mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-17 12:12:46 -05:00
395 lines
9.8 KiB
Go
395 lines
9.8 KiB
Go
// Copyright 2014 Google Inc. All Rights Reserved.
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package social
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/url"
|
|
"strconv"
|
|
"strings"
|
|
|
|
oauth "github.com/gogits/oauth2"
|
|
|
|
"github.com/gogits/gogs/models"
|
|
"github.com/gogits/gogs/modules/log"
|
|
"github.com/gogits/gogs/modules/setting"
|
|
)
|
|
|
|
type BasicUserInfo struct {
|
|
Identity string
|
|
Name string
|
|
Email string
|
|
}
|
|
|
|
type SocialConnector interface {
|
|
Type() int
|
|
SetRedirectUrl(string)
|
|
UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error)
|
|
|
|
AuthCodeURL(string) string
|
|
Exchange(string) (*oauth.Token, error)
|
|
}
|
|
|
|
var (
|
|
SocialBaseUrl = "/user/login"
|
|
SocialMap = make(map[string]SocialConnector)
|
|
)
|
|
|
|
func NewOauthService() {
|
|
if !setting.Cfg.MustBool("oauth", "ENABLED") {
|
|
return
|
|
}
|
|
|
|
setting.OauthService = &setting.Oauther{}
|
|
setting.OauthService.OauthInfos = make(map[string]*setting.OauthInfo)
|
|
|
|
socialConfigs := make(map[string]*oauth.Config)
|
|
allOauthes := []string{"github", "google", "qq", "twitter", "weibo"}
|
|
// Load all OAuth config data.
|
|
for _, name := range allOauthes {
|
|
setting.OauthService.OauthInfos[name] = &setting.OauthInfo{
|
|
ClientId: setting.Cfg.MustValue("oauth."+name, "CLIENT_ID"),
|
|
ClientSecret: setting.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"),
|
|
Scopes: setting.Cfg.MustValue("oauth."+name, "SCOPES"),
|
|
AuthUrl: setting.Cfg.MustValue("oauth."+name, "AUTH_URL"),
|
|
TokenUrl: setting.Cfg.MustValue("oauth."+name, "TOKEN_URL"),
|
|
}
|
|
socialConfigs[name] = &oauth.Config{
|
|
ClientId: setting.OauthService.OauthInfos[name].ClientId,
|
|
ClientSecret: setting.OauthService.OauthInfos[name].ClientSecret,
|
|
RedirectURL: strings.TrimSuffix(setting.AppUrl, "/") + SocialBaseUrl + name,
|
|
Scope: setting.OauthService.OauthInfos[name].Scopes,
|
|
AuthURL: setting.OauthService.OauthInfos[name].AuthUrl,
|
|
TokenURL: setting.OauthService.OauthInfos[name].TokenUrl,
|
|
}
|
|
}
|
|
enabledOauths := make([]string, 0, 10)
|
|
|
|
// GitHub.
|
|
if setting.Cfg.MustBool("oauth.github", "ENABLED") {
|
|
setting.OauthService.GitHub = true
|
|
newGitHubOauth(socialConfigs["github"])
|
|
enabledOauths = append(enabledOauths, "GitHub")
|
|
}
|
|
|
|
// Google.
|
|
if setting.Cfg.MustBool("oauth.google", "ENABLED") {
|
|
setting.OauthService.Google = true
|
|
newGoogleOauth(socialConfigs["google"])
|
|
enabledOauths = append(enabledOauths, "Google")
|
|
}
|
|
|
|
// QQ.
|
|
if setting.Cfg.MustBool("oauth.qq", "ENABLED") {
|
|
setting.OauthService.Tencent = true
|
|
newTencentOauth(socialConfigs["qq"])
|
|
enabledOauths = append(enabledOauths, "QQ")
|
|
}
|
|
|
|
// Twitter.
|
|
if setting.Cfg.MustBool("oauth.twitter", "ENABLED") {
|
|
setting.OauthService.Twitter = true
|
|
newTwitterOauth(socialConfigs["twitter"])
|
|
enabledOauths = append(enabledOauths, "Twitter")
|
|
}
|
|
|
|
// Weibo.
|
|
if setting.Cfg.MustBool("oauth.weibo", "ENABLED") {
|
|
setting.OauthService.Weibo = true
|
|
newWeiboOauth(socialConfigs["weibo"])
|
|
enabledOauths = append(enabledOauths, "Weibo")
|
|
}
|
|
|
|
log.Info("Oauth Service Enabled %s", enabledOauths)
|
|
}
|
|
|
|
// ________.__ __ ___ ___ ___.
|
|
// / _____/|__|/ |_ / | \ __ _\_ |__
|
|
// / \ ___| \ __\/ ~ \ | \ __ \
|
|
// \ \_\ \ || | \ Y / | / \_\ \
|
|
// \______ /__||__| \___|_ /|____/|___ /
|
|
// \/ \/ \/
|
|
|
|
type SocialGithub struct {
|
|
Token *oauth.Token
|
|
*oauth.Transport
|
|
}
|
|
|
|
func (s *SocialGithub) Type() int {
|
|
return int(models.GITHUB)
|
|
}
|
|
|
|
func newGitHubOauth(config *oauth.Config) {
|
|
SocialMap["github"] = &SocialGithub{
|
|
Transport: &oauth.Transport{
|
|
Config: config,
|
|
Transport: http.DefaultTransport,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (s *SocialGithub) SetRedirectUrl(url string) {
|
|
s.Transport.Config.RedirectURL = url
|
|
}
|
|
|
|
func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
transport := &oauth.Transport{
|
|
Token: token,
|
|
}
|
|
var data struct {
|
|
Id int `json:"id"`
|
|
Name string `json:"login"`
|
|
Email string `json:"email"`
|
|
}
|
|
var err error
|
|
r, err := transport.Client().Get(s.Transport.Scope)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer r.Body.Close()
|
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return nil, err
|
|
}
|
|
return &BasicUserInfo{
|
|
Identity: strconv.Itoa(data.Id),
|
|
Name: data.Name,
|
|
Email: data.Email,
|
|
}, nil
|
|
}
|
|
|
|
// ________ .__
|
|
// / _____/ ____ ____ ____ | | ____
|
|
// / \ ___ / _ \ / _ \ / ___\| | _/ __ \
|
|
// \ \_\ ( <_> | <_> ) /_/ > |_\ ___/
|
|
// \______ /\____/ \____/\___ /|____/\___ >
|
|
// \/ /_____/ \/
|
|
|
|
type SocialGoogle struct {
|
|
Token *oauth.Token
|
|
*oauth.Transport
|
|
}
|
|
|
|
func (s *SocialGoogle) Type() int {
|
|
return int(models.GOOGLE)
|
|
}
|
|
|
|
func newGoogleOauth(config *oauth.Config) {
|
|
SocialMap["google"] = &SocialGoogle{
|
|
Transport: &oauth.Transport{
|
|
Config: config,
|
|
Transport: http.DefaultTransport,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (s *SocialGoogle) SetRedirectUrl(url string) {
|
|
s.Transport.Config.RedirectURL = url
|
|
}
|
|
|
|
func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
transport := &oauth.Transport{Token: token}
|
|
var data struct {
|
|
Id string `json:"id"`
|
|
Name string `json:"name"`
|
|
Email string `json:"email"`
|
|
}
|
|
var err error
|
|
|
|
reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
|
|
r, err := transport.Client().Get(reqUrl)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer r.Body.Close()
|
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return nil, err
|
|
}
|
|
return &BasicUserInfo{
|
|
Identity: data.Id,
|
|
Name: data.Name,
|
|
Email: data.Email,
|
|
}, nil
|
|
}
|
|
|
|
// ________ ________
|
|
// \_____ \ \_____ \
|
|
// / / \ \ / / \ \
|
|
// / \_/. \/ \_/. \
|
|
// \_____\ \_/\_____\ \_/
|
|
// \__> \__>
|
|
|
|
type SocialTencent struct {
|
|
Token *oauth.Token
|
|
*oauth.Transport
|
|
reqUrl string
|
|
}
|
|
|
|
func (s *SocialTencent) Type() int {
|
|
return int(models.QQ)
|
|
}
|
|
|
|
func newTencentOauth(config *oauth.Config) {
|
|
SocialMap["qq"] = &SocialTencent{
|
|
reqUrl: "https://open.t.qq.com/api/user/info",
|
|
Transport: &oauth.Transport{
|
|
Config: config,
|
|
Transport: http.DefaultTransport,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (s *SocialTencent) SetRedirectUrl(url string) {
|
|
s.Transport.Config.RedirectURL = url
|
|
}
|
|
|
|
func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) {
|
|
var data struct {
|
|
Data struct {
|
|
Id string `json:"openid"`
|
|
Name string `json:"name"`
|
|
Email string `json:"email"`
|
|
} `json:"data"`
|
|
}
|
|
var err error
|
|
// https://open.t.qq.com/api/user/info?
|
|
//oauth_consumer_key=APP_KEY&
|
|
//access_token=ACCESSTOKEN&openid=openid
|
|
//clientip=CLIENTIP&oauth_version=2.a
|
|
//scope=all
|
|
var urls = url.Values{
|
|
"oauth_consumer_key": {s.Transport.Config.ClientId},
|
|
"access_token": {token.AccessToken},
|
|
"openid": URL.Query()["openid"],
|
|
"oauth_version": {"2.a"},
|
|
"scope": {"all"},
|
|
}
|
|
r, err := http.Get(s.reqUrl + "?" + urls.Encode())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer r.Body.Close()
|
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return nil, err
|
|
}
|
|
return &BasicUserInfo{
|
|
Identity: data.Data.Id,
|
|
Name: data.Data.Name,
|
|
Email: data.Data.Email,
|
|
}, nil
|
|
}
|
|
|
|
// ___________ .__ __ __
|
|
// \__ ___/_ _ _|__|/ |__/ |_ ___________
|
|
// | | \ \/ \/ / \ __\ __\/ __ \_ __ \
|
|
// | | \ /| || | | | \ ___/| | \/
|
|
// |____| \/\_/ |__||__| |__| \___ >__|
|
|
// \/
|
|
|
|
type SocialTwitter struct {
|
|
Token *oauth.Token
|
|
*oauth.Transport
|
|
}
|
|
|
|
func (s *SocialTwitter) Type() int {
|
|
return int(models.TWITTER)
|
|
}
|
|
|
|
func newTwitterOauth(config *oauth.Config) {
|
|
SocialMap["twitter"] = &SocialTwitter{
|
|
Transport: &oauth.Transport{
|
|
Config: config,
|
|
Transport: http.DefaultTransport,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (s *SocialTwitter) SetRedirectUrl(url string) {
|
|
s.Transport.Config.RedirectURL = url
|
|
}
|
|
|
|
//https://github.com/mrjones/oauth
|
|
func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
// transport := &oauth.Transport{Token: token}
|
|
// var data struct {
|
|
// Id string `json:"id"`
|
|
// Name string `json:"name"`
|
|
// Email string `json:"email"`
|
|
// }
|
|
// var err error
|
|
|
|
// reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo"
|
|
// r, err := transport.Client().Get(reqUrl)
|
|
// if err != nil {
|
|
// return nil, err
|
|
// }
|
|
// defer r.Body.Close()
|
|
// if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
// return nil, err
|
|
// }
|
|
// return &BasicUserInfo{
|
|
// Identity: data.Id,
|
|
// Name: data.Name,
|
|
// Email: data.Email,
|
|
// }, nil
|
|
return nil, nil
|
|
}
|
|
|
|
// __ __ ._____.
|
|
// / \ / \ ____ |__\_ |__ ____
|
|
// \ \/\/ // __ \| || __ \ / _ \
|
|
// \ /\ ___/| || \_\ ( <_> )
|
|
// \__/\ / \___ >__||___ /\____/
|
|
// \/ \/ \/
|
|
|
|
type SocialWeibo struct {
|
|
Token *oauth.Token
|
|
*oauth.Transport
|
|
}
|
|
|
|
func (s *SocialWeibo) Type() int {
|
|
return int(models.WEIBO)
|
|
}
|
|
|
|
func newWeiboOauth(config *oauth.Config) {
|
|
SocialMap["weibo"] = &SocialWeibo{
|
|
Transport: &oauth.Transport{
|
|
Config: config,
|
|
Transport: http.DefaultTransport,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (s *SocialWeibo) SetRedirectUrl(url string) {
|
|
s.Transport.Config.RedirectURL = url
|
|
}
|
|
|
|
func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) {
|
|
transport := &oauth.Transport{Token: token}
|
|
var data struct {
|
|
Name string `json:"name"`
|
|
}
|
|
var err error
|
|
|
|
var urls = url.Values{
|
|
"access_token": {token.AccessToken},
|
|
"uid": {token.Extra["id_token"]},
|
|
}
|
|
reqUrl := "https://api.weibo.com/2/users/show.json"
|
|
r, err := transport.Client().Get(reqUrl + "?" + urls.Encode())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer r.Body.Close()
|
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil {
|
|
return nil, err
|
|
}
|
|
return &BasicUserInfo{
|
|
Identity: token.Extra["id_token"],
|
|
Name: data.Name,
|
|
}, nil
|
|
return nil, nil
|
|
}
|