mirror
/
gitea
mirror of https://github.com/go-gitea/gitea
2
0
Fork 0
Code Issues Releases Wiki Activity

Refactor Find Sources and fix bug when view a user who belongs to an unactive auth source (#27798)

Browse Source 
The steps to reproduce it.

First, create a new oauth2 source.
Then, a user login with this oauth2 source.
Disable the oauth2 source.
Visit users -> settings -> security, 500 will be displayed.
This is because this page only load active Oauth2 sources but not all
Oauth2 sources.
pull/27887/head^2
Lunny Xiao 1 year ago committed by GitHub
parent 80715ae5c7
commit 1bf5527eac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 115 additions and 91 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      cmd/admin_auth.go
  2. 2
      models/activities/statistic.go
  3. 9
      models/auth/oauth2.go
  4. 49
      models/auth/source.go
  5. 14
      routers/web/admin/auths.go
  6. 10
      routers/web/admin/users.go
  7. 12
      routers/web/auth/auth.go
  8. 26
      routers/web/user/setting/security/security.go
  9. 5
      services/auth/signin.go
  10. 9
      services/auth/source/oauth2/init.go
  11. 47
      services/auth/source/oauth2/providers.go
  12. 5
      services/auth/sspi.go
  13. 2
      services/auth/sync.go
  14. 7
      templates/user/auth/signin_inner.tmpl
  15. 7
      templates/user/auth/signup_inner.tmpl

2
cmd/admin_auth.go
Unescape View File

@ -62,7 +62,7 @@ func runListAuth(c *cli.Context) error {
return err return err
} }
authSources, err := auth_model.Sources(ctx) authSources, err := auth_model.FindSources(ctx, auth_model.FindSourcesOptions{})
if err != nil { if err != nil {
return err return err
} }

2
models/activities/statistic.go
Unescape View File

@ -102,7 +102,7 @@ func GetStatistic(ctx context.Context) (stats Statistic) {
stats.Counter.Follow, _ = e.Count(new(user_model.Follow)) stats.Counter.Follow, _ = e.Count(new(user_model.Follow))
stats.Counter.Mirror, _ = e.Count(new(repo_model.Mirror)) stats.Counter.Mirror, _ = e.Count(new(repo_model.Mirror))
stats.Counter.Release, _ = e.Count(new(repo_model.Release)) stats.Counter.Release, _ = e.Count(new(repo_model.Release))
stats.Counter.AuthSource = auth.CountSources(ctx) stats.Counter.AuthSource = auth.CountSources(ctx, auth.FindSourcesOptions{})
stats.Counter.Webhook, _ = e.Count(new(webhook.Webhook)) stats.Counter.Webhook, _ = e.Count(new(webhook.Webhook))
stats.Counter.Milestone, _ = e.Count(new(issues_model.Milestone)) stats.Counter.Milestone, _ = e.Count(new(issues_model.Milestone))
stats.Counter.Label, _ = e.Count(new(issues_model.Label)) stats.Counter.Label, _ = e.Count(new(issues_model.Label))

9
models/auth/oauth2.go
Unescape View File

@ -631,15 +631,6 @@ func (err ErrOAuthApplicationNotFound) Unwrap() error {
return util.ErrNotExist return util.ErrNotExist
} }
// GetActiveOAuth2ProviderSources returns all actived LoginOAuth2 sources
func GetActiveOAuth2ProviderSources(ctx context.Context) ([]*Source, error) {
sources := make([]*Source, 0, 1)
if err := db.GetEngine(ctx).Where("is_active = ? and type = ?", true, OAuth2).Find(&sources); err != nil {
return nil, err
}
return sources, nil
}
// GetActiveOAuth2SourceByName returns a OAuth2 AuthSource based on the given name // GetActiveOAuth2SourceByName returns a OAuth2 AuthSource based on the given name
func GetActiveOAuth2SourceByName(ctx context.Context, name string) (*Source, error) { func GetActiveOAuth2SourceByName(ctx context.Context, name string) (*Source, error) {
authSource := new(Source) authSource := new(Source)

49
models/auth/source.go
Unescape View File

@ -14,6 +14,7 @@ import (
"code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/util"
"xorm.io/builder"
"xorm.io/xorm" "xorm.io/xorm"
"xorm.io/xorm/convert" "xorm.io/xorm/convert"
) )
@ -240,37 +241,26 @@ func CreateSource(ctx context.Context, source *Source) error {
return err return err
} }
// Sources returns a slice of all login sources found in DB. type FindSourcesOptions struct {
func Sources(ctx context.Context) ([]*Source, error) { IsActive util.OptionalBool
auths := make([]*Source, 0, 6) LoginType Type
return auths, db.GetEngine(ctx).Find(&auths)
} }
// SourcesByType returns all sources of the specified type func (opts FindSourcesOptions) ToConds() builder.Cond {
func SourcesByType(ctx context.Context, loginType Type) ([]*Source, error) { conds := builder.NewCond()
sources := make([]*Source, 0, 1) if !opts.IsActive.IsNone() {
if err := db.GetEngine(ctx).Where("type = ?", loginType).Find(&sources); err != nil { conds = conds.And(builder.Eq{"is_active": opts.IsActive.IsTrue()})
return nil, err
} }
return sources, nil if opts.LoginType != NoType {
} conds = conds.And(builder.Eq{"`type`": opts.LoginType})
// AllActiveSources returns all active sources
func AllActiveSources(ctx context.Context) ([]*Source, error) {
sources := make([]*Source, 0, 5)
if err := db.GetEngine(ctx).Where("is_active = ?", true).Find(&sources); err != nil {
return nil, err
} }
return sources, nil return conds
} }
// ActiveSources returns all active sources of the specified type // FindSources returns a slice of login sources found in DB according to given conditions.
func ActiveSources(ctx context.Context, tp Type) ([]*Source, error) { func FindSources(ctx context.Context, opts FindSourcesOptions) ([]*Source, error) {
sources := make([]*Source, 0, 1) auths := make([]*Source, 0, 6)
if err := db.GetEngine(ctx).Where("is_active = ? and type = ?", true, tp).Find(&sources); err != nil { return auths, db.GetEngine(ctx).Where(opts.ToConds()).Find(&auths)
return nil, err
}
return sources, nil
} }
// IsSSPIEnabled returns true if there is at least one activated login // IsSSPIEnabled returns true if there is at least one activated login
@ -279,7 +269,10 @@ func IsSSPIEnabled(ctx context.Context) bool {
if !db.HasEngine { if !db.HasEngine {
return false return false
} }
sources, err := ActiveSources(ctx, SSPI) sources, err := FindSources(ctx, FindSourcesOptions{
IsActive: util.OptionalBoolTrue,
LoginType: SSPI,
})
if err != nil { if err != nil {
log.Error("ActiveSources: %v", err) log.Error("ActiveSources: %v", err)
return false return false
@ -354,8 +347,8 @@ func UpdateSource(ctx context.Context, source *Source) error {
} }
// CountSources returns number of login sources. // CountSources returns number of login sources.
func CountSources(ctx context.Context) int64 { func CountSources(ctx context.Context, opts FindSourcesOptions) int64 {
count, _ := db.GetEngine(ctx).Count(new(Source)) count, _ := db.GetEngine(ctx).Where(opts.ToConds()).Count(new(Source))
return count return count
} }

14
routers/web/admin/auths.go
Unescape View File

@ -48,13 +48,13 @@ func Authentications(ctx *context.Context) {
ctx.Data["PageIsAdminAuthentications"] = true ctx.Data["PageIsAdminAuthentications"] = true
var err error var err error
ctx.Data["Sources"], err = auth.Sources(ctx) ctx.Data["Sources"], err = auth.FindSources(ctx, auth.FindSourcesOptions{})
if err != nil { if err != nil {
ctx.ServerError("auth.Sources", err) ctx.ServerError("auth.Sources", err)
return return
} }
ctx.Data["Total"] = auth.CountSources(ctx) ctx.Data["Total"] = auth.CountSources(ctx, auth.FindSourcesOptions{})
ctx.HTML(http.StatusOK, tplAuths) ctx.HTML(http.StatusOK, tplAuths)
} }
@ -99,7 +99,7 @@ func NewAuthSource(ctx *context.Context) {
ctx.Data["AuthSources"] = authSources ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = smtp.Authenticators ctx.Data["SMTPAuths"] = smtp.Authenticators
oauth2providers := oauth2.GetOAuth2Providers() oauth2providers := oauth2.GetSupportedOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers ctx.Data["OAuth2Providers"] = oauth2providers
ctx.Data["SSPIAutoCreateUsers"] = true ctx.Data["SSPIAutoCreateUsers"] = true
@ -242,7 +242,7 @@ func NewAuthSourcePost(ctx *context.Context) {
ctx.Data["AuthSources"] = authSources ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = smtp.Authenticators ctx.Data["SMTPAuths"] = smtp.Authenticators
oauth2providers := oauth2.GetOAuth2Providers() oauth2providers := oauth2.GetSupportedOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers ctx.Data["OAuth2Providers"] = oauth2providers
ctx.Data["SSPIAutoCreateUsers"] = true ctx.Data["SSPIAutoCreateUsers"] = true
@ -284,7 +284,7 @@ func NewAuthSourcePost(ctx *context.Context) {
ctx.RenderWithErr(err.Error(), tplAuthNew, form) ctx.RenderWithErr(err.Error(), tplAuthNew, form)
return return
} }
existing, err := auth.SourcesByType(ctx, auth.SSPI) existing, err := auth.FindSources(ctx, auth.FindSourcesOptions{LoginType: auth.SSPI})
if err != nil || len(existing) > 0 { if err != nil || len(existing) > 0 {
ctx.Data["Err_Type"] = true ctx.Data["Err_Type"] = true
ctx.RenderWithErr(ctx.Tr("admin.auths.login_source_of_type_exist"), tplAuthNew, form) ctx.RenderWithErr(ctx.Tr("admin.auths.login_source_of_type_exist"), tplAuthNew, form)
@ -334,7 +334,7 @@ func EditAuthSource(ctx *context.Context) {
ctx.Data["SecurityProtocols"] = securityProtocols ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = smtp.Authenticators ctx.Data["SMTPAuths"] = smtp.Authenticators
oauth2providers := oauth2.GetOAuth2Providers() oauth2providers := oauth2.GetSupportedOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers ctx.Data["OAuth2Providers"] = oauth2providers
source, err := auth.GetSourceByID(ctx, ctx.ParamsInt64(":authid")) source, err := auth.GetSourceByID(ctx, ctx.ParamsInt64(":authid"))
@ -368,7 +368,7 @@ func EditAuthSourcePost(ctx *context.Context) {
ctx.Data["PageIsAdminAuthentications"] = true ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["SMTPAuths"] = smtp.Authenticators ctx.Data["SMTPAuths"] = smtp.Authenticators
oauth2providers := oauth2.GetOAuth2Providers() oauth2providers := oauth2.GetSupportedOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers ctx.Data["OAuth2Providers"] = oauth2providers
source, err := auth.GetSourceByID(ctx, ctx.ParamsInt64(":authid")) source, err := auth.GetSourceByID(ctx, ctx.ParamsInt64(":authid"))

10
routers/web/admin/users.go
Unescape View File

@ -90,7 +90,9 @@ func NewUser(ctx *context.Context) {
ctx.Data["login_type"] = "0-0" ctx.Data["login_type"] = "0-0"
sources, err := auth.Sources(ctx) sources, err := auth.FindSources(ctx, auth.FindSourcesOptions{
IsActive: util.OptionalBoolTrue,
})
if err != nil { if err != nil {
ctx.ServerError("auth.Sources", err) ctx.ServerError("auth.Sources", err)
return return
@ -109,7 +111,9 @@ func NewUserPost(ctx *context.Context) {
ctx.Data["DefaultUserVisibilityMode"] = setting.Service.DefaultUserVisibilityMode ctx.Data["DefaultUserVisibilityMode"] = setting.Service.DefaultUserVisibilityMode
ctx.Data["AllowedUserVisibilityModes"] = setting.Service.AllowedUserVisibilityModesSlice.ToVisibleTypeSlice() ctx.Data["AllowedUserVisibilityModes"] = setting.Service.AllowedUserVisibilityModesSlice.ToVisibleTypeSlice()
sources, err := auth.Sources(ctx) sources, err := auth.FindSources(ctx, auth.FindSourcesOptions{
IsActive: util.OptionalBoolTrue,
})
if err != nil { if err != nil {
ctx.ServerError("auth.Sources", err) ctx.ServerError("auth.Sources", err)
return return
@ -230,7 +234,7 @@ func prepareUserInfo(ctx *context.Context) *user_model.User {
ctx.Data["LoginSource"] = &auth.Source{} ctx.Data["LoginSource"] = &auth.Source{}
} }
sources, err := auth.Sources(ctx) sources, err := auth.FindSources(ctx, auth.FindSourcesOptions{})
if err != nil { if err != nil {
ctx.ServerError("auth.Sources", err) ctx.ServerError("auth.Sources", err)
return nil return nil

12
routers/web/auth/auth.go
Unescape View File

@ -160,12 +160,11 @@ func SignIn(ctx *context.Context) {
return return
} }
orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers(ctx) oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, util.OptionalBoolTrue)
if err != nil { if err != nil {
ctx.ServerError("UserSignIn", err) ctx.ServerError("UserSignIn", err)
return return
} }
ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names
ctx.Data["OAuth2Providers"] = oauth2Providers ctx.Data["OAuth2Providers"] = oauth2Providers
ctx.Data["Title"] = ctx.Tr("sign_in") ctx.Data["Title"] = ctx.Tr("sign_in")
ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login" ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login"
@ -184,12 +183,11 @@ func SignIn(ctx *context.Context) {
func SignInPost(ctx *context.Context) { func SignInPost(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("sign_in") ctx.Data["Title"] = ctx.Tr("sign_in")
orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers(ctx) oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, util.OptionalBoolTrue)
if err != nil { if err != nil {
ctx.ServerError("UserSignIn", err) ctx.ServerError("UserSignIn", err)
return return
} }
ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names
ctx.Data["OAuth2Providers"] = oauth2Providers ctx.Data["OAuth2Providers"] = oauth2Providers
ctx.Data["Title"] = ctx.Tr("sign_in") ctx.Data["Title"] = ctx.Tr("sign_in")
ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login" ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login"
@ -408,13 +406,12 @@ func SignUp(ctx *context.Context) {
ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up" ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up"
orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers(ctx) oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, util.OptionalBoolTrue)
if err != nil { if err != nil {
ctx.ServerError("UserSignUp", err) ctx.ServerError("UserSignUp", err)
return return
} }
ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names
ctx.Data["OAuth2Providers"] = oauth2Providers ctx.Data["OAuth2Providers"] = oauth2Providers
context.SetCaptchaData(ctx) context.SetCaptchaData(ctx)
@ -438,13 +435,12 @@ func SignUpPost(ctx *context.Context) {
ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up" ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up"
orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers(ctx) oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, util.OptionalBoolTrue)
if err != nil { if err != nil {
ctx.ServerError("UserSignUp", err) ctx.ServerError("UserSignUp", err)
return return
} }
ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names
ctx.Data["OAuth2Providers"] = oauth2Providers ctx.Data["OAuth2Providers"] = oauth2Providers
context.SetCaptchaData(ctx) context.SetCaptchaData(ctx)

26
routers/web/user/setting/security/security.go
Unescape View File

@ -6,12 +6,14 @@ package security
import ( import (
"net/http" "net/http"
"sort"
auth_model "code.gitea.io/gitea/models/auth" auth_model "code.gitea.io/gitea/models/auth"
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/services/auth/source/oauth2" "code.gitea.io/gitea/services/auth/source/oauth2"
) )
@ -105,11 +107,31 @@ func loadSecurityData(ctx *context.Context) {
} }
ctx.Data["AccountLinks"] = sources ctx.Data["AccountLinks"] = sources
orderedOAuth2Names, oauth2Providers, err := oauth2.GetActiveOAuth2Providers(ctx) authSources, err := auth_model.FindSources(ctx, auth_model.FindSourcesOptions{
IsActive: util.OptionalBoolNone,
LoginType: auth_model.OAuth2,
})
if err != nil { if err != nil {
ctx.ServerError("GetActiveOAuth2Providers", err) ctx.ServerError("FindSources", err)
return return
} }
var orderedOAuth2Names []string
oauth2Providers := make(map[string]oauth2.Provider)
for _, source := range authSources {
provider, err := oauth2.CreateProviderFromSource(source)
if err != nil {
ctx.ServerError("CreateProviderFromSource", err)
return
}
oauth2Providers[source.Name] = provider
if source.IsActive {
orderedOAuth2Names = append(orderedOAuth2Names, source.Name)
}
}
sort.Strings(orderedOAuth2Names)
ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names ctx.Data["OrderedOAuth2Names"] = orderedOAuth2Names
ctx.Data["OAuth2Providers"] = oauth2Providers ctx.Data["OAuth2Providers"] = oauth2Providers

5
services/auth/signin.go
Unescape View File

@ -11,6 +11,7 @@ import (
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/services/auth/source/oauth2" "code.gitea.io/gitea/services/auth/source/oauth2"
"code.gitea.io/gitea/services/auth/source/smtp" "code.gitea.io/gitea/services/auth/source/smtp"
@ -85,7 +86,9 @@ func UserSignIn(ctx context.Context, username, password string) (*user_model.Use
} }
} }
sources, err := auth.AllActiveSources(ctx) sources, err := auth.FindSources(ctx, auth.FindSourcesOptions{
IsActive: util.OptionalBoolTrue,
})
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }

9
services/auth/source/oauth2/init.go
Unescape View File

@ -12,6 +12,7 @@ import (
"code.gitea.io/gitea/models/auth" "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"github.com/google/uuid" "github.com/google/uuid"
"github.com/gorilla/sessions" "github.com/gorilla/sessions"
@ -63,7 +64,13 @@ func ResetOAuth2(ctx context.Context) error {
// initOAuth2Sources is used to load and register all active OAuth2 providers // initOAuth2Sources is used to load and register all active OAuth2 providers
func initOAuth2Sources(ctx context.Context) error { func initOAuth2Sources(ctx context.Context) error {
authSources, _ := auth.GetActiveOAuth2ProviderSources(ctx) authSources, err := auth.FindSources(ctx, auth.FindSourcesOptions{
IsActive: util.OptionalBoolTrue,
LoginType: auth.OAuth2,
})
if err != nil {
return err
}
for _, source := range authSources { for _, source := range authSources {
oauth2Source, ok := source.Cfg.(*Source) oauth2Source, ok := source.Cfg.(*Source)
if !ok { if !ok {

47
services/auth/source/oauth2/providers.go
Unescape View File

@ -15,6 +15,7 @@ import (
"code.gitea.io/gitea/models/auth" "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"github.com/markbates/goth" "github.com/markbates/goth"
) )
@ -80,10 +81,10 @@ func RegisterGothProvider(provider GothProvider) {
gothProviders[provider.Name()] = provider gothProviders[provider.Name()] = provider
} }
// GetOAuth2Providers returns the map of unconfigured OAuth2 providers // GetSupportedOAuth2Providers returns the map of unconfigured OAuth2 providers
// key is used as technical name (like in the callbackURL) // key is used as technical name (like in the callbackURL)
// values to display // values to display
func GetOAuth2Providers() []Provider { func GetSupportedOAuth2Providers() []Provider {
providers := make([]Provider, 0, len(gothProviders)) providers := make([]Provider, 0, len(gothProviders))
for _, provider := range gothProviders { for _, provider := range gothProviders {
@ -95,33 +96,39 @@ func GetOAuth2Providers() []Provider {
return providers return providers
} }
// GetActiveOAuth2Providers returns the map of configured active OAuth2 providers func CreateProviderFromSource(source *auth.Source) (Provider, error) {
// key is used as technical name (like in the callbackURL) oauth2Cfg, ok := source.Cfg.(*Source)
// values to display if !ok {
func GetActiveOAuth2Providers(ctx context.Context) ([]string, map[string]Provider, error) { return nil, fmt.Errorf("invalid OAuth2 source config: %v", oauth2Cfg)
// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type }
gothProv := gothProviders[oauth2Cfg.Provider]
return &AuthSourceProvider{GothProvider: gothProv, sourceName: source.Name, iconURL: oauth2Cfg.IconURL}, nil
}
authSources, err := auth.GetActiveOAuth2ProviderSources(ctx) // GetOAuth2Providers returns the list of configured OAuth2 providers
func GetOAuth2Providers(ctx context.Context, isActive util.OptionalBool) ([]Provider, error) {
authSources, err := auth.FindSources(ctx, auth.FindSourcesOptions{
IsActive: isActive,
LoginType: auth.OAuth2,
})
if err != nil { if err != nil {
return nil, nil, err return nil, err
} }
var orderedKeys []string providers := make([]Provider, 0, len(authSources))
providers := make(map[string]Provider)
for _, source := range authSources { for _, source := range authSources {
oauth2Cfg, ok := source.Cfg.(*Source) provider, err := CreateProviderFromSource(source)
if !ok { if err != nil {
log.Error("Invalid OAuth2 source config: %v", oauth2Cfg) return nil, err
continue
} }
gothProv := gothProviders[oauth2Cfg.Provider] providers = append(providers, provider)
providers[source.Name] = &AuthSourceProvider{GothProvider: gothProv, sourceName: source.Name, iconURL: oauth2Cfg.IconURL}
orderedKeys = append(orderedKeys, source.Name)
} }
sort.Strings(orderedKeys) sort.Slice(providers, func(i, j int) bool {
return providers[i].Name() < providers[j].Name()
})
return orderedKeys, providers, nil return providers, nil
} }
// RegisterProviderWithGothic register a OAuth2 provider in goth lib // RegisterProviderWithGothic register a OAuth2 provider in goth lib

5
services/auth/sspi.go
Unescape View File

@ -130,7 +130,10 @@ func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore,
// getConfig retrieves the SSPI configuration from login sources // getConfig retrieves the SSPI configuration from login sources
func (s *SSPI) getConfig(ctx context.Context) (*sspi.Source, error) { func (s *SSPI) getConfig(ctx context.Context) (*sspi.Source, error) {
sources, err := auth.ActiveSources(ctx, auth.SSPI) sources, err := auth.FindSources(ctx, auth.FindSourcesOptions{
IsActive: util.OptionalBoolTrue,
LoginType: auth.SSPI,
})
if err != nil { if err != nil {
return nil, err return nil, err
} }

2
services/auth/sync.go
Unescape View File

@ -15,7 +15,7 @@ import (
func SyncExternalUsers(ctx context.Context, updateExisting bool) error { func SyncExternalUsers(ctx context.Context, updateExisting bool) error {
log.Trace("Doing: SyncExternalUsers") log.Trace("Doing: SyncExternalUsers")
ls, err := auth.Sources(ctx) ls, err := auth.FindSources(ctx, auth.FindSourcesOptions{})
if err != nil { if err != nil {
log.Error("SyncExternalUsers: %v", err) log.Error("SyncExternalUsers: %v", err)
return err return err

7
templates/user/auth/signin_inner.tmpl
Unescape View File

@ -52,16 +52,15 @@
</div> </div>
{{end}} {{end}}
{{if and .OrderedOAuth2Names .OAuth2Providers}} {{if .OAuth2Providers}}
<div class="divider divider-text"> <div class="divider divider-text">
{{ctx.Locale.Tr "sign_in_or"}} {{ctx.Locale.Tr "sign_in_or"}}
</div> </div>
<div id="oauth2-login-navigator" class="gt-py-2"> <div id="oauth2-login-navigator" class="gt-py-2">
<div class="gt-df gt-fc gt-jc"> <div class="gt-df gt-fc gt-jc">
<div id="oauth2-login-navigator-inner" class="gt-df gt-fc gt-fw gt-ac gt-gap-3"> <div id="oauth2-login-navigator-inner" class="gt-df gt-fc gt-fw gt-ac gt-gap-3">
{{range $key := .OrderedOAuth2Names}} {{range $provider := .OAuth2Providers}}
{{$provider := index $.OAuth2Providers $key}} <a class="{{$provider.Name}} ui button gt-df gt-ac gt-jc gt-py-3 oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$provider.Name}}">
<a class="{{$provider.Name}} ui button gt-df gt-ac gt-jc gt-py-3 oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$key}}">
{{$provider.IconHTML 28}} {{$provider.IconHTML 28}}
{{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}} {{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}}
</a> </a>

7
templates/user/auth/signup_inner.tmpl
Unescape View File

@ -56,16 +56,15 @@
{{end}} {{end}}
{{end}} {{end}}
{{if and .OrderedOAuth2Names .OAuth2Providers}} {{if .OAuth2Providers}}
<div class="divider divider-text"> <div class="divider divider-text">
{{ctx.Locale.Tr "sign_in_or"}} {{ctx.Locale.Tr "sign_in_or"}}
</div> </div>
<div id="oauth2-login-navigator" class="gt-py-2"> <div id="oauth2-login-navigator" class="gt-py-2">
<div class="gt-df gt-fc gt-jc"> <div class="gt-df gt-fc gt-jc">
<div id="oauth2-login-navigator-inner" class="gt-df gt-fc gt-fw gt-ac gt-gap-3"> <div id="oauth2-login-navigator-inner" class="gt-df gt-fc gt-fw gt-ac gt-gap-3">
{{range $key := .OrderedOAuth2Names}} {{range $provider := .OAuth2Providers}}
{{$provider := index $.OAuth2Providers $key}} <a class="{{$provider.Name}} ui button gt-df gt-ac gt-jc gt-py-3 oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$provider.Name}}">
<a class="{{$provider.Name}} ui button gt-df gt-ac gt-jc gt-py-3 oauth-login-link" href="{{AppSubUrl}}/user/oauth2/{{$key}}">
{{$provider.IconHTML 28}} {{$provider.IconHTML 28}}
{{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}} {{ctx.Locale.Tr "sign_in_with_provider" $provider.DisplayName}}
</a> </a>

Write Preview
Loading…
Cancel
Save