Client key and secret Oauth in config

2025-03-19 02:31:17 -05:00 · 2023-04-17 19:11:32 +02:00 · 2023-04-17 19:11:32 +02:00 · 4008b7ce38
commit 4008b7ce38
parent a6c5696ceb
5 changed files with 64 additions and 16 deletions
--- a/config.yml
+++ b/config.yml
@ -53,3 +53,17 @@ ssh.external-domain:

 # Path or alias to ssh-keygen executable. Default: ssh-keygen
 ssh.keygen-executable: ssh-keygen
+
+
+# OAuth2 configuration
+# The callback/redirect URL must be http://opengist.domain/oauth/<github|gitea>/callback
+
+# To create a new OAuth2 application using GitHub : https://github.com/settings/applications/new
+github.client-key:
+github.secret:
+
+# To create a new OAuth2 application using Gitea : https://gitea.domain/user/settings/applications
+gitea.client-key: 
+gitea.secret:
+# URL of your Gitea instance. Default: https://gitea.com/
+gitea.url: https://gitea.com/
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -35,6 +35,13 @@ type config struct {
 	SshPort           string `yaml:"ssh.port"`
 	SshExternalDomain string `yaml:"ssh.external-domain"`
 	SshKeygen         string `yaml:"ssh.keygen-executable"`
+
+	GithubClientKey string `yaml:"github.client-key"`
+	GithubSecret    string `yaml:"github.secret"`
+
+	GiteaClientKey string `yaml:"gitea.client-key"`
+	GiteaSecret    string `yaml:"gitea.secret"`
+	GiteaUrl       string `yaml:"gitea.url"`
 }

 func configWithDefaults() (*config, error) {
@ -58,6 +65,8 @@ func configWithDefaults() (*config, error) {
 	c.SshPort = "2222"
 	c.SshKeygen = "ssh-keygen"

+	c.GiteaUrl = "http://gitea.com"
+
 	return c, nil
 }

--- a/internal/models/user.go
+++ b/internal/models/user.go
@ -133,7 +133,7 @@ func (user *User) HasLiked(gist *Gist) (bool, error) {
 	return true, nil
 }

-func (user *User) DeleteProvider(provider string) error {
+func (user *User) DeleteProviderID(provider string) error {
 	switch provider {
 	case "github":
 		return db.Model(&user).Update("github_id", nil).Error
--- a/internal/web/auth.go
+++ b/internal/web/auth.go
@ -6,11 +6,15 @@ import (
 	"errors"
 	"fmt"
 	"github.com/labstack/echo/v4"
+	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
+	"github.com/markbates/goth/providers/gitea"
+	"github.com/markbates/goth/providers/github"
 	"github.com/rs/zerolog/log"
 	"gorm.io/gorm"
 	"io"
 	"net/http"
+	"opengist/internal/config"
 	"opengist/internal/models"
 	"strings"
 )
@ -213,6 +217,39 @@ func oauthCallback(ctx echo.Context) error {
 func oauth(ctx echo.Context) error {
 	provider := ctx.Param("provider")

+	httpProtocol := "http"
+	if ctx.Request().TLS != nil || ctx.Request().Header.Get("X-Forwarded-Proto") == "https" {
+		httpProtocol = "https"
+	}
+
+	httpDomain := httpProtocol + "://" + ctx.Request().Host
+	giteaUrl := config.C.GiteaUrl
+	// remove trailing slash
+	if giteaUrl[len(giteaUrl)-1] == '/' {
+		giteaUrl = giteaUrl[:len(giteaUrl)-1]
+	}
+
+	switch provider {
+	case "github":
+		goth.UseProviders(
+			github.New(
+				config.C.GithubClientKey,
+				config.C.GithubSecret,
+				httpDomain+"/oauth/github/callback"),
+		)
+
+	case "gitea":
+		goth.UseProviders(
+			gitea.NewCustomisedURL(
+				config.C.GiteaClientKey,
+				config.C.GiteaSecret,
+				httpDomain+"/oauth/gitea/callback",
+				giteaUrl+"/login/oauth/authorize",
+				giteaUrl+"/login/oauth/access_token",
+				giteaUrl+"/api/v1/user"),
+		)
+	}
+
 	currUser := getUserLogged(ctx)
 	if currUser != nil {
 		isDelete := false
@ -221,12 +258,12 @@ func oauth(ctx echo.Context) error {
 		case "github":
 			if currUser.GithubID != "" {
 				isDelete = true
-				err = currUser.DeleteProvider(provider)
+				err = currUser.DeleteProviderID(provider)
 			}
 		case "gitea":
 			if currUser.GiteaID != "" {
 				isDelete = true
-				err = currUser.DeleteProvider(provider)
+				err = currUser.DeleteProviderID(provider)
 			}
 		}

--- a/internal/web/run.go
+++ b/internal/web/run.go
@ -8,10 +8,7 @@ import (
 	"github.com/gorilla/sessions"
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
-	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
-	"github.com/markbates/goth/providers/gitea"
-	"github.com/markbates/goth/providers/github"
 	"github.com/rs/zerolog/log"
 	"html/template"
 	"io"
@ -101,16 +98,7 @@ func (t *Template) Render(w io.Writer, name string, data interface{}, _ echo.Con
 func Start() {
 	store = sessions.NewCookieStore([]byte("opengist"))
 	gothic.Store = store
-	goth.UseProviders(
-		github.New("d92c7e165383b2804407", "ffc450216b9776a752cdb0e533f953f65ce632a3", "http://localhost:6157/oauth/github/callback"),
-		gitea.NewCustomisedURL(
-			"efdd0fed-6972-42ce-8f9f-e65b9fd0ca09",
-			"gto_dwilh6ia4nic4f4dt5owv4h7rvuss5ajw2ctqqa44xcpwevyg6wq",
-			"http://localhost:6157/oauth/gitea/callback",
-			"http://localhost:3000/login/oauth/authorize",
-			"http://localhost:3000/login/oauth/access_token",
-			"http://localhost:3000/api/v1/user"),
-	)
+
 	assetsFS := echo.MustSubFS(EmbedFS, "public/assets")

 	e := echo.New()