mirror of https://github.com/gogits/gogs.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
394 lines
9.8 KiB
394 lines
9.8 KiB
// Copyright 2014 Google Inc. All Rights Reserved. |
|
// Copyright 2014 The Gogs Authors. All rights reserved. |
|
// Use of this source code is governed by a MIT-style |
|
// license that can be found in the LICENSE file. |
|
|
|
package social |
|
|
|
import ( |
|
"encoding/json" |
|
"net/http" |
|
"net/url" |
|
"strconv" |
|
"strings" |
|
|
|
oauth "github.com/gogits/oauth2" |
|
|
|
"github.com/gogits/gogs/models" |
|
"github.com/gogits/gogs/modules/log" |
|
"github.com/gogits/gogs/modules/setting" |
|
) |
|
|
|
type BasicUserInfo struct { |
|
Identity string |
|
Name string |
|
Email string |
|
} |
|
|
|
type SocialConnector interface { |
|
Type() int |
|
SetRedirectUrl(string) |
|
UserInfo(*oauth.Token, *url.URL) (*BasicUserInfo, error) |
|
|
|
AuthCodeURL(string) string |
|
Exchange(string) (*oauth.Token, error) |
|
} |
|
|
|
var ( |
|
SocialBaseUrl = "/user/login" |
|
SocialMap = make(map[string]SocialConnector) |
|
) |
|
|
|
func NewOauthService() { |
|
if !setting.Cfg.MustBool("oauth", "ENABLED") { |
|
return |
|
} |
|
|
|
setting.OauthService = &setting.Oauther{} |
|
setting.OauthService.OauthInfos = make(map[string]*setting.OauthInfo) |
|
|
|
socialConfigs := make(map[string]*oauth.Config) |
|
allOauthes := []string{"github", "google", "qq", "twitter", "weibo"} |
|
// Load all OAuth config data. |
|
for _, name := range allOauthes { |
|
setting.OauthService.OauthInfos[name] = &setting.OauthInfo{ |
|
ClientId: setting.Cfg.MustValue("oauth."+name, "CLIENT_ID"), |
|
ClientSecret: setting.Cfg.MustValue("oauth."+name, "CLIENT_SECRET"), |
|
Scopes: setting.Cfg.MustValue("oauth."+name, "SCOPES"), |
|
AuthUrl: setting.Cfg.MustValue("oauth."+name, "AUTH_URL"), |
|
TokenUrl: setting.Cfg.MustValue("oauth."+name, "TOKEN_URL"), |
|
} |
|
socialConfigs[name] = &oauth.Config{ |
|
ClientId: setting.OauthService.OauthInfos[name].ClientId, |
|
ClientSecret: setting.OauthService.OauthInfos[name].ClientSecret, |
|
RedirectURL: strings.TrimSuffix(setting.AppUrl, "/") + SocialBaseUrl + name, |
|
Scope: setting.OauthService.OauthInfos[name].Scopes, |
|
AuthURL: setting.OauthService.OauthInfos[name].AuthUrl, |
|
TokenURL: setting.OauthService.OauthInfos[name].TokenUrl, |
|
} |
|
} |
|
enabledOauths := make([]string, 0, 10) |
|
|
|
// GitHub. |
|
if setting.Cfg.MustBool("oauth.github", "ENABLED") { |
|
setting.OauthService.GitHub = true |
|
newGitHubOauth(socialConfigs["github"]) |
|
enabledOauths = append(enabledOauths, "GitHub") |
|
} |
|
|
|
// Google. |
|
if setting.Cfg.MustBool("oauth.google", "ENABLED") { |
|
setting.OauthService.Google = true |
|
newGoogleOauth(socialConfigs["google"]) |
|
enabledOauths = append(enabledOauths, "Google") |
|
} |
|
|
|
// QQ. |
|
if setting.Cfg.MustBool("oauth.qq", "ENABLED") { |
|
setting.OauthService.Tencent = true |
|
newTencentOauth(socialConfigs["qq"]) |
|
enabledOauths = append(enabledOauths, "QQ") |
|
} |
|
|
|
// Twitter. |
|
if setting.Cfg.MustBool("oauth.twitter", "ENABLED") { |
|
setting.OauthService.Twitter = true |
|
newTwitterOauth(socialConfigs["twitter"]) |
|
enabledOauths = append(enabledOauths, "Twitter") |
|
} |
|
|
|
// Weibo. |
|
if setting.Cfg.MustBool("oauth.weibo", "ENABLED") { |
|
setting.OauthService.Weibo = true |
|
newWeiboOauth(socialConfigs["weibo"]) |
|
enabledOauths = append(enabledOauths, "Weibo") |
|
} |
|
|
|
log.Info("Oauth Service Enabled %s", enabledOauths) |
|
} |
|
|
|
// ________.__ __ ___ ___ ___. |
|
// / _____/|__|/ |_ / | \ __ _\_ |__ |
|
// / \ ___| \ __\/ ~ \ | \ __ \ |
|
// \ \_\ \ || | \ Y / | / \_\ \ |
|
// \______ /__||__| \___|_ /|____/|___ / |
|
// \/ \/ \/ |
|
|
|
type SocialGithub struct { |
|
Token *oauth.Token |
|
*oauth.Transport |
|
} |
|
|
|
func (s *SocialGithub) Type() int { |
|
return int(models.GITHUB) |
|
} |
|
|
|
func newGitHubOauth(config *oauth.Config) { |
|
SocialMap["github"] = &SocialGithub{ |
|
Transport: &oauth.Transport{ |
|
Config: config, |
|
Transport: http.DefaultTransport, |
|
}, |
|
} |
|
} |
|
|
|
func (s *SocialGithub) SetRedirectUrl(url string) { |
|
s.Transport.Config.RedirectURL = url |
|
} |
|
|
|
func (s *SocialGithub) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { |
|
transport := &oauth.Transport{ |
|
Token: token, |
|
} |
|
var data struct { |
|
Id int `json:"id"` |
|
Name string `json:"login"` |
|
Email string `json:"email"` |
|
} |
|
var err error |
|
r, err := transport.Client().Get(s.Transport.Scope) |
|
if err != nil { |
|
return nil, err |
|
} |
|
defer r.Body.Close() |
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |
|
return nil, err |
|
} |
|
return &BasicUserInfo{ |
|
Identity: strconv.Itoa(data.Id), |
|
Name: data.Name, |
|
Email: data.Email, |
|
}, nil |
|
} |
|
|
|
// ________ .__ |
|
// / _____/ ____ ____ ____ | | ____ |
|
// / \ ___ / _ \ / _ \ / ___\| | _/ __ \ |
|
// \ \_\ ( <_> | <_> ) /_/ > |_\ ___/ |
|
// \______ /\____/ \____/\___ /|____/\___ > |
|
// \/ /_____/ \/ |
|
|
|
type SocialGoogle struct { |
|
Token *oauth.Token |
|
*oauth.Transport |
|
} |
|
|
|
func (s *SocialGoogle) Type() int { |
|
return int(models.GOOGLE) |
|
} |
|
|
|
func newGoogleOauth(config *oauth.Config) { |
|
SocialMap["google"] = &SocialGoogle{ |
|
Transport: &oauth.Transport{ |
|
Config: config, |
|
Transport: http.DefaultTransport, |
|
}, |
|
} |
|
} |
|
|
|
func (s *SocialGoogle) SetRedirectUrl(url string) { |
|
s.Transport.Config.RedirectURL = url |
|
} |
|
|
|
func (s *SocialGoogle) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { |
|
transport := &oauth.Transport{Token: token} |
|
var data struct { |
|
Id string `json:"id"` |
|
Name string `json:"name"` |
|
Email string `json:"email"` |
|
} |
|
var err error |
|
|
|
reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" |
|
r, err := transport.Client().Get(reqUrl) |
|
if err != nil { |
|
return nil, err |
|
} |
|
defer r.Body.Close() |
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |
|
return nil, err |
|
} |
|
return &BasicUserInfo{ |
|
Identity: data.Id, |
|
Name: data.Name, |
|
Email: data.Email, |
|
}, nil |
|
} |
|
|
|
// ________ ________ |
|
// \_____ \ \_____ \ |
|
// / / \ \ / / \ \ |
|
// / \_/. \/ \_/. \ |
|
// \_____\ \_/\_____\ \_/ |
|
// \__> \__> |
|
|
|
type SocialTencent struct { |
|
Token *oauth.Token |
|
*oauth.Transport |
|
reqUrl string |
|
} |
|
|
|
func (s *SocialTencent) Type() int { |
|
return int(models.QQ) |
|
} |
|
|
|
func newTencentOauth(config *oauth.Config) { |
|
SocialMap["qq"] = &SocialTencent{ |
|
reqUrl: "https://open.t.qq.com/api/user/info", |
|
Transport: &oauth.Transport{ |
|
Config: config, |
|
Transport: http.DefaultTransport, |
|
}, |
|
} |
|
} |
|
|
|
func (s *SocialTencent) SetRedirectUrl(url string) { |
|
s.Transport.Config.RedirectURL = url |
|
} |
|
|
|
func (s *SocialTencent) UserInfo(token *oauth.Token, URL *url.URL) (*BasicUserInfo, error) { |
|
var data struct { |
|
Data struct { |
|
Id string `json:"openid"` |
|
Name string `json:"name"` |
|
Email string `json:"email"` |
|
} `json:"data"` |
|
} |
|
var err error |
|
// https://open.t.qq.com/api/user/info? |
|
//oauth_consumer_key=APP_KEY& |
|
//access_token=ACCESSTOKEN&openid=openid |
|
//clientip=CLIENTIP&oauth_version=2.a |
|
//scope=all |
|
var urls = url.Values{ |
|
"oauth_consumer_key": {s.Transport.Config.ClientId}, |
|
"access_token": {token.AccessToken}, |
|
"openid": URL.Query()["openid"], |
|
"oauth_version": {"2.a"}, |
|
"scope": {"all"}, |
|
} |
|
r, err := http.Get(s.reqUrl + "?" + urls.Encode()) |
|
if err != nil { |
|
return nil, err |
|
} |
|
defer r.Body.Close() |
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |
|
return nil, err |
|
} |
|
return &BasicUserInfo{ |
|
Identity: data.Data.Id, |
|
Name: data.Data.Name, |
|
Email: data.Data.Email, |
|
}, nil |
|
} |
|
|
|
// ___________ .__ __ __ |
|
// \__ ___/_ _ _|__|/ |__/ |_ ___________ |
|
// | | \ \/ \/ / \ __\ __\/ __ \_ __ \ |
|
// | | \ /| || | | | \ ___/| | \/ |
|
// |____| \/\_/ |__||__| |__| \___ >__| |
|
// \/ |
|
|
|
type SocialTwitter struct { |
|
Token *oauth.Token |
|
*oauth.Transport |
|
} |
|
|
|
func (s *SocialTwitter) Type() int { |
|
return int(models.TWITTER) |
|
} |
|
|
|
func newTwitterOauth(config *oauth.Config) { |
|
SocialMap["twitter"] = &SocialTwitter{ |
|
Transport: &oauth.Transport{ |
|
Config: config, |
|
Transport: http.DefaultTransport, |
|
}, |
|
} |
|
} |
|
|
|
func (s *SocialTwitter) SetRedirectUrl(url string) { |
|
s.Transport.Config.RedirectURL = url |
|
} |
|
|
|
//https://github.com/mrjones/oauth |
|
func (s *SocialTwitter) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { |
|
// transport := &oauth.Transport{Token: token} |
|
// var data struct { |
|
// Id string `json:"id"` |
|
// Name string `json:"name"` |
|
// Email string `json:"email"` |
|
// } |
|
// var err error |
|
|
|
// reqUrl := "https://www.googleapis.com/oauth2/v1/userinfo" |
|
// r, err := transport.Client().Get(reqUrl) |
|
// if err != nil { |
|
// return nil, err |
|
// } |
|
// defer r.Body.Close() |
|
// if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |
|
// return nil, err |
|
// } |
|
// return &BasicUserInfo{ |
|
// Identity: data.Id, |
|
// Name: data.Name, |
|
// Email: data.Email, |
|
// }, nil |
|
return nil, nil |
|
} |
|
|
|
// __ __ ._____. |
|
// / \ / \ ____ |__\_ |__ ____ |
|
// \ \/\/ // __ \| || __ \ / _ \ |
|
// \ /\ ___/| || \_\ ( <_> ) |
|
// \__/\ / \___ >__||___ /\____/ |
|
// \/ \/ \/ |
|
|
|
type SocialWeibo struct { |
|
Token *oauth.Token |
|
*oauth.Transport |
|
} |
|
|
|
func (s *SocialWeibo) Type() int { |
|
return int(models.WEIBO) |
|
} |
|
|
|
func newWeiboOauth(config *oauth.Config) { |
|
SocialMap["weibo"] = &SocialWeibo{ |
|
Transport: &oauth.Transport{ |
|
Config: config, |
|
Transport: http.DefaultTransport, |
|
}, |
|
} |
|
} |
|
|
|
func (s *SocialWeibo) SetRedirectUrl(url string) { |
|
s.Transport.Config.RedirectURL = url |
|
} |
|
|
|
func (s *SocialWeibo) UserInfo(token *oauth.Token, _ *url.URL) (*BasicUserInfo, error) { |
|
transport := &oauth.Transport{Token: token} |
|
var data struct { |
|
Name string `json:"name"` |
|
} |
|
var err error |
|
|
|
var urls = url.Values{ |
|
"access_token": {token.AccessToken}, |
|
"uid": {token.Extra["id_token"]}, |
|
} |
|
reqUrl := "https://api.weibo.com/2/users/show.json" |
|
r, err := transport.Client().Get(reqUrl + "?" + urls.Encode()) |
|
if err != nil { |
|
return nil, err |
|
} |
|
defer r.Body.Close() |
|
if err = json.NewDecoder(r.Body).Decode(&data); err != nil { |
|
return nil, err |
|
} |
|
return &BasicUserInfo{ |
|
Identity: token.Extra["id_token"], |
|
Name: data.Name, |
|
}, nil |
|
}
|
|
|