-
Notifications
You must be signed in to change notification settings - Fork 0
/
provider.go
122 lines (104 loc) · 2.6 KB
/
provider.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
// Content managed by Project Forge, see [projectforge.md] for details.
package auth
import (
"fmt"
"strings"
"github.com/markbates/goth"
"github.com/pkg/errors"
"admini.dev/admini/app/util"
)
type Provider struct {
ID string `json:"id"`
Title string `json:"title"`
Key string `json:"-"`
Secret string `json:"-"`
Scopes []string `json:"-"`
}
func (p *Provider) Goth(proto string, host string) (goth.Provider, error) {
if p := util.GetEnv("oauth_protocol"); p != "" {
proto = p
}
if proto == "" {
proto = "http"
}
u := fmt.Sprintf("%s://%s", proto, host)
if env := util.GetEnv(util.AppKey + "_oauth_redirect"); env != "" {
u = env
}
if env := util.GetEnv("oauth_redirect"); env != "" {
u = env
}
u = strings.TrimSuffix(u, "/")
cb := fmt.Sprintf("%s/auth/callback/%s", u, p.ID)
gothPrv, err := toGoth(p.ID, p.Key, p.Secret, cb, p.Scopes...)
if err != nil {
return nil, err
}
goth.UseProviders(gothPrv)
return gothPrv, nil
}
type Providers []*Provider
func (p Providers) Get(id string) *Provider {
for _, x := range p {
if x.ID == id {
return x
}
}
return nil
}
func (p Providers) Contains(id string) bool {
return p.Get(id) != nil
}
func (p Providers) IDs() []string {
ret := make([]string, 0, len(p))
for _, x := range p {
ret = append(ret, x.ID)
}
return ret
}
func (p Providers) Titles() []string {
ret := make([]string, 0, len(p))
for _, x := range p {
ret = append(ret, x.Title)
}
return ret
}
func (s *Service) Providers() (Providers, error) {
if s.providers == nil {
err := s.load()
if err != nil {
return nil, err
}
}
return s.providers, nil
}
func (s *Service) load() error {
if s.providers != nil {
return errors.New("called [load] twice")
}
if s.baseURL == "" {
s.baseURL = util.GetEnv(util.AppKey + "_oauth_redirect")
}
if s.baseURL == "" {
s.baseURL = fmt.Sprintf("http://localhost:%d", util.AppPort)
}
s.baseURL = strings.TrimSuffix(s.baseURL, "/")
initAvailable()
ret := Providers{}
for _, k := range AvailableProviderKeys {
envKey := util.GetEnv(k + "_key")
envSecret := util.GetEnv(k + "_secret")
envScopes := util.StringSplitAndTrim(util.GetEnv(k+"_scopes"), ",")
if envKey != "" {
ret = append(ret, &Provider{ID: k, Title: AvailableProviderNames[k], Key: envKey, Secret: envSecret, Scopes: envScopes})
}
}
s.providers = ret
if len(ret) == 0 {
s.logger.Debug("authentication disabled, no providers configured in environment")
} else {
const msg = "authentication enabled for [%s], using [%s] as a base URL"
s.logger.Infof(msg, util.StringArrayOxfordComma(ret.Titles(), "and"), s.baseURL)
}
return nil
}