mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10395 Commits
17 Branches
Tree: 7974b34183
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7974b34183'
${ noResults }
gitea/models/oauth2.go

oauth2.go 6.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"sort"

  9. 

  10. 	"code.gitea.io/gitea/modules/auth/oauth2"

  11. )

  12. 

  13. // OAuth2Provider describes the display values of a single OAuth2 provider

  14. type OAuth2Provider struct {

  15. 	Name             string

  16. 	DisplayName      string

  17. 	Image            string

  18. 	CustomURLMapping *oauth2.CustomURLMapping

  19. }

  20. 

  21. // OAuth2Providers contains the map of registered OAuth2 providers in Gitea (based on goth)

  22. // key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider)

  23. // value is used to store display data

  24. var OAuth2Providers = map[string]OAuth2Provider{

  25. 	"bitbucket": {Name: "bitbucket", DisplayName: "Bitbucket", Image: "/img/auth/bitbucket.png"},

  26. 	"dropbox":   {Name: "dropbox", DisplayName: "Dropbox", Image: "/img/auth/dropbox.png"},

  27. 	"facebook":  {Name: "facebook", DisplayName: "Facebook", Image: "/img/auth/facebook.png"},

  28. 	"github": {Name: "github", DisplayName: "GitHub", Image: "/img/auth/github.png",

  29. 		CustomURLMapping: &oauth2.CustomURLMapping{

  30. 			TokenURL:   oauth2.GetDefaultTokenURL("github"),

  31. 			AuthURL:    oauth2.GetDefaultAuthURL("github"),

  32. 			ProfileURL: oauth2.GetDefaultProfileURL("github"),

  33. 			EmailURL:   oauth2.GetDefaultEmailURL("github"),

  34. 		},

  35. 	},

  36. 	"gitlab": {Name: "gitlab", DisplayName: "GitLab", Image: "/img/auth/gitlab.png",

  37. 		CustomURLMapping: &oauth2.CustomURLMapping{

  38. 			TokenURL:   oauth2.GetDefaultTokenURL("gitlab"),

  39. 			AuthURL:    oauth2.GetDefaultAuthURL("gitlab"),

  40. 			ProfileURL: oauth2.GetDefaultProfileURL("gitlab"),

  41. 		},

  42. 	},

  43. 	"gplus":         {Name: "gplus", DisplayName: "Google", Image: "/img/auth/google.png"},

  44. 	"openidConnect": {Name: "openidConnect", DisplayName: "OpenID Connect", Image: "/img/auth/openid_connect.svg"},

  45. 	"twitter":       {Name: "twitter", DisplayName: "Twitter", Image: "/img/auth/twitter.png"},

  46. 	"discord":       {Name: "discord", DisplayName: "Discord", Image: "/img/auth/discord.png"},

  47. 	"gitea": {Name: "gitea", DisplayName: "Gitea", Image: "/img/auth/gitea.png",

  48. 		CustomURLMapping: &oauth2.CustomURLMapping{

  49. 			TokenURL:   oauth2.GetDefaultTokenURL("gitea"),

  50. 			AuthURL:    oauth2.GetDefaultAuthURL("gitea"),

  51. 			ProfileURL: oauth2.GetDefaultProfileURL("gitea"),

  52. 		},

  53. 	},

  54. 	"nextcloud": {Name: "nextcloud", DisplayName: "Nextcloud", Image: "/img/auth/nextcloud.png",

  55. 		CustomURLMapping: &oauth2.CustomURLMapping{

  56. 			TokenURL:   oauth2.GetDefaultTokenURL("nextcloud"),

  57. 			AuthURL:    oauth2.GetDefaultAuthURL("nextcloud"),

  58. 			ProfileURL: oauth2.GetDefaultProfileURL("nextcloud"),

  59. 		},

  60. 	},

  61. 	"yandex": {Name: "yandex", DisplayName: "Yandex", Image: "/img/auth/yandex.png"},

  62. 	"mastodon": {Name: "mastodon", DisplayName: "Mastodon", Image: "/img/auth/mastodon.png",

  63. 		CustomURLMapping: &oauth2.CustomURLMapping{

  64. 			AuthURL: oauth2.GetDefaultAuthURL("mastodon"),

  65. 		},

  66. 	},

  67. }

  68. 

  69. // OAuth2DefaultCustomURLMappings contains the map of default URL's for OAuth2 providers that are allowed to have custom urls

  70. // key is used to map the OAuth2Provider

  71. // value is the mapping as defined for the OAuth2Provider

  72. var OAuth2DefaultCustomURLMappings = map[string]*oauth2.CustomURLMapping{

  73. 	"github":    OAuth2Providers["github"].CustomURLMapping,

  74. 	"gitlab":    OAuth2Providers["gitlab"].CustomURLMapping,

  75. 	"gitea":     OAuth2Providers["gitea"].CustomURLMapping,

  76. 	"nextcloud": OAuth2Providers["nextcloud"].CustomURLMapping,

  77. 	"mastodon":  OAuth2Providers["mastodon"].CustomURLMapping,

  78. }

  79. 

  80. // GetActiveOAuth2ProviderLoginSources returns all actived LoginOAuth2 sources

  81. func GetActiveOAuth2ProviderLoginSources() ([]*LoginSource, error) {

  82. 	sources := make([]*LoginSource, 0, 1)

  83. 	if err := x.Where("is_actived = ? and type = ?", true, LoginOAuth2).Find(&sources); err != nil {

  84. 		return nil, err

  85. 	}

  86. 	return sources, nil

  87. }

  88. 

  89. // GetActiveOAuth2LoginSourceByName returns a OAuth2 LoginSource based on the given name

  90. func GetActiveOAuth2LoginSourceByName(name string) (*LoginSource, error) {

  91. 	loginSource := new(LoginSource)

  92. 	has, err := x.Where("name = ? and type = ? and is_actived = ?", name, LoginOAuth2, true).Get(loginSource)

  93. 	if !has || err != nil {

  94. 		return nil, err

  95. 	}

  96. 

  97. 	return loginSource, nil

  98. }

  99. 

  100. // GetActiveOAuth2Providers returns the map of configured active OAuth2 providers

  101. // key is used as technical name (like in the callbackURL)

  102. // values to display

  103. func GetActiveOAuth2Providers() ([]string, map[string]OAuth2Provider, error) {

  104. 	// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type

  105. 

  106. 	loginSources, err := GetActiveOAuth2ProviderLoginSources()

  107. 	if err != nil {

  108. 		return nil, nil, err

  109. 	}

  110. 

  111. 	var orderedKeys []string

  112. 	providers := make(map[string]OAuth2Provider)

  113. 	for _, source := range loginSources {

  114. 		providers[source.Name] = OAuth2Providers[source.OAuth2().Provider]

  115. 		orderedKeys = append(orderedKeys, source.Name)

  116. 	}

  117. 

  118. 	sort.Strings(orderedKeys)

  119. 

  120. 	return orderedKeys, providers, nil

  121. }

  122. 

  123. // InitOAuth2 initialize the OAuth2 lib and register all active OAuth2 providers in the library

  124. func InitOAuth2() error {

  125. 	if err := oauth2.Init(x); err != nil {

  126. 		return err

  127. 	}

  128. 	loginSources, _ := GetActiveOAuth2ProviderLoginSources()

  129. 

  130. 	for _, source := range loginSources {

  131. 		oAuth2Config := source.OAuth2()

  132. 		err := oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)

  133. 		if err != nil {

  134. 			return err

  135. 		}

  136. 	}

  137. 	return nil

  138. }

  139. 

  140. // wrapOpenIDConnectInitializeError is used to wrap the error but this cannot be done in modules/auth/oauth2

  141. // inside oauth2: import cycle not allowed models -> modules/auth/oauth2 -> models

  142. func wrapOpenIDConnectInitializeError(err error, providerName string, oAuth2Config *OAuth2Config) error {

  143. 	if err != nil && "openidConnect" == oAuth2Config.Provider {

  144. 		err = ErrOpenIDConnectInitialize{ProviderName: providerName, OpenIDConnectAutoDiscoveryURL: oAuth2Config.OpenIDConnectAutoDiscoveryURL, Cause: err}

  145. 	}

  146. 	return err

  147. }