9d855bd6a1
* Simplify Gothic to use our session store instead of creating a different store We have been using xormstore to provide a separate session store for our OAuth2 logins however, this relies on using gorilla context and some doubling of our session storing. We can however, simplify and simply use our own chi-based session store. Thus removing a cookie and some of the weirdness with missing contexts. Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net> * Handle MaxTokenLength Signed-off-by: Andrew Thornton <art27@cantab.net> * oops Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
79 lines
1.8 KiB
Go
79 lines
1.8 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package oauth2
|
|
|
|
import (
|
|
"encoding/gob"
|
|
"net/http"
|
|
"sync"
|
|
|
|
"code.gitea.io/gitea/models/login"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/gorilla/sessions"
|
|
"github.com/markbates/goth/gothic"
|
|
)
|
|
|
|
var gothRWMutex = sync.RWMutex{}
|
|
|
|
// UsersStoreKey is the key for the store
|
|
const UsersStoreKey = "gitea-oauth2-sessions"
|
|
|
|
// ProviderHeaderKey is the HTTP header key
|
|
const ProviderHeaderKey = "gitea-oauth2-provider"
|
|
|
|
// Init initializes the oauth source
|
|
func Init() error {
|
|
if err := InitSigningKey(); err != nil {
|
|
return err
|
|
}
|
|
|
|
// Lock our mutex
|
|
gothRWMutex.Lock()
|
|
|
|
gob.Register(&sessions.Session{})
|
|
|
|
gothic.Store = &SessionsStore{
|
|
maxLength: int64(setting.OAuth2.MaxTokenLength),
|
|
}
|
|
|
|
gothic.SetState = func(req *http.Request) string {
|
|
return uuid.New().String()
|
|
}
|
|
|
|
gothic.GetProviderName = func(req *http.Request) (string, error) {
|
|
return req.Header.Get(ProviderHeaderKey), nil
|
|
}
|
|
|
|
// Unlock our mutex
|
|
gothRWMutex.Unlock()
|
|
|
|
return initOAuth2LoginSources()
|
|
}
|
|
|
|
// ResetOAuth2 clears existing OAuth2 providers and loads them from DB
|
|
func ResetOAuth2() error {
|
|
ClearProviders()
|
|
return initOAuth2LoginSources()
|
|
}
|
|
|
|
// initOAuth2LoginSources is used to load and register all active OAuth2 providers
|
|
func initOAuth2LoginSources() error {
|
|
loginSources, _ := login.GetActiveOAuth2ProviderLoginSources()
|
|
for _, source := range loginSources {
|
|
oauth2Source, ok := source.Cfg.(*Source)
|
|
if !ok {
|
|
continue
|
|
}
|
|
err := oauth2Source.RegisterSource()
|
|
if err != nil {
|
|
log.Critical("Unable to register source: %s due to Error: %v.", source.Name, err)
|
|
}
|
|
}
|
|
return nil
|
|
}
|