diff options
Diffstat (limited to 'services/auth/source/oauth2')
| -rw-r--r-- | services/auth/source/oauth2/assert_interface_test.go | 1 | ||||
| -rw-r--r-- | services/auth/source/oauth2/source.go | 11 | ||||
| -rw-r--r-- | services/auth/source/oauth2/source_callout.go | 4 | ||||
| -rw-r--r-- | services/auth/source/oauth2/source_register.go | 6 | ||||
| -rw-r--r-- | services/auth/source/oauth2/source_sync.go | 12 | ||||
| -rw-r--r-- | services/auth/source/oauth2/source_sync_test.go | 18 |
6 files changed, 23 insertions, 29 deletions
diff --git a/services/auth/source/oauth2/assert_interface_test.go b/services/auth/source/oauth2/assert_interface_test.go index 56fe0e4aa8..d870ac1dcd 100644 --- a/services/auth/source/oauth2/assert_interface_test.go +++ b/services/auth/source/oauth2/assert_interface_test.go @@ -14,7 +14,6 @@ import ( type sourceInterface interface { auth_model.Config - auth_model.SourceSettable auth_model.RegisterableSource auth.PasswordAuthenticator } diff --git a/services/auth/source/oauth2/source.go b/services/auth/source/oauth2/source.go index 3454c9ad55..08837de377 100644 --- a/services/auth/source/oauth2/source.go +++ b/services/auth/source/oauth2/source.go @@ -10,6 +10,8 @@ import ( // Source holds configuration for the OAuth2 login source. type Source struct { + auth.ConfigBase `json:"-"` + Provider string ClientID string ClientSecret string @@ -25,10 +27,6 @@ type Source struct { GroupTeamMap string GroupTeamMapRemoval bool RestrictedGroup string - SkipLocalTwoFA bool `json:",omitempty"` - - // reference to the authSource - authSource *auth.Source } // FromDB fills up an OAuth2Config from serialized format. @@ -41,11 +39,6 @@ func (source *Source) ToDB() ([]byte, error) { return json.Marshal(source) } -// SetAuthSource sets the related AuthSource -func (source *Source) SetAuthSource(authSource *auth.Source) { - source.authSource = authSource -} - func init() { auth.RegisterTypeConfig(auth.OAuth2, &Source{}) } diff --git a/services/auth/source/oauth2/source_callout.go b/services/auth/source/oauth2/source_callout.go index 8d70bee248..f09d25c772 100644 --- a/services/auth/source/oauth2/source_callout.go +++ b/services/auth/source/oauth2/source_callout.go @@ -13,7 +13,7 @@ import ( // Callout redirects request/response pair to authenticate against the provider func (source *Source) Callout(request *http.Request, response http.ResponseWriter) error { // not sure if goth is thread safe (?) when using multiple providers - request.Header.Set(ProviderHeaderKey, source.authSource.Name) + request.Header.Set(ProviderHeaderKey, source.AuthSource.Name) // don't use the default gothic begin handler to prevent issues when some error occurs // normally the gothic library will write some custom stuff to the response instead of our own nice error page @@ -33,7 +33,7 @@ func (source *Source) Callout(request *http.Request, response http.ResponseWrite // this will trigger a new authentication request, but because we save it in the session we can use that func (source *Source) Callback(request *http.Request, response http.ResponseWriter) (goth.User, error) { // not sure if goth is thread safe (?) when using multiple providers - request.Header.Set(ProviderHeaderKey, source.authSource.Name) + request.Header.Set(ProviderHeaderKey, source.AuthSource.Name) gothRWMutex.RLock() defer gothRWMutex.RUnlock() diff --git a/services/auth/source/oauth2/source_register.go b/services/auth/source/oauth2/source_register.go index 82a36acaa6..12da56c11b 100644 --- a/services/auth/source/oauth2/source_register.go +++ b/services/auth/source/oauth2/source_register.go @@ -9,13 +9,13 @@ import ( // RegisterSource causes an OAuth2 configuration to be registered func (source *Source) RegisterSource() error { - err := RegisterProviderWithGothic(source.authSource.Name, source) - return wrapOpenIDConnectInitializeError(err, source.authSource.Name, source) + err := RegisterProviderWithGothic(source.AuthSource.Name, source) + return wrapOpenIDConnectInitializeError(err, source.AuthSource.Name, source) } // UnregisterSource causes an OAuth2 configuration to be unregistered func (source *Source) UnregisterSource() error { - RemoveProviderFromGothic(source.authSource.Name) + RemoveProviderFromGothic(source.AuthSource.Name) return nil } diff --git a/services/auth/source/oauth2/source_sync.go b/services/auth/source/oauth2/source_sync.go index 5e30313c8f..c2e3dfb1a8 100644 --- a/services/auth/source/oauth2/source_sync.go +++ b/services/auth/source/oauth2/source_sync.go @@ -18,27 +18,27 @@ import ( // Sync causes this OAuth2 source to synchronize its users with the db. func (source *Source) Sync(ctx context.Context, updateExisting bool) error { - log.Trace("Doing: SyncExternalUsers[%s] %d", source.authSource.Name, source.authSource.ID) + log.Trace("Doing: SyncExternalUsers[%s] %d", source.AuthSource.Name, source.AuthSource.ID) if !updateExisting { - log.Info("SyncExternalUsers[%s] not running since updateExisting is false", source.authSource.Name) + log.Info("SyncExternalUsers[%s] not running since updateExisting is false", source.AuthSource.Name) return nil } - provider, err := createProvider(source.authSource.Name, source) + provider, err := createProvider(source.AuthSource.Name, source) if err != nil { return err } if !provider.RefreshTokenAvailable() { - log.Trace("SyncExternalUsers[%s] provider doesn't support refresh tokens, can't synchronize", source.authSource.Name) + log.Trace("SyncExternalUsers[%s] provider doesn't support refresh tokens, can't synchronize", source.AuthSource.Name) return nil } opts := user_model.FindExternalUserOptions{ HasRefreshToken: true, Expired: true, - LoginSourceID: source.authSource.ID, + LoginSourceID: source.AuthSource.ID, } return user_model.IterateExternalLogin(ctx, opts, func(ctx context.Context, u *user_model.ExternalLoginUser) error { @@ -77,7 +77,7 @@ func (source *Source) refresh(ctx context.Context, provider goth.Provider, u *us // recognizes them as a valid user, they will be able to login // via their provider and reactivate their account. if shouldDisable { - log.Info("SyncExternalUsers[%s] disabling user %d", source.authSource.Name, user.ID) + log.Info("SyncExternalUsers[%s] disabling user %d", source.AuthSource.Name, user.ID) return db.WithTx(ctx, func(ctx context.Context) error { if hasUser { diff --git a/services/auth/source/oauth2/source_sync_test.go b/services/auth/source/oauth2/source_sync_test.go index 08d841cc90..2927f3634b 100644 --- a/services/auth/source/oauth2/source_sync_test.go +++ b/services/auth/source/oauth2/source_sync_test.go @@ -18,19 +18,21 @@ func TestSource(t *testing.T) { source := &Source{ Provider: "fake", - authSource: &auth.Source{ - ID: 12, - Type: auth.OAuth2, - Name: "fake", - IsActive: true, - IsSyncEnabled: true, + ConfigBase: auth.ConfigBase{ + AuthSource: &auth.Source{ + ID: 12, + Type: auth.OAuth2, + Name: "fake", + IsActive: true, + IsSyncEnabled: true, + }, }, } user := &user_model.User{ LoginName: "external", LoginType: auth.OAuth2, - LoginSource: source.authSource.ID, + LoginSource: source.AuthSource.ID, Name: "test", Email: "external@example.com", } @@ -47,7 +49,7 @@ func TestSource(t *testing.T) { err = user_model.LinkExternalToUser(t.Context(), user, e) assert.NoError(t, err) - provider, err := createProvider(source.authSource.Name, source) + provider, err := createProvider(source.AuthSource.Name, source) assert.NoError(t, err) t.Run("refresh", func(t *testing.T) { |