Client() *http.Client {

  80. 	return goth.HTTPClientWithFallBack(p.HTTPClient)

  81. }

  82. 

  83. // Debug is a no-op for the github package.

  84. func (p *Provider) Debug(debug bool) {}

  85. 

  86. // BeginAuth asks Github for an authentication end-point.

  87. func (p *Provider) BeginAuth(state string) (goth.Session, error) {

  88. 	url := p.config.AuthCodeURL(state)

  89. 	session := &Session{

  90. 		AuthURL: url,

  91. 	}

  92. 	return session, nil

  93. }

  94. 

  95. // FetchUser will go to Github and access basic information about the user.

  96. func (p *Provider) FetchUser(session goth.Session) (goth.User, error) {

  97. 	sess := session.(*Session)

  98. 	user := goth.User{

  99. 		AccessToken: sess.AccessToken,

  100. 		Provider:    p.Name(),

  101. 	}

  102. 

  103. 	if user.AccessToken == "" {

  104. 		// data is not yet retrieved since accessToken is still empty

  105. 		return user, fmt.Errorf("%s cannot get user information without accessToken", p.providerName)

  106. 	}

  107. 

  108. 	response, err := p.Client().Get(p.profileURL + "?access_token=" + url.QueryEscape(sess.AccessToken))

  109. 	if err != nil {

  110. 		return user, err

  111. 	}

  112. 	defer response.Body.Close()

  113. 

  114. 	if response.StatusCode != http.StatusOK {

  115. 		return user, fmt.Errorf("GitHub API responded with a %d trying to fetch user information", response.StatusCode)

  116. 	}

  117. 

  118. 	bits, err := ioutil.ReadAll(response.Body)

  119. 	if err != nil {

  120. 		return user, err

  121. 	}

  122. 

  123. 	err = json.NewDecoder(bytes.NewReader(bits)).Decode(&user.RawData)

  124. 	if err != nil {

  125. 		return user, err

  126. 	}

  127. 

  128. 	err = userFromReader(bytes.NewReader(bits), &user)

  129. 	if err != nil {

  130. 		return user, err

  131. 	}

  132. 

  133. 	if user.Email == "" {

  134. 		for _, scope := range p.config.Scopes {

  135. 			if strings.TrimSpace(scope) == "user" || strings.TrimSpace(scope) == "user:email" {

  136. 				user.Email, err = getPrivateMail(p, sess)

  137. 				if err != nil {

  138. 					return user, err

  139. 				}

  140. 				break

  141. 			}

  142. 		}

  143. 	}

  144. 	return user, err

  145. }

  146. 

  147. func userFromReader(reader io.Reader, user *goth.User) error {

  148. 	u := struct {

  149. 		ID       int    `json:"id"`

  150. 		Email    string `json:"email"`

  151. 		Bio      string `json:"bio"`

  152. 		Name     string `json:"name"`

  153. 		Login    string `json:"login"`

  154. 		Picture  string `json:"avatar_url"`

  155. 		Location string `json:"location"`

  156. 	}{}

  157. 

  158. 	err := json.NewDecoder(reader).Decode(&u)

  159. 	if err != nil {

  160. 		return err

  161. 	}

  162. 

  163. 	user.Name = u.Name

  164. 	user.NickName = u.Login

  165. 	user.Email = u.Email

  166. 	user.Description = u.Bio

  167. 	user.AvatarURL = u.Picture

  168. 	user.UserID = strconv.Itoa(u.ID)

  169. 	user.Location = u.Location

  170. 

  171. 	return err

  172. }

  173. 

  174. func getPrivateMail(p *Provider, sess *Session) (email string, err error) {

  175. 	response, err := p.Client().Get(p.emailURL + "?access_token=" + url.QueryEscape(sess.AccessToken))

  176. 	if err != nil {

  177. 		if response != nil {

  178. 			response.Body.Close()

  179. 		}

  180. 		return email, err

  181. 	}

  182. 	defer response.Body.Close()

  183. 

  184. 	if response.StatusCode != http.StatusOK {

  185. 		return email, fmt.Errorf("GitHub API responded with a %d trying to fetch user email", response.StatusCode)

  186. 	}

  187. 

  188. 	var mailList = []struct {

  189. 		Email    string `json:"email"`

  190. 		Primary  bool   `json:"primary"`

  191. 		Verified bool   `json:"verified"`

  192. 	}{}

  193. 	err = json.NewDecoder(response.Body).Decode(&mailList)

  194. 	if err != nil {

  195. 		return email, err

  196. 	}

  197. 	for _, v := range mailList {

  198. 		if v.Primary && v.Verified {

  199. 			return v.Email, nil

  200. 		}

  201. 	}

  202. 	// can't get primary email - shouldn't be possible

  203. 	return

  204. }

  205. 

  206. func newConfig(provider *Provider, authURL, tokenURL string, scopes []string) *oauth2.Config {

  207. 	c := &oauth2.Config{

  208. 		ClientID:     provider.ClientKey,

  209. 		ClientSecret: provider.Secret,

  210. 		RedirectURL:  provider.CallbackURL,

  211. 		Endpoint: oauth2.Endpoint{

  212. 			AuthURL:  authURL,

  213. 			TokenURL: tokenURL,

  214. 		},

  215. 		Scopes: []string{},

  216. 	}

  217. 

  218. 	for _, scope := range scopes {

  219. 		c.Scopes = append(c.Scopes, scope)

  220. 	}

  221. 

  222. 	return c

  223. }

  224. 

  225. //RefreshToken refresh token is not provided by github

  226. func (p *Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {

  227. 	return nil, errors.New("Refresh token is not provided by github")

  228. }

  229. 

  230. //RefreshTokenAvailable refresh token is not provided by github

  231. func (p *Provider) RefreshTokenAvailable() bool {

  232. 	return false

  233. }
上海开阖软件有限公司 沪ICP备12045867号-1