diff options
author | Unknwon <joe2010xtmf@163.com> | 2014-11-28 21:20:13 -0500 |
---|---|---|
committer | Unknwon <joe2010xtmf@163.com> | 2014-11-28 21:20:13 -0500 |
commit | d6132aaa88d0ef0bc261aab0a6915835d40b7372 (patch) | |
tree | 1c303152b729eba15fbc90e3665594944871927f /modules/social/social.go | |
parent | 9adc8e9d3fe47d985d3bd8963f5803e8eff1c1eb (diff) | |
download | gitea-d6132aaa88d0ef0bc261aab0a6915835d40b7372.tar.gz gitea-d6132aaa88d0ef0bc261aab0a6915835d40b7372.zip |
fix oauth2
Diffstat (limited to 'modules/social/social.go')
-rw-r--r-- | modules/social/social.go | 290 |
1 files changed, 113 insertions, 177 deletions
diff --git a/modules/social/social.go b/modules/social/social.go index f4d8598820..8406cd52cb 100644 --- a/modules/social/social.go +++ b/modules/social/social.go @@ -7,12 +7,12 @@ package social import ( "encoding/json" + "io/ioutil" "net/http" "net/url" "strconv" - "strings" - oauth "github.com/gogits/oauth2" + "github.com/macaron-contrib/oauth2" "github.com/gogits/gogs/models" "github.com/gogits/gogs/modules/log" @@ -27,16 +27,11 @@ type BasicUserInfo struct { type SocialConnector interface { Type() int - SetRedirectUrl(string) - UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error) - - AuthCodeURL(string) string - Exchange(string) (*oauth.Token, error) + UserInfo(*oauth2.Token, *url.URL) (*BasicUserInfo, error) } var ( - SocialBaseUrl = "/user/login" - SocialMap = make(map[string]SocialConnector) + SocialMap = make(map[string]SocialConnector) ) func NewOauthService() { @@ -47,24 +42,29 @@ func NewOauthService() { setting.OauthService = &setting.Oauther{} setting.OauthService.OauthInfos = make(map[string]*setting.OauthInfo) - socialConfigs := make(map[string]*oauth.Config) + socialConfigs := make(map[string]*oauth2.Options) allOauthes := []string{"github", "google", "qq", "twitter", "weibo"} // Load all OAuth config data. for _, name := range allOauthes { + if !setting.Cfg.MustBool("oauth."+name, "ENABLED") { + continue + } setting.OauthService.OauthInfos[name] = &setting.OauthInfo{ - ClientId: setting.Cfg.MustValue("oauth."+name, "CLIENT_ID"), - ClientSecret: setting.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"), - Scopes: setting.Cfg.MustValue("oauth."+name, "SCOPES"), - AuthUrl: setting.Cfg.MustValue("oauth."+name, "AUTH_URL"), - TokenUrl: setting.Cfg.MustValue("oauth."+name, "TOKEN_URL"), + Options: oauth2.Options{ + ClientID: setting.Cfg.MustValue("oauth."+name, "CLIENT_ID"), + ClientSecret: setting.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"), + Scopes: setting.Cfg.MustValueArray("oauth."+name, "SCOPES", " "), + PathLogin: "/user/login/oauth2/" + name, + PathCallback: setting.AppSubUrl + "/user/login/" + name, + RedirectURL: setting.AppUrl + "user/login/" + name, + }, + AuthUrl: setting.Cfg.MustValue("oauth."+name, "AUTH_URL"), + TokenUrl: setting.Cfg.MustValue("oauth."+name, "TOKEN_URL"), } - socialConfigs[name] = &oauth.Config{ - ClientId: setting.OauthService.OauthInfos[name].ClientId, + socialConfigs[name] = &oauth2.Options{ + ClientID: setting.OauthService.OauthInfos[name].ClientID, ClientSecret: setting.OauthService.OauthInfos[name].ClientSecret, - RedirectURL: strings.TrimSuffix(setting.AppUrl, "/") + SocialBaseUrl + name, - Scope: setting.OauthService.OauthInfos[name].Scopes, - AuthURL: setting.OauthService.OauthInfos[name].AuthUrl, - TokenURL: setting.OauthService.OauthInfos[name].TokenUrl, + Scopes: setting.OauthService.OauthInfos[name].Scopes, } } enabledOauths := make([]string, 0, 10) @@ -91,11 +91,11 @@ func NewOauthService() { } // Twitter. - if setting.Cfg.MustBool("oauth.twitter", "ENABLED") { - setting.OauthService.Twitter = true - newTwitterOauth(socialConfigs["twitter"]) - enabledOauths = append(enabledOauths, "Twitter") - } + // if setting.Cfg.MustBool("oauth.twitter", "ENABLED") { + // setting.OauthService.Twitter = true + // newTwitterOauth(socialConfigs["twitter"]) + // enabledOauths = append(enabledOauths, "Twitter") + // } // Weibo. if setting.Cfg.MustBool("oauth.weibo", "ENABLED") { @@ -115,38 +115,25 @@ func NewOauthService() { // \/ \/ \/ type SocialGithub struct { - Token *oauth.Token - *oauth.Transport -} - -func (s *SocialGithub) Type() int { - return int(models.GITHUB) + opts *oauth2.Options } -func newGitHubOauth(config *oauth.Config) { - SocialMap["github"] = &SocialGithub{ - Transport: &oauth.Transport{ - Config: config, - Transport: http.DefaultTransport, - }, - } +func newGitHubOauth(opts *oauth2.Options) { + SocialMap["github"] = &SocialGithub{opts} } -func (s *SocialGithub) SetRedirectUrl(url string) { - s.Transport.Config.RedirectURL = url +func (s *SocialGithub) Type() int { + return int(models.GITHUB) } -func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { - transport := &oauth.Transport{ - Token: token, - } +func (s *SocialGithub) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) { + transport := s.opts.NewTransportFromToken(token) var data struct { Id int `json:"id"` Name string `json:"login"` Email string `json:"email"` } - var err error - r, err := transport.Client().Get(s.Transport.Scope) + r, err := transport.Client().Get("https://api.github.com/user") if err != nil { return nil, err } @@ -169,38 +156,25 @@ func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, // \/ /_____/ \/ type SocialGoogle struct { - Token *oauth.Token - *oauth.Transport + opts *oauth2.Options } func (s *SocialGoogle) Type() int { return int(models.GOOGLE) } -func newGoogleOauth(config *oauth.Config) { - SocialMap["google"] = &SocialGoogle{ - Transport: &oauth.Transport{ - Config: config, - Transport: http.DefaultTransport, - }, - } -} - -func (s *SocialGoogle) SetRedirectUrl(url string) { - s.Transport.Config.RedirectURL = url +func newGoogleOauth(opts *oauth2.Options) { + SocialMap["google"] = &SocialGoogle{opts} } -func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { - transport := &oauth.Transport{Token: token} +func (s *SocialGoogle) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) { + transport := s.opts.NewTransportFromToken(token) var data struct { Id string `json:"id"` Name string `json:"name"` Email string `json:"email"` } - var err error - - reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" - r, err := transport.Client().Get(reqUrl) + r, err := transport.Client().Get("https://www.googleapis.com/userinfo/v2/me") if err != nil { return nil, err } @@ -223,62 +197,35 @@ func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, // \__> \__> type SocialTencent struct { - Token *oauth.Token - *oauth.Transport - reqUrl string + opts *oauth2.Options +} + +func newTencentOauth(opts *oauth2.Options) { + SocialMap["qq"] = &SocialTencent{opts} } func (s *SocialTencent) Type() int { return int(models.QQ) } -func newTencentOauth(config *oauth.Config) { - SocialMap["qq"] = &SocialTencent{ - reqUrl: "https://open.t.qq.com/api/user/info", - Transport: &oauth.Transport{ - Config: config, - Transport: http.DefaultTransport, - }, +func (s *SocialTencent) UserInfo(token *oauth2.Token, URL *url.URL) (*BasicUserInfo, error) { + r, err := http.Get("https://graph.z.qq.com/moc2/me?access_token=" + url.QueryEscape(token.AccessToken)) + if err != nil { + return nil, err } -} - -func (s *SocialTencent) SetRedirectUrl(url string) { - s.Transport.Config.RedirectURL = url -} + defer r.Body.Close() -func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) { - var data struct { - Data struct { - Id string `json:"openid"` - Name string `json:"name"` - Email string `json:"email"` - } `json:"data"` - } - var err error - // https://open.t.qq.com/api/user/info? - //oauth_consumer_key=APP_KEY& - //access_token=ACCESSTOKEN&openid=openid - //clientip=CLIENTIP&oauth_version=2.a - //scope=all - var urls = url.Values{ - "oauth_consumer_key": {s.Transport.Config.ClientId}, - "access_token": {token.AccessToken}, - "openid": URL.Query()["openid"], - "oauth_version": {"2.a"}, - "scope": {"all"}, - } - r, err := http.Get(s.reqUrl + "?" + urls.Encode()) + body, err := ioutil.ReadAll(r.Body) if err != nil { return nil, err } - defer r.Body.Close() - if err = json.NewDecoder(r.Body).Decode(&data); err != nil { + vals, err := url.ParseQuery(string(body)) + if err != nil { return nil, err } + return &BasicUserInfo{ - Identity: data.Data.Id, - Name: data.Data.Name, - Email: data.Data.Email, + Identity: vals.Get("openid"), }, nil } @@ -289,54 +236,54 @@ func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserIn // |____| \/\_/ |__||__| |__| \___ >__| // \/ -type SocialTwitter struct { - Token *oauth.Token - *oauth.Transport -} - -func (s *SocialTwitter) Type() int { - return int(models.TWITTER) -} - -func newTwitterOauth(config *oauth.Config) { - SocialMap["twitter"] = &SocialTwitter{ - Transport: &oauth.Transport{ - Config: config, - Transport: http.DefaultTransport, - }, - } -} - -func (s *SocialTwitter) SetRedirectUrl(url string) { - s.Transport.Config.RedirectURL = url -} - -//https://github.com/mrjones/oauth -func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { - // transport := &oauth.Transport{Token: token} - // var data struct { - // Id string `json:"id"` - // Name string `json:"name"` - // Email string `json:"email"` - // } - // var err error - - // reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" - // r, err := transport.Client().Get(reqUrl) - // if err != nil { - // return nil, err - // } - // defer r.Body.Close() - // if err = json.NewDecoder(r.Body).Decode(&data); err != nil { - // return nil, err - // } - // return &BasicUserInfo{ - // Identity: data.Id, - // Name: data.Name, - // Email: data.Email, - // }, nil - return nil, nil -} +// type SocialTwitter struct { +// Token *oauth2.Token +// *oauth2.Transport +// } + +// func (s *SocialTwitter) Type() int { +// return int(models.TWITTER) +// } + +// func newTwitterOauth(config *oauth2.Config) { +// SocialMap["twitter"] = &SocialTwitter{ +// Transport: &oauth.Transport{ +// Config: config, +// Transport: http.DefaultTransport, +// }, +// } +// } + +// func (s *SocialTwitter) SetRedirectUrl(url string) { +// s.Transport.Config.RedirectURL = url +// } + +// //https://github.com/mrjones/oauth +// func (s *SocialTwitter) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) { +// // transport := &oauth.Transport{Token: token} +// // var data struct { +// // Id string `json:"id"` +// // Name string `json:"name"` +// // Email string `json:"email"` +// // } +// // var err error + +// // reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" +// // r, err := transport.Client().Get(reqUrl) +// // if err != nil { +// // return nil, err +// // } +// // defer r.Body.Close() +// // if err = json.NewDecoder(r.Body).Decode(&data); err != nil { +// // return nil, err +// // } +// // return &BasicUserInfo{ +// // Identity: data.Id, +// // Name: data.Name, +// // Email: data.Email, +// // }, nil +// return nil, nil +// } // __ __ ._____. // / \ / \ ____ |__\_ |__ ____ @@ -346,37 +293,25 @@ func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo // \/ \/ \/ type SocialWeibo struct { - Token *oauth.Token - *oauth.Transport + opts *oauth2.Options } -func (s *SocialWeibo) Type() int { - return int(models.WEIBO) +func newWeiboOauth(opts *oauth2.Options) { + SocialMap["weibo"] = &SocialWeibo{opts} } -func newWeiboOauth(config *oauth.Config) { - SocialMap["weibo"] = &SocialWeibo{ - Transport: &oauth.Transport{ - Config: config, - Transport: http.DefaultTransport, - }, - } -} - -func (s *SocialWeibo) SetRedirectUrl(url string) { - s.Transport.Config.RedirectURL = url +func (s *SocialWeibo) Type() int { + return int(models.WEIBO) } -func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { - transport := &oauth.Transport{Token: token} +func (s *SocialWeibo) UserInfo(token *oauth2.Token, _ *url.URL) (*BasicUserInfo, error) { + transport := s.opts.NewTransportFromToken(token) var data struct { Name string `json:"name"` } - var err error - var urls = url.Values{ "access_token": {token.AccessToken}, - "uid": {token.Extra["id_token"]}, + "uid": {token.Extra("uid")}, } reqUrl := "https://api.weibo.com/2/users/show.json" r, err := transport.Client().Get(reqUrl + "?" + urls.Encode()) @@ -384,11 +319,12 @@ func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, return nil, err } defer r.Body.Close() + if err = json.NewDecoder(r.Body).Decode(&data); err != nil { return nil, err } return &BasicUserInfo{ - Identity: token.Extra["id_token"], + Identity: token.Extra("uid"), Name: data.Name, }, nil } |