oauth2

package
v1.23.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 10, 2025 License: MIT Imports: 43 Imported by: 6

Documentation

Index

Constants

View Source
const ProviderHeaderKey = "gitea-oauth2-provider"

ProviderHeaderKey is the HTTP header key

View Source
const UsersStoreKey = "gitea-oauth2-sessions"

UsersStoreKey is the key for the store

Variables

View Source
var ErrAuthSourceNotActivated = errors.New("auth source is not activated")

Functions

func ClearProviders

func ClearProviders()

ClearProviders clears all OAuth2 providers from the goth lib

func Init

func Init(ctx context.Context) error

Init initializes the oauth source

func IsErrOpenIDConnectInitialize

func IsErrOpenIDConnectInitialize(err error) bool

IsErrOpenIDConnectInitialize checks if an error is a ExternalLoginUserAlreadyExist.

func RegisterGothProvider

func RegisterGothProvider(provider GothProvider)

RegisterGothProvider registers a GothProvider

func RegisterProviderWithGothic

func RegisterProviderWithGothic(providerName string, source *Source) error

RegisterProviderWithGothic register a OAuth2 provider in goth lib

func RemoveProviderFromGothic

func RemoveProviderFromGothic(providerName string)

RemoveProviderFromGothic removes the given OAuth2 provider from the goth lib

func ResetOAuth2

func ResetOAuth2(ctx context.Context) error

ResetOAuth2 clears existing OAuth2 providers and loads them from DB

Types

type Attribute

type Attribute struct {
	Value     string
	Available bool
	Required  bool
}

Attribute describes the availability, and required status for a custom url configuration

type AuthSourceProvider added in v1.20.0

type AuthSourceProvider struct {
	GothProvider
	// contains filtered or unexported fields
}

AuthSourceProvider provides a provider for an AuthSource. Multiple auth sources could use the same registered GothProvider So each auth source should have its own DisplayName and IconHTML for display. The Name is the GothProvider's name, to help to find the GothProvider to sign in. The DisplayName is the auth source config's name, site admin set it on the admin page, the IconURL can also be set there.

func (*AuthSourceProvider) DisplayName added in v1.20.0

func (p *AuthSourceProvider) DisplayName() string

func (*AuthSourceProvider) IconHTML added in v1.20.0

func (p *AuthSourceProvider) IconHTML(size int) template.HTML

func (*AuthSourceProvider) Name added in v1.20.0

func (p *AuthSourceProvider) Name() string

type BaseProvider

type BaseProvider struct {
	// contains filtered or unexported fields
}

BaseProvider represents a common base for Provider

func (*BaseProvider) CustomURLSettings

func (b *BaseProvider) CustomURLSettings() *CustomURLSettings

CustomURLSettings returns the custom url settings for this provider

func (*BaseProvider) DisplayName

func (b *BaseProvider) DisplayName() string

DisplayName returns the friendly name for this provider

func (*BaseProvider) IconHTML added in v1.20.0

func (b *BaseProvider) IconHTML(size int) template.HTML

IconHTML returns icon HTML for this provider

func (*BaseProvider) Name

func (b *BaseProvider) Name() string

Name provides the technical name for this provider

type CustomProvider

type CustomProvider struct {
	BaseProvider
	// contains filtered or unexported fields
}

CustomProvider is a GothProvider that has CustomURL features

func NewCustomProvider

func NewCustomProvider(name, displayName string, customURLSetting *CustomURLSettings, newFn CustomProviderNewFn) *CustomProvider

NewCustomProvider is a constructor function for custom providers

func (*CustomProvider) CreateGothProvider

func (c *CustomProvider) CreateGothProvider(providerName, callbackURL string, source *Source) (goth.Provider, error)

CreateGothProvider creates a GothProvider from this Provider

func (*CustomProvider) CustomURLSettings

func (c *CustomProvider) CustomURLSettings() *CustomURLSettings

CustomURLSettings returns the CustomURLSettings for this provider

type CustomProviderNewFn

type CustomProviderNewFn func(clientID, secret, callbackURL string, custom *CustomURLMapping, scopes []string) (goth.Provider, error)

CustomProviderNewFn creates a goth.Provider using a custom url mapping

type CustomURLMapping

type CustomURLMapping struct {
	AuthURL    string `json:",omitempty"`
	TokenURL   string `json:",omitempty"`
	ProfileURL string `json:",omitempty"`
	EmailURL   string `json:",omitempty"`
	Tenant     string `json:",omitempty"`
}

CustomURLMapping describes the urls values to use when customizing OAuth2 provider URLs

type CustomURLSettings

type CustomURLSettings struct {
	AuthURL    Attribute `json:",omitempty"`
	TokenURL   Attribute `json:",omitempty"`
	ProfileURL Attribute `json:",omitempty"`
	EmailURL   Attribute `json:",omitempty"`
	Tenant     Attribute `json:",omitempty"`
}

CustomURLSettings describes the urls values and availability to use when customizing OAuth2 provider URLs

func (*CustomURLSettings) OverrideWith

func (c *CustomURLSettings) OverrideWith(override *CustomURLMapping) *CustomURLMapping

OverrideWith copies the current customURLMapping and overrides it with values from the provided mapping

func (*CustomURLSettings) Required

func (c *CustomURLSettings) Required() bool

Required is true if any attribute is required

type ErrOpenIDConnectInitialize

type ErrOpenIDConnectInitialize struct {
	OpenIDConnectAutoDiscoveryURL string
	ProviderName                  string
	Cause                         error
}

ErrOpenIDConnectInitialize represents a "OpenIDConnectInitialize" kind of error.

func (ErrOpenIDConnectInitialize) Error

func (err ErrOpenIDConnectInitialize) Error() string

func (ErrOpenIDConnectInitialize) Unwrap added in v1.19.0

func (err ErrOpenIDConnectInitialize) Unwrap() error

type GothProvider

type GothProvider interface {
	Provider
	GothProviderCreator
}

GothProvider is an interface for describing a single OAuth2 provider

type GothProviderCreator

type GothProviderCreator interface {
	CreateGothProvider(providerName, callbackURL string, source *Source) (goth.Provider, error)
}

GothProviderCreator provides a function to create a goth.Provider

type OpenIDProvider

type OpenIDProvider struct{}

OpenIDProvider is a GothProvider for OpenID

func (*OpenIDProvider) CreateGothProvider

func (o *OpenIDProvider) CreateGothProvider(providerName, callbackURL string, source *Source) (goth.Provider, error)

CreateGothProvider creates a GothProvider from this Provider

func (*OpenIDProvider) CustomURLSettings

func (o *OpenIDProvider) CustomURLSettings() *CustomURLSettings

CustomURLSettings returns the custom url settings for this provider

func (*OpenIDProvider) DisplayName

func (o *OpenIDProvider) DisplayName() string

DisplayName returns the friendly name for this provider

func (*OpenIDProvider) IconHTML added in v1.20.0

func (o *OpenIDProvider) IconHTML(size int) template.HTML

IconHTML returns icon HTML for this provider

func (*OpenIDProvider) Name

func (o *OpenIDProvider) Name() string

Name provides the technical name for this provider

type Provider

type Provider interface {
	Name() string
	DisplayName() string
	IconHTML(size int) template.HTML
	CustomURLSettings() *CustomURLSettings
}

Provider is an interface for describing a single OAuth2 provider

func CreateProviderFromSource added in v1.22.0

func CreateProviderFromSource(source *auth.Source) (Provider, error)

func GetOAuth2Providers

func GetOAuth2Providers(ctx context.Context, isActive optional.Option[bool]) ([]Provider, error)

GetOAuth2Providers returns the list of configured OAuth2 providers

func GetSupportedOAuth2Providers added in v1.22.0

func GetSupportedOAuth2Providers() []Provider

GetSupportedOAuth2Providers returns the map of unconfigured OAuth2 providers key is used as technical name (like in the callbackURL) values to display

type SessionsStore

type SessionsStore struct {
	// contains filtered or unexported fields
}

SessionsStore creates a gothic store from our session

func (*SessionsStore) Get

func (st *SessionsStore) Get(r *http.Request, name string) (*sessions.Session, error)

Get should return a cached session.

func (*SessionsStore) New

func (st *SessionsStore) New(r *http.Request, name string) (*sessions.Session, error)

New should create and return a new session.

Note that New should never return a nil session, even in the case of an error if using the Registry infrastructure to cache the session.

func (*SessionsStore) Save

func (st *SessionsStore) Save(r *http.Request, w http.ResponseWriter, session *sessions.Session) error

Save should persist session to the underlying store implementation.

type SimpleProvider

type SimpleProvider struct {
	BaseProvider
	// contains filtered or unexported fields
}

SimpleProvider is a GothProvider which does not have custom url features

func NewSimpleProvider

func NewSimpleProvider(name, displayName string, scopes []string, newFn SimpleProviderNewFn) *SimpleProvider

NewSimpleProvider is a constructor function for simple providers

func (*SimpleProvider) CreateGothProvider

func (c *SimpleProvider) CreateGothProvider(providerName, callbackURL string, source *Source) (goth.Provider, error)

CreateGothProvider creates a GothProvider from this Provider

type SimpleProviderNewFn

type SimpleProviderNewFn func(clientKey, secret, callbackURL string, scopes ...string) goth.Provider

SimpleProviderNewFn create goth.Providers without custom url features

type Source

type Source struct {
	Provider                      string
	ClientID                      string
	ClientSecret                  string
	OpenIDConnectAutoDiscoveryURL string
	CustomURLMapping              *CustomURLMapping
	IconURL                       string

	Scopes              []string
	RequiredClaimName   string
	RequiredClaimValue  string
	GroupClaimName      string
	AdminGroup          string
	GroupTeamMap        string
	GroupTeamMapRemoval bool
	RestrictedGroup     string
	SkipLocalTwoFA      bool `json:",omitempty"`
	// contains filtered or unexported fields
}

Source holds configuration for the OAuth2 login source.

func (*Source) Authenticate

func (source *Source) Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error)

Authenticate falls back to the db authenticator

func (*Source) Callback

func (source *Source) Callback(request *http.Request, response http.ResponseWriter) (goth.User, error)

Callback handles OAuth callback, resolve to a goth user and send back to original url this will trigger a new authentication request, but because we save it in the session we can use that

func (*Source) Callout

func (source *Source) Callout(request *http.Request, response http.ResponseWriter) error

Callout redirects request/response pair to authenticate against the provider

func (*Source) DisplayName

func (source *Source) DisplayName() string

DisplayName returns the display name of this source

func (*Source) FromDB

func (source *Source) FromDB(bs []byte) error

FromDB fills up an OAuth2Config from serialized format.

func (*Source) Name

func (source *Source) Name() string

Name returns the provider name of this source

func (*Source) RegisterSource

func (source *Source) RegisterSource() error

RegisterSource causes an OAuth2 configuration to be registered

func (*Source) SetAuthSource

func (source *Source) SetAuthSource(authSource *auth.Source)

SetAuthSource sets the related AuthSource

func (*Source) Sync added in v1.23.0

func (source *Source) Sync(ctx context.Context, updateExisting bool) error

Sync causes this OAuth2 source to synchronize its users with the db.

func (*Source) ToDB

func (source *Source) ToDB() ([]byte, error)

ToDB exports an OAuth2Config to a serialized format.

func (*Source) UnregisterSource

func (source *Source) UnregisterSource() error

UnregisterSource causes an OAuth2 configuration to be unregistered

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL