2021-07-24 11:16:34 +01:00
// Copyright 2021 The Gitea Authors. All rights reserved.
2022-11-27 13:20:29 -05:00
// SPDX-License-Identifier: MIT
2021-07-24 11:16:34 +01:00
package oauth2
import (
2023-10-14 10:37:24 +02:00
"context"
2021-11-03 00:33:54 +00:00
"encoding/gob"
2021-07-24 11:16:34 +01:00
"net/http"
2021-07-29 18:53:18 +01:00
"sync"
2021-07-24 11:16:34 +01:00
2022-01-02 21:12:35 +08:00
"code.gitea.io/gitea/models/auth"
2023-11-24 11:49:41 +08:00
"code.gitea.io/gitea/models/db"
2021-07-24 11:16:34 +01:00
"code.gitea.io/gitea/modules/log"
2024-03-02 16:42:31 +01:00
"code.gitea.io/gitea/modules/optional"
2021-07-24 11:16:34 +01:00
"code.gitea.io/gitea/modules/setting"
"github.com/google/uuid"
2021-11-03 00:33:54 +00:00
"github.com/gorilla/sessions"
2021-07-24 11:16:34 +01:00
"github.com/markbates/goth/gothic"
)
2021-07-29 18:53:18 +01:00
var gothRWMutex = sync . RWMutex { }
2021-07-24 11:16:34 +01:00
// ProviderHeaderKey is the HTTP header key
const ProviderHeaderKey = "gitea-oauth2-provider"
// Init initializes the oauth source
2023-10-14 10:37:24 +02:00
func Init ( ctx context . Context ) error {
2021-07-29 18:53:18 +01:00
// Lock our mutex
gothRWMutex . Lock ( )
2025-11-26 23:25:34 +08:00
gob . Register ( & sessions . Session { } ) // TODO: CHI-SESSION-GOB-REGISTER. FIXME: it seems to be an abuse, why the Session struct itself is stored in session store again?
2021-11-03 00:33:54 +00:00
gothic . Store = & SessionsStore {
maxLength : int64 ( setting . OAuth2 . MaxTokenLength ) ,
}
2021-07-24 11:16:34 +01:00
gothic . SetState = func ( req * http . Request ) string {
return uuid . New ( ) . String ( )
}
gothic . GetProviderName = func ( req * http . Request ) ( string , error ) {
return req . Header . Get ( ProviderHeaderKey ) , nil
}
2021-07-29 18:53:18 +01:00
// Unlock our mutex
gothRWMutex . Unlock ( )
2023-10-14 10:37:24 +02:00
return initOAuth2Sources ( ctx )
2021-07-24 11:16:34 +01:00
}
// ResetOAuth2 clears existing OAuth2 providers and loads them from DB
2023-10-14 10:37:24 +02:00
func ResetOAuth2 ( ctx context . Context ) error {
2021-07-24 11:16:34 +01:00
ClearProviders ( )
2023-10-14 10:37:24 +02:00
return initOAuth2Sources ( ctx )
2021-07-24 11:16:34 +01:00
}
2022-01-02 21:12:35 +08:00
// initOAuth2Sources is used to load and register all active OAuth2 providers
2023-10-14 10:37:24 +02:00
func initOAuth2Sources ( ctx context . Context ) error {
2023-11-24 11:49:41 +08:00
authSources , err := db . Find [ auth . Source ] ( ctx , auth . FindSourcesOptions {
2024-03-02 16:42:31 +01:00
IsActive : optional . Some ( true ) ,
2023-11-03 09:41:00 +08:00
LoginType : auth . OAuth2 ,
} )
if err != nil {
return err
}
2022-01-02 21:12:35 +08:00
for _ , source := range authSources {
2021-07-24 11:16:34 +01:00
oauth2Source , ok := source . Cfg . ( * Source )
if ! ok {
continue
}
err := oauth2Source . RegisterSource ( )
if err != nil {
2021-07-29 18:53:18 +01:00
log . Critical ( "Unable to register source: %s due to Error: %v." , source . Name , err )
2021-07-24 11:16:34 +01:00
}
}
return nil
}