diff options
| -rw-r--r-- | models/oauth2.go | 12 | ||||
| -rw-r--r-- | modules/auth/oauth2/oauth2.go | 5 | ||||
| -rw-r--r-- | routers/user/auth.go | 13 |
3 files changed, 27 insertions, 3 deletions
diff --git a/models/oauth2.go b/models/oauth2.go index 65d62fdb61..27668d5eec 100644 --- a/models/oauth2.go +++ b/models/oauth2.go @@ -125,8 +125,18 @@ func InitOAuth2() error { if err := oauth2.Init(x); err != nil { return err } - loginSources, _ := GetActiveOAuth2ProviderLoginSources() + return initOAuth2LoginSources() +} +// ResetOAuth2 clears existing OAuth2 providers and loads them from DB +func ResetOAuth2() error { + oauth2.ClearProviders() + return initOAuth2LoginSources() +} + +// initOAuth2LoginSources is used to load and register all active OAuth2 providers +func initOAuth2LoginSources() error { + loginSources, _ := GetActiveOAuth2ProviderLoginSources() for _, source := range loginSources { oAuth2Config := source.OAuth2() err := oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping) diff --git a/modules/auth/oauth2/oauth2.go b/modules/auth/oauth2/oauth2.go index f69bc61d75..e2c97b72f3 100644 --- a/modules/auth/oauth2/oauth2.go +++ b/modules/auth/oauth2/oauth2.go @@ -119,6 +119,11 @@ func RemoveProvider(providerName string) { delete(goth.GetProviders(), providerName) } +// ClearProviders clears all OAuth2 providers from the goth lib +func ClearProviders() { + goth.ClearProviders() +} + // used to create different types of goth providers func createProvider(providerName, providerType, clientID, clientSecret, openIDConnectAutoDiscoveryURL string, customURLMapping *CustomURLMapping) (goth.Provider, error) { callbackURL := setting.AppURL + "user/oauth2/" + url.PathEscape(providerName) + "/callback" diff --git a/routers/user/auth.go b/routers/user/auth.go index acd88b364c..540a0d2f1a 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -570,8 +570,17 @@ func SignInOAuth(ctx *context.Context) { return } - err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp) - if err != nil { + if err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp); err != nil { + if strings.Contains(err.Error(), "no provider for ") { + if err = models.ResetOAuth2(); err != nil { + ctx.ServerError("SignIn", err) + return + } + if err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp); err != nil { + ctx.ServerError("SignIn", err) + } + return + } ctx.ServerError("SignIn", err) } // redirect is done in oauth2.Auth |