From 4008b7ce382f4f8de340f4e1fe152500396de672 Mon Sep 17 00:00:00 2001 From: Thomas Miceli Date: Mon, 17 Apr 2023 19:11:32 +0200 Subject: [PATCH] Client key and secret Oauth in config --- config.yml | 14 +++++++++++++ internal/config/config.go | 9 +++++++++ internal/models/user.go | 2 +- internal/web/auth.go | 41 +++++++++++++++++++++++++++++++++++++-- internal/web/run.go | 14 +------------ 5 files changed, 64 insertions(+), 16 deletions(-) diff --git a/config.yml b/config.yml index b08cb4b..7c9a953 100644 --- a/config.yml +++ b/config.yml @@ -53,3 +53,17 @@ ssh.external-domain: # Path or alias to ssh-keygen executable. Default: ssh-keygen ssh.keygen-executable: ssh-keygen + + +# OAuth2 configuration +# The callback/redirect URL must be http://opengist.domain/oauth//callback + +# To create a new OAuth2 application using GitHub : https://github.com/settings/applications/new +github.client-key: +github.secret: + +# To create a new OAuth2 application using Gitea : https://gitea.domain/user/settings/applications +gitea.client-key: +gitea.secret: +# URL of your Gitea instance. Default: https://gitea.com/ +gitea.url: https://gitea.com/ diff --git a/internal/config/config.go b/internal/config/config.go index a058871..5f6130e 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -35,6 +35,13 @@ type config struct { SshPort string `yaml:"ssh.port"` SshExternalDomain string `yaml:"ssh.external-domain"` SshKeygen string `yaml:"ssh.keygen-executable"` + + GithubClientKey string `yaml:"github.client-key"` + GithubSecret string `yaml:"github.secret"` + + GiteaClientKey string `yaml:"gitea.client-key"` + GiteaSecret string `yaml:"gitea.secret"` + GiteaUrl string `yaml:"gitea.url"` } func configWithDefaults() (*config, error) { @@ -58,6 +65,8 @@ func configWithDefaults() (*config, error) { c.SshPort = "2222" c.SshKeygen = "ssh-keygen" + c.GiteaUrl = "http://gitea.com" + return c, nil } diff --git a/internal/models/user.go b/internal/models/user.go index 62aff3e..961e54b 100644 --- a/internal/models/user.go +++ b/internal/models/user.go @@ -133,7 +133,7 @@ func (user *User) HasLiked(gist *Gist) (bool, error) { return true, nil } -func (user *User) DeleteProvider(provider string) error { +func (user *User) DeleteProviderID(provider string) error { switch provider { case "github": return db.Model(&user).Update("github_id", nil).Error diff --git a/internal/web/auth.go b/internal/web/auth.go index 42e86b0..3e54f33 100644 --- a/internal/web/auth.go +++ b/internal/web/auth.go @@ -6,11 +6,15 @@ import ( "errors" "fmt" "github.com/labstack/echo/v4" + "github.com/markbates/goth" "github.com/markbates/goth/gothic" + "github.com/markbates/goth/providers/gitea" + "github.com/markbates/goth/providers/github" "github.com/rs/zerolog/log" "gorm.io/gorm" "io" "net/http" + "opengist/internal/config" "opengist/internal/models" "strings" ) @@ -213,6 +217,39 @@ func oauthCallback(ctx echo.Context) error { func oauth(ctx echo.Context) error { provider := ctx.Param("provider") + httpProtocol := "http" + if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" { + httpProtocol = "https" + } + + httpDomain := httpProtocol + "://" + ctx.Request().Host + giteaUrl := config.C.GiteaUrl + // remove trailing slash + if giteaUrl[len(giteaUrl)-1] == '/' { + giteaUrl = giteaUrl[:len(giteaUrl)-1] + } + + switch provider { + case "github": + goth.UseProviders( + github.New( + config.C.GithubClientKey, + config.C.GithubSecret, + httpDomain+"/oauth/github/callback"), + ) + + case "gitea": + goth.UseProviders( + gitea.NewCustomisedURL( + config.C.GiteaClientKey, + config.C.GiteaSecret, + httpDomain+"/oauth/gitea/callback", + giteaUrl+"/login/oauth/authorize", + giteaUrl+"/login/oauth/access_token", + giteaUrl+"/api/v1/user"), + ) + } + currUser := getUserLogged(ctx) if currUser != nil { isDelete := false @@ -221,12 +258,12 @@ func oauth(ctx echo.Context) error { case "github": if currUser.GithubID != "" { isDelete = true - err = currUser.DeleteProvider(provider) + err = currUser.DeleteProviderID(provider) } case "gitea": if currUser.GiteaID != "" { isDelete = true - err = currUser.DeleteProvider(provider) + err = currUser.DeleteProviderID(provider) } } diff --git a/internal/web/run.go b/internal/web/run.go index 6523a3f..c014a8a 100644 --- a/internal/web/run.go +++ b/internal/web/run.go @@ -8,10 +8,7 @@ import ( "github.com/gorilla/sessions" "github.com/labstack/echo/v4" "github.com/labstack/echo/v4/middleware" - "github.com/markbates/goth" "github.com/markbates/goth/gothic" - "github.com/markbates/goth/providers/gitea" - "github.com/markbates/goth/providers/github" "github.com/rs/zerolog/log" "html/template" "io" @@ -101,16 +98,7 @@ func (t *Template) Render(w io.Writer, name string, data interface{}, _ echo.Con func Start() { store = sessions.NewCookieStore([]byte("opengist")) gothic.Store = store - goth.UseProviders( - github.New("d92c7e165383b2804407", "ffc450216b9776a752cdb0e533f953f65ce632a3", "http://localhost:6157/oauth/github/callback"), - gitea.NewCustomisedURL( - "efdd0fed-6972-42ce-8f9f-e65b9fd0ca09", - "gto_dwilh6ia4nic4f4dt5owv4h7rvuss5ajw2ctqqa44xcpwevyg6wq", - "http://localhost:6157/oauth/gitea/callback", - "http://localhost:3000/login/oauth/authorize", - "http://localhost:3000/login/oauth/access_token", - "http://localhost:3000/api/v1/user"), - ) + assetsFS := echo.MustSubFS(EmbedFS, "public/assets") e := echo.New()