diff options
| author | techknowlogick <techknowlogick@gitea.com> | 2024-02-22 19:08:17 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-23 00:08:17 +0000 |
| commit | 5bb8d1924d77c675467694de26697b876d709a17 (patch) | |
| tree | 5082621a5a26d56b5eccd2a70bbb35a76a2c6ae5 /models/auth/oauth2.go | |
| parent | c4b0cb4d0d527793296cf801e611f77666f86551 (diff) | |
| download | gitea-5bb8d1924d77c675467694de26697b876d709a17.tar.gz gitea-5bb8d1924d77c675467694de26697b876d709a17.zip | |
Support SAML authentication (#25165)
Closes https://github.com/go-gitea/gitea/issues/5512
This PR adds basic SAML support
- Adds SAML 2.0 as an auth source
- Adds SAML configuration documentation
- Adds integration test:
- Use bare-bones SAML IdP to test protocol flow and test account is
linked successfully (only runs on Postgres by default)
- Adds documentation for configuring and running SAML integration test
locally
Future PRs:
- Support group mapping
- Support auto-registration (account linking)
Co-Authored-By: @jackHay22
---------
Co-authored-by: jackHay22 <jack@allspice.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: morphelinho <morphelinho@users.noreply.github.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
Diffstat (limited to 'models/auth/oauth2.go')
| -rw-r--r-- | models/auth/oauth2.go | 20 |
1 files changed, 5 insertions, 15 deletions
diff --git a/models/auth/oauth2.go b/models/auth/oauth2.go index 9d53fffc78..a252458d4e 100644 --- a/models/auth/oauth2.go +++ b/models/auth/oauth2.go @@ -8,6 +8,7 @@ import ( "crypto/sha256" "encoding/base32" "encoding/base64" + "encoding/gob" "fmt" "net" "net/url" @@ -81,6 +82,10 @@ func Init(ctx context.Context) error { builtinAllClientIDs = append(builtinAllClientIDs, clientID) } + // This is needed in order to encode and store the struct in the goth/gothic session + // during the process of linking the external user. + gob.Register(LinkAccountUser{}) + var registeredApps []*OAuth2Application if err := db.GetEngine(ctx).In("client_id", builtinAllClientIDs).Find(®isteredApps); err != nil { return err @@ -605,21 +610,6 @@ func (err ErrOAuthApplicationNotFound) Unwrap() error { return util.ErrNotExist } -// GetActiveOAuth2SourceByName returns a OAuth2 AuthSource based on the given name -func GetActiveOAuth2SourceByName(ctx context.Context, name string) (*Source, error) { - authSource := new(Source) - has, err := db.GetEngine(ctx).Where("name = ? and type = ? and is_active = ?", name, OAuth2, true).Get(authSource) - if err != nil { - return nil, err - } - - if !has { - return nil, fmt.Errorf("oauth2 source not found, name: %q", name) - } - - return authSource, nil -} - func DeleteOAuth2RelictsByUserID(ctx context.Context, userID int64) error { deleteCond := builder.Select("id").From("oauth2_grant").Where(builder.Eq{"oauth2_grant.user_id": userID}) |