summaryrefslogtreecommitdiffstats
path: root/services/auth/source/oauth2/providers.go
blob: 7ba370855a9649fe92c1b601080e8317a93b751d (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
// Copyright 2021 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package oauth2

import (
	"errors"
	"net/url"
	"sort"

	"code.gitea.io/gitea/models/auth"
	"code.gitea.io/gitea/modules/log"
	"code.gitea.io/gitea/modules/setting"

	"github.com/markbates/goth"
)

// Provider is an interface for describing a single OAuth2 provider
type Provider interface {
	Name() string
	DisplayName() string
	Image() string
	CustomURLSettings() *CustomURLSettings
}

// GothProviderCreator provides a function to create a goth.Provider
type GothProviderCreator interface {
	CreateGothProvider(providerName, callbackURL string, source *Source) (goth.Provider, error)
}

// GothProvider is an interface for describing a single OAuth2 provider
type GothProvider interface {
	Provider
	GothProviderCreator
}

// ImagedProvider provide an overridden image setting for the provider
type ImagedProvider struct {
	GothProvider
	image string
}

// Image returns the image path for this provider
func (i *ImagedProvider) Image() string {
	return i.image
}

// NewImagedProvider is a constructor function for the ImagedProvider
func NewImagedProvider(image string, provider GothProvider) *ImagedProvider {
	return &ImagedProvider{
		GothProvider: provider,
		image:        image,
	}
}

// Providers contains the map of registered OAuth2 providers in Gitea (based on goth)
// key is used to map the OAuth2Provider with the goth provider type (also in AuthSource.OAuth2Config.Provider)
// value is used to store display data
var gothProviders = map[string]GothProvider{}

// RegisterGothProvider registers a GothProvider
func RegisterGothProvider(provider GothProvider) {
	if _, has := gothProviders[provider.Name()]; has {
		log.Fatal("Duplicate oauth2provider type provided: %s", provider.Name())
	}
	gothProviders[provider.Name()] = provider
}

// GetOAuth2Providers returns the map of unconfigured OAuth2 providers
// key is used as technical name (like in the callbackURL)
// values to display
func GetOAuth2Providers() []Provider {
	providers := make([]Provider, 0, len(gothProviders))

	for _, provider := range gothProviders {
		providers = append(providers, provider)
	}
	sort.Slice(providers, func(i, j int) bool {
		return providers[i].Name() < providers[j].Name()
	})
	return providers
}

// GetActiveOAuth2Providers returns the map of configured active OAuth2 providers
// key is used as technical name (like in the callbackURL)
// values to display
func GetActiveOAuth2Providers() ([]string, map[string]Provider, error) {
	// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type

	authSources, err := auth.GetActiveOAuth2ProviderSources()
	if err != nil {
		return nil, nil, err
	}

	var orderedKeys []string
	providers := make(map[string]Provider)
	for _, source := range authSources {
		prov := gothProviders[source.Cfg.(*Source).Provider]
		if source.Cfg.(*Source).IconURL != "" {
			prov = &ImagedProvider{prov, source.Cfg.(*Source).IconURL}
		}
		providers[source.Name] = prov
		orderedKeys = append(orderedKeys, source.Name)
	}

	sort.Strings(orderedKeys)

	return orderedKeys, providers, nil
}

// RegisterProviderWithGothic register a OAuth2 provider in goth lib
func RegisterProviderWithGothic(providerName string, source *Source) error {
	provider, err := createProvider(providerName, source)

	if err == nil && provider != nil {
		gothRWMutex.Lock()
		defer gothRWMutex.Unlock()

		goth.UseProviders(provider)
	}

	return err
}

// RemoveProviderFromGothic removes the given OAuth2 provider from the goth lib
func RemoveProviderFromGothic(providerName string) {
	gothRWMutex.Lock()
	defer gothRWMutex.Unlock()

	delete(goth.GetProviders(), providerName)
}

// ClearProviders clears all OAuth2 providers from the goth lib
func ClearProviders() {
	gothRWMutex.Lock()
	defer gothRWMutex.Unlock()

	goth.ClearProviders()
}

// ErrAuthSourceNotActived login source is not actived error
var ErrAuthSourceNotActived = errors.New("auth source is not actived")

// used to create different types of goth providers
func createProvider(providerName string, source *Source) (goth.Provider, error) {
	callbackURL := setting.AppURL + "user/oauth2/" + url.PathEscape(providerName) + "/callback"

	var provider goth.Provider
	var err error

	p, ok := gothProviders[source.Provider]
	if !ok {
		return nil, ErrAuthSourceNotActived
	}

	provider, err = p.CreateGothProvider(providerName, callbackURL, source)
	if err != nil {
		return provider, err
	}

	// always set the name if provider is created so we can support multiple setups of 1 provider
	if err == nil && provider != nil {
		provider.SetName(providerName)
	}

	return provider, err
}