diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2021-06-10 01:53:16 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-06-09 19:53:16 +0200 |
| commit | fb3ffeb18df6bb94bb3f69348a93398b05259174 (patch) | |
| tree | aa56433e062bc68d2a118581a715ee324f025594 /services/auth/group.go | |
| parent | da057996d584c633524406d69b424cbc3d4473eb (diff) | |
| download | gitea-fb3ffeb18df6bb94bb3f69348a93398b05259174.tar.gz gitea-fb3ffeb18df6bb94bb3f69348a93398b05259174.zip | |
Add sso.Group, context.Auth, context.APIAuth to allow auth special routes (#16086)
* Add sso.Group, context.Auth, context.APIAuth to allow auth special routes
* Remove unnecessary check
* Rename sso -> auth
* remove unused method of Auth interface
Diffstat (limited to 'services/auth/group.go')
| -rw-r--r-- | services/auth/group.go | 73 |
1 files changed, 73 insertions, 0 deletions
diff --git a/services/auth/group.go b/services/auth/group.go new file mode 100644 index 0000000000..b61949de7d --- /dev/null +++ b/services/auth/group.go @@ -0,0 +1,73 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package auth + +import ( + "net/http" + + "code.gitea.io/gitea/models" +) + +// Ensure the struct implements the interface. +var ( + _ Auth = &Group{} +) + +// Group implements the Auth interface with serval Auth. +type Group struct { + methods []Auth +} + +// NewGroup creates a new auth group +func NewGroup(methods ...Auth) *Group { + return &Group{ + methods: methods, + } +} + +// Name represents the name of auth method +func (b *Group) Name() string { + return "group" +} + +// Init does nothing as the Basic implementation does not need to allocate any resources +func (b *Group) Init() error { + for _, m := range b.methods { + if err := m.Init(); err != nil { + return err + } + } + return nil +} + +// Free does nothing as the Basic implementation does not have to release any resources +func (b *Group) Free() error { + for _, m := range b.methods { + if err := m.Free(); err != nil { + return err + } + } + return nil +} + +// Verify extracts and validates +func (b *Group) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) *models.User { + if !models.HasEngine { + return nil + } + + // Try to sign in with each of the enabled plugins + for _, ssoMethod := range b.methods { + user := ssoMethod.Verify(req, w, store, sess) + if user != nil { + if store.GetData()["AuthedMethod"] == nil { + store.GetData()["AuthedMethod"] = ssoMethod.Name() + } + return user + } + } + + return nil +} |