Penpot/penpot
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2025-03-12 07:41:43 -05:00
Code Issues Activity

🐛 Fix github auth without public email

Browse source
This commit is contained in:
Alejandro Alonso 2022-05-26 09:51:14 +02:00 committed by Alonso Torres
parent 36390be72a
commit ea6c34f6b2
1 changed files with 43 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
backend/src/app/http/oauth.clj
View file

@ -81,14 +81,28 @@
:timeout 6000 :timeout 6000
:method :get})) :method :get}))
(validate-response [{:keys [status body] :as res}] (retrieve-emails []
(when-not (= 200 status) (if (some? (:emails-uri provider))
(http-client {:uri (:emails-uri provider)
:headers {"Authorization" (str (:type tdata) " " (:token tdata))}
:timeout 6000
:method :get})
(p/resolved {:status 200})))
(validate-response [[retrieve-res emails-res]]
(when-not (s/int-in-range? 200 300 (:status retrieve-res))
(ex/raise :type :internal (ex/raise :type :internal
:code :unable-to-retrieve-user-info :code :unable-to-retrieve-user-info
:hint "unable to retrieve user info" :hint "unable to retrieve user info"
:http-status status :http-status (:status retrieve-res)
:http-body body)) :http-body (:body retrieve-res)))
res) (when-not (s/int-in-range? 200 300 (:status emails-res))
(ex/raise :type :internal
:code :unable-to-retrieve-user-info
:hint "unable to retrieve user info"
:http-status (:status emails-res)
:http-body (:body emails-res)))
[retrieve-res emails-res])
(get-email [info] (get-email [info]
(let [attr-kw (cf/get :oidc-email-attr :email)] (let [attr-kw (cf/get :oidc-email-attr :email)]
@ -98,10 +112,13 @@
(let [attr-kw (cf/get :oidc-name-attr :name)] (let [attr-kw (cf/get :oidc-name-attr :name)]
(get info attr-kw))) (get info attr-kw)))
(process-response [{:keys [body]}] (process-response [[retrieve-res emails-res]]
(let [info (json/read body)] (let [info (json/read (:body retrieve-res))
email (if (some? (:extract-email-callback provider))
((:extract-email-callback provider) emails-res)
(get-email info))]
{:backend (:name provider) {:backend (:name provider)
:email (get-email info) :email email
:fullname (get-name info) :fullname (get-name info)
:props (->> (dissoc info :name :email) :props (->> (dissoc info :name :email)
(qualify-props provider))})) (qualify-props provider))}))
@ -116,7 +133,7 @@
:info info)) :info info))
info)] info)]
(-> (retrieve) (-> (p/all [(retrieve) (retrieve-emails)])
(p/then' validate-response) (p/then' validate-response)
(p/then' process-response) (p/then' process-response)
(p/then' validate-info)))) (p/then' validate-info))))
@ -386,6 +403,14 @@
(assoc-in cfg [:providers "google"] opts)) (assoc-in cfg [:providers "google"] opts))
cfg))) cfg)))
(defn extract-github-email
[response]
(let [emails (json/read (:body response))
primary-email (->> emails
(filter #(:primary %))
first)]
(:email primary-email)))
(defn- initialize-github-provider (defn- initialize-github-provider
[cfg] [cfg]
(let [opts {:client-id (cf/get :github-client-id) (let [opts {:client-id (cf/get :github-client-id)
@ -393,6 +418,8 @@
:scopes #{"read:user" "user:email"} :scopes #{"read:user" "user:email"}
:auth-uri "https://github.com/login/oauth/authorize" :auth-uri "https://github.com/login/oauth/authorize"
:token-uri "https://github.com/login/oauth/access_token" :token-uri "https://github.com/login/oauth/access_token"
:emails-uri "https://api.github.com/user/emails"
:extract-email-callback extract-github-email
:user-uri "https://api.github.com/user" :user-uri "https://api.github.com/user"
:name "github"}] :name "github"}]
(if (and (string? (:client-id opts)) (if (and (string? (:client-id opts))