mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9600 Commits
17 Branches
Tree: v1.12.1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.12.1'
${ noResults }
gitea/models/oauth2.go

oauth2.go 5.7KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models

  6. 

  7. import (

  8. 	"sort"

  9. 

  10. 	"code.gitea.io/gitea/modules/auth/oauth2"

  11. )

  12. 

  13. // OAuth2Provider describes the display values of a single OAuth2 provider

  14. type OAuth2Provider struct {

  15. 	Name             string

  16. 	DisplayName      string

  17. 	Image            string

  18. 	CustomURLMapping *oauth2.CustomURLMapping

  19. }

  20. 

  21. // OAuth2Providers contains the map of registered OAuth2 providers in Gitea (based on goth)

  22. // key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider)

  23. // value is used to store display data

  24. var OAuth2Providers = map[string]OAuth2Provider{

  25. 	"bitbucket": {Name: "bitbucket", DisplayName: "Bitbucket", Image: "/img/auth/bitbucket.png"},

  26. 	"dropbox":   {Name: "dropbox", DisplayName: "Dropbox", Image: "/img/auth/dropbox.png"},

  27. 	"facebook":  {Name: "facebook", DisplayName: "Facebook", Image: "/img/auth/facebook.png"},

  28. 	"github": {Name: "github", DisplayName: "GitHub", Image: "/img/auth/github.png",

  29. 		CustomURLMapping: &oauth2.CustomURLMapping{

  30. 			TokenURL:   oauth2.GetDefaultTokenURL("github"),

  31. 			AuthURL:    oauth2.GetDefaultAuthURL("github"),

  32. 			ProfileURL: oauth2.GetDefaultProfileURL("github"),

  33. 			EmailURL:   oauth2.GetDefaultEmailURL("github"),

  34. 		},

  35. 	},

  36. 	"gitlab": {Name: "gitlab", DisplayName: "GitLab", Image: "/img/auth/gitlab.png",

  37. 		CustomURLMapping: &oauth2.CustomURLMapping{

  38. 			TokenURL:   oauth2.GetDefaultTokenURL("gitlab"),

  39. 			AuthURL:    oauth2.GetDefaultAuthURL("gitlab"),

  40. 			ProfileURL: oauth2.GetDefaultProfileURL("gitlab"),

  41. 		},

  42. 	},

  43. 	"gplus":         {Name: "gplus", DisplayName: "Google", Image: "/img/auth/google.png"},

  44. 	"openidConnect": {Name: "openidConnect", DisplayName: "OpenID Connect", Image: "/img/auth/openid_connect.svg"},

  45. 	"twitter":       {Name: "twitter", DisplayName: "Twitter", Image: "/img/auth/twitter.png"},

  46. 	"discord":       {Name: "discord", DisplayName: "Discord", Image: "/img/auth/discord.png"},

  47. 	"gitea": {Name: "gitea", DisplayName: "Gitea", Image: "/img/auth/gitea.png",

  48. 		CustomURLMapping: &oauth2.CustomURLMapping{

  49. 			TokenURL:   oauth2.GetDefaultTokenURL("gitea"),

  50. 			AuthURL:    oauth2.GetDefaultAuthURL("gitea"),

  51. 			ProfileURL: oauth2.GetDefaultProfileURL("gitea"),

  52. 		},

  53. 	},

  54. 	"nextcloud": {Name: "nextcloud", DisplayName: "Nextcloud", Image: "/img/auth/nextcloud.png",

  55. 		CustomURLMapping: &oauth2.CustomURLMapping{

  56. 			TokenURL:   oauth2.GetDefaultTokenURL("nextcloud"),

  57. 			AuthURL:    oauth2.GetDefaultAuthURL("nextcloud"),

  58. 			ProfileURL: oauth2.GetDefaultProfileURL("nextcloud"),

  59. 		},

  60. 	},

  61. 	"yandex": {Name: "yandex", DisplayName: "Yandex", Image: "/img/auth/yandex.png"},

  62. }

  63. 

  64. // OAuth2DefaultCustomURLMappings contains the map of default URL's for OAuth2 providers that are allowed to have custom urls

  65. // key is used to map the OAuth2Provider

  66. // value is the mapping as defined for the OAuth2Provider

  67. var OAuth2DefaultCustomURLMappings = map[string]*oauth2.CustomURLMapping{

  68. 	"github":    OAuth2Providers["github"].CustomURLMapping,

  69. 	"gitlab":    OAuth2Providers["gitlab"].CustomURLMapping,

  70. 	"gitea":     OAuth2Providers["gitea"].CustomURLMapping,

  71. 	"nextcloud": OAuth2Providers["nextcloud"].CustomURLMapping,

  72. }

  73. 

  74. // GetActiveOAuth2ProviderLoginSources returns all actived LoginOAuth2 sources

  75. func GetActiveOAuth2ProviderLoginSources() ([]*LoginSource, error) {

  76. 	sources := make([]*LoginSource, 0, 1)

  77. 	if err := x.Where("is_actived = ? and type = ?", true, LoginOAuth2).Find(&sources); err != nil {

  78. 		return nil, err

  79. 	}

  80. 	return sources, nil

  81. }

  82. 

  83. // GetActiveOAuth2LoginSourceByName returns a OAuth2 LoginSource based on the given name

  84. func GetActiveOAuth2LoginSourceByName(name string) (*LoginSource, error) {

  85. 	loginSource := new(LoginSource)

  86. 	has, err := x.Where("name = ? and type = ? and is_actived = ?", name, LoginOAuth2, true).Get(loginSource)

  87. 	if !has || err != nil {

  88. 		return nil, err

  89. 	}

  90. 

  91. 	return loginSource, nil

  92. }

  93. 

  94. // GetActiveOAuth2Providers returns the map of configured active OAuth2 providers

  95. // key is used as technical name (like in the callbackURL)

  96. // values to display

  97. func GetActiveOAuth2Providers() ([]string, map[string]OAuth2Provider, error) {

  98. 	// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type

  99. 

  100. 	loginSources, err := GetActiveOAuth2ProviderLoginSources()

  101. 	if err != nil {

  102. 		return nil, nil, err

  103. 	}

  104. 

  105. 	var orderedKeys []string

  106. 	providers := make(map[string]OAuth2Provider)

  107. 	for _, source := range loginSources {

  108. 		providers[source.Name] = OAuth2Providers[source.OAuth2().Provider]

  109. 		orderedKeys = append(orderedKeys, source.Name)

  110. 	}

  111. 

  112. 	sort.Strings(orderedKeys)

  113. 

  114. 	return orderedKeys, providers, nil

  115. }

  116. 

  117. // InitOAuth2 initialize the OAuth2 lib and register all active OAuth2 providers in the library

  118. func InitOAuth2() error {

  119. 	if err := oauth2.Init(x); err != nil {

  120. 		return err

  121. 	}

  122. 	loginSources, _ := GetActiveOAuth2ProviderLoginSources()

  123. 

  124. 	for _, source := range loginSources {

  125. 		oAuth2Config := source.OAuth2()

  126. 		err := oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)

  127. 		if err != nil {

  128. 			return err

  129. 		}

  130. 	}

  131. 	return nil

  132. }

  133. 

  134. // wrapOpenIDConnectInitializeError is used to wrap the error but this cannot be done in modules/auth/oauth2

  135. // inside oauth2: import cycle not allowed models -> modules/auth/oauth2 -> models

  136. func wrapOpenIDConnectInitializeError(err error, providerName string, oAuth2Config *OAuth2Config) error {

  137. 	if err != nil && "openidConnect" == oAuth2Config.Provider {

  138. 		err = ErrOpenIDConnectInitialize{ProviderName: providerName, OpenIDConnectAutoDiscoveryURL: oAuth2Config.OpenIDConnectAutoDiscoveryURL, Cause: err}

  139. 	}

  140. 	return err

  141. }