wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: f00a4c8078
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'f00a4c8078'
${ noResults }
aiforge/vendor/github.com/markbates/goth/gothic/gothic.go

219 lines
6.0 kB
Raw Blame History 

  1. /*

  2. Package gothic wraps common behaviour when using Goth. This makes it quick, and easy, to get up

  3. and running with Goth. Of course, if you want complete control over how things flow, in regards

  4. to the authentication process, feel free and use Goth directly.

  5. 

  6. See https://github.com/markbates/goth/examples/main.go to see this in action.

  7. */

  8. package gothic

  9. 

  10. import (

  11. 	"errors"

  12. 	"fmt"

  13. 	"net/http"

  14. 	"os"

  15. 

  16. 	"github.com/gorilla/mux"

  17. 	"github.com/gorilla/sessions"

  18. 	"github.com/markbates/goth"

  19. )

  20. 

  21. // SessionName is the key used to access the session store.

  22. const SessionName = "_gothic_session"

  23. 

  24. // Store can/should be set by applications using gothic. The default is a cookie store.

  25. var Store sessions.Store

  26. var defaultStore sessions.Store

  27. 

  28. var keySet = false

  29. 

  30. func init() {

  31. 	key := []byte(os.Getenv("SESSION_SECRET"))

  32. 	keySet = len(key) != 0

  33. 	Store = sessions.NewCookieStore([]byte(key))

  34. 	defaultStore = Store

  35. }

  36. 

  37. /*

  38. BeginAuthHandler is a convienence handler for starting the authentication process.

  39. It expects to be able to get the name of the provider from the query parameters

  40. as either "provider" or ":provider".

  41. 

  42. BeginAuthHandler will redirect the user to the appropriate authentication end-point

  43. for the requested provider.

  44. 

  45. See https://github.com/markbates/goth/examples/main.go to see this in action.

  46. */

  47. func BeginAuthHandler(res http.ResponseWriter, req *http.Request) {

  48. 	url, err := GetAuthURL(res, req)

  49. 	if err != nil {

  50. 		res.WriteHeader(http.StatusBadRequest)

  51. 		fmt.Fprintln(res, err)

  52. 		return

  53. 	}

  54. 

  55. 	http.Redirect(res, req, url, http.StatusTemporaryRedirect)

  56. }

  57. 

  58. // SetState sets the state string associated with the given request.

  59. // If no state string is associated with the request, one will be generated.

  60. // This state is sent to the provider and can be retrieved during the

  61. // callback.

  62. var SetState = func(req *http.Request) string {

  63. 	state := req.URL.Query().Get("state")

  64. 	if len(state) > 0 {

  65. 		return state

  66. 	}

  67. 

  68. 	return "state"

  69. 

  70. }

  71. 

  72. // GetState gets the state returned by the provider during the callback.

  73. // This is used to prevent CSRF attacks, see

  74. // http://tools.ietf.org/html/rfc6749#section-10.12

  75. var GetState = func(req *http.Request) string {

  76. 	return req.URL.Query().Get("state")

  77. }

  78. 

  79. /*

  80. GetAuthURL starts the authentication process with the requested provided.

  81. It will return a URL that should be used to send users to.

  82. 

  83. It expects to be able to get the name of the provider from the query parameters

  84. as either "provider" or ":provider".

  85. 

  86. I would recommend using the BeginAuthHandler instead of doing all of these steps

  87. yourself, but that's entirely up to you.

  88. */

  89. func GetAuthURL(res http.ResponseWriter, req *http.Request) (string, error) {

  90. 

  91. 	if !keySet && defaultStore == Store {

  92. 		fmt.Println("goth/gothic: no SESSION_SECRET environment variable is set. The default cookie store is not available and any calls will fail. Ignore this warning if you are using a different store.")

  93. 	}

  94. 

  95. 	providerName, err := GetProviderName(req)

  96. 	if err != nil {

  97. 		return "", err

  98. 	}

  99. 

  100. 	provider, err := goth.GetProvider(providerName)

  101. 	if err != nil {

  102. 		return "", err

  103. 	}

  104. 	sess, err := provider.BeginAuth(SetState(req))

  105. 	if err != nil {

  106. 		return "", err

  107. 	}

  108. 

  109. 	url, err := sess.GetAuthURL()

  110. 	if err != nil {

  111. 		return "", err

  112. 	}

  113. 

  114. 	err = storeInSession(providerName, sess.Marshal(), req, res)

  115. 

  116. 	if err != nil {

  117. 		return "", err

  118. 	}

  119. 

  120. 	return url, err

  121. }

  122. 

  123. /*

  124. CompleteUserAuth does what it says on the tin. It completes the authentication

  125. process and fetches all of the basic information about the user from the provider.

  126. 

  127. It expects to be able to get the name of the provider from the query parameters

  128. as either "provider" or ":provider".

  129. 

  130. See https://github.com/markbates/goth/examples/main.go to see this in action.

  131. */

  132. var CompleteUserAuth = func(res http.ResponseWriter, req *http.Request) (goth.User, error) {

  133. 

  134. 	if !keySet && defaultStore == Store {

  135. 		fmt.Println("goth/gothic: no SESSION_SECRET environment variable is set. The default cookie store is not available and any calls will fail. Ignore this warning if you are using a different store.")

  136. 	}

  137. 

  138. 	providerName, err := GetProviderName(req)

  139. 	if err != nil {

  140. 		return goth.User{}, err

  141. 	}

  142. 

  143. 	provider, err := goth.GetProvider(providerName)

  144. 	if err != nil {

  145. 		return goth.User{}, err

  146. 	}

  147. 

  148. 	value, err := getFromSession(providerName, req)

  149. 	if err != nil {

  150. 		return goth.User{}, err

  151. 	}

  152. 

  153. 	sess, err := provider.UnmarshalSession(value)

  154. 	if err != nil {

  155. 		return goth.User{}, err

  156. 	}

  157. 

  158. 	user, err := provider.FetchUser(sess)

  159. 	if err == nil {

  160. 		// user can be found with existing session data

  161. 		return user, err

  162. 	}

  163. 

  164. 	// get new token and retry fetch

  165. 	_, err = sess.Authorize(provider, req.URL.Query())

  166. 	if err != nil {

  167. 		return goth.User{}, err

  168. 	}

  169. 

  170. 	err = storeInSession(providerName, sess.Marshal(), req, res)

  171. 

  172. 	if err != nil {

  173. 		return goth.User{}, err

  174. 	}

  175. 

  176. 	return provider.FetchUser(sess)

  177. }

  178. 

  179. // GetProviderName is a function used to get the name of a provider

  180. // for a given request. By default, this provider is fetched from

  181. // the URL query string. If you provide it in a different way,

  182. // assign your own function to this variable that returns the provider

  183. // name for your request.

  184. var GetProviderName = getProviderName

  185. 

  186. func getProviderName(req *http.Request) (string, error) {

  187. 	provider := req.URL.Query().Get("provider")

  188. 	if provider == "" {

  189. 		if p, ok := mux.Vars(req)["provider"]; ok {

  190. 			return p, nil

  191. 		}

  192. 	}

  193. 	if provider == "" {

  194. 		provider = req.URL.Query().Get(":provider")

  195. 	}

  196. 	if provider == "" {

  197. 		return provider, errors.New("you must select a provider")

  198. 	}

  199. 	return provider, nil

  200. }

  201. 

  202. func storeInSession(key string, value string, req *http.Request, res http.ResponseWriter) error {

  203. 	session, _ := Store.Get(req, key + SessionName)

  204. 

  205. 	session.Values[key] = value

  206. 

  207. 	return session.Save(req, res)

  208. }

  209. 

  210. func getFromSession(key string, req *http.Request) (string, error) {

  211. 	session, _ := Store.Get(req, key + SessionName)

  212. 

  213. 	value := session.Values[key]

  214. 	if value == nil {

  215. 		return "", errors.New("could not find a matching session for this request")

  216. 	}

  217. 

  218. 	return value.(string), nil

  219. }