import (
"net/http"
+ "sync"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/log"
"github.com/markbates/goth/gothic"
)
+var gothRWMutex = sync.RWMutex{}
+
// SessionTableName is the table name that OAuth2 will use to store things
const SessionTableName = "oauth2_session"
// Note, when using the FilesystemStore only the session.ID is written to a browser cookie, so this is explicit for the storage on disk
store.MaxLength(setting.OAuth2.MaxTokenLength)
+
+ // Lock our mutex
+ gothRWMutex.Lock()
+
gothic.Store = store
gothic.SetState = func(req *http.Request) string {
return req.Header.Get(ProviderHeaderKey), nil
}
+ // Unlock our mutex
+ gothRWMutex.Unlock()
+
return initOAuth2LoginSources()
}
}
err := oauth2Source.RegisterSource()
if err != nil {
- log.Critical("Unable to register source: %s due to Error: %v. This source will be disabled.", source.Name, err)
- source.IsActive = false
- if err = models.UpdateSource(source); err != nil {
- log.Critical("Unable to update source %s to disable it. Error: %v", err)
- return err
- }
+ log.Critical("Unable to register source: %s due to Error: %v.", source.Name, err)
}
}
return nil
provider, err := createProvider(providerName, providerType, clientID, clientSecret, openIDConnectAutoDiscoveryURL, customURLMapping)
if err == nil && provider != nil {
+ gothRWMutex.Lock()
+ defer gothRWMutex.Unlock()
+
goth.UseProviders(provider)
}
// RemoveProvider removes the given OAuth2 provider from the goth lib
func RemoveProvider(providerName string) {
+ gothRWMutex.Lock()
+ defer gothRWMutex.Unlock()
+
delete(goth.GetProviders(), providerName)
}
// ClearProviders clears all OAuth2 providers from the goth lib
func ClearProviders() {
+ gothRWMutex.Lock()
+ defer gothRWMutex.Unlock()
+
goth.ClearProviders()
}
// normally the gothic library will write some custom stuff to the response instead of our own nice error page
//gothic.BeginAuthHandler(response, request)
+ gothRWMutex.RLock()
+ defer gothRWMutex.RUnlock()
+
url, err := gothic.GetAuthURL(response, request)
if err == nil {
http.Redirect(response, request, url, http.StatusTemporaryRedirect)
// not sure if goth is thread safe (?) when using multiple providers
request.Header.Set(ProviderHeaderKey, source.loginSource.Name)
+ gothRWMutex.RLock()
+ defer gothRWMutex.RUnlock()
+
user, err := gothic.CompleteUserAuth(response, request)
if err != nil {
return user, err