1
1
mirror of https://github.com/go-gitea/gitea synced 2025-01-22 15:44:27 +00:00
Willem van Dreumel 01d957677f Oauth2 consumer (#679)
* initial stuff for oauth2 login, fails on:
* login button on the signIn page to start the OAuth2 flow and a callback for each provider
Only GitHub is implemented for now
* show login button only when the OAuth2 consumer is configured (and activated)
* create macaron group for oauth2 urls
* prevent net/http in modules (other then oauth2)
* use a new data sessions oauth2 folder for storing the oauth2 session data
* add missing 2FA when this is enabled on the user
* add password option for OAuth2 user , for use with git over http and login to the GUI
* add tip for registering a GitHub OAuth application
* at startup of Gitea register all configured providers and also on adding/deleting of new providers
* custom handling of errors in oauth2 request init + show better tip
* add ExternalLoginUser model and migration script to add it to database
* link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed
* remove the linked external account from the user his settings
* if user is unknown we allow him to register a new account or link it to some existing account
* sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers)

* from gorilla/sessions docs:
"Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!"
(we're using gorilla/sessions for storing oauth2 sessions)

* use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
2017-02-22 08:14:37 +01:00
..
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00
2017-02-22 08:14:37 +01:00

Goth: Multi-Provider Authentication for Go GoDoc Build Status

Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.

Unlike other similar packages, Goth, lets you write OAuth, OAuth2, or any other protocol providers, as long as they implement the Provider and Session interfaces.

This package was inspired by https://github.com/intridea/omniauth.

Installation

$ go get github.com/markbates/goth

Supported Providers

  • Amazon
  • Auth0
  • Bitbucket
  • Box
  • Cloud Foundry
  • Dailymotion
  • Deezer
  • Digital Ocean
  • Discord
  • Dropbox
  • Facebook
  • Fitbit
  • GitHub
  • Gitlab
  • Google+
  • Heroku
  • InfluxCloud
  • Instagram
  • Intercom
  • Lastfm
  • Linkedin
  • Meetup
  • OneDrive
  • OpenID Connect (auto discovery)
  • Paypal
  • SalesForce
  • Slack
  • Soundcloud
  • Spotify
  • Steam
  • Stripe
  • Twitch
  • Twitter
  • Uber
  • Wepay
  • Yahoo
  • Yammer

Examples

See the examples folder for a working application that lets users authenticate through Twitter, Facebook, Google Plus etc.

To run the example either clone the source from GitHub

$ git clone git@github.com:markbates/goth.git

or use

$ go get github.com/markbates/goth
$ cd goth/examples
$ go get -v
$ go build 
$ ./examples

Now open up your browser and go to http://localhost:3000 to see the example.

To actually use the different providers, please make sure you configure them given the system environments as defined in the examples/main.go file

Issues

Issues always stand a significantly better chance of getting fixed if the are accompanied by a pull request.

Contributing

Would I love to see more providers? Certainly! Would you love to contribute one? Hopefully, yes!

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Write Tests!
  4. Commit your changes (git commit -am 'Add some feature')
  5. Push to the branch (git push origin my-new-feature)
  6. Create new Pull Request

Contributors

  • Mark Bates
  • Tyler Bunnell
  • Corey McGrillis
  • willemvd
  • Rakesh Goyal
  • Andy Grunwald
  • Glenn Walker
  • Kevin Fitzpatrick
  • Ben Tranter
  • Sharad Ganapathy
  • Andrew Chilton
  • sharadgana
  • Aurorae
  • Craig P Jolicoeur
  • Zac Bergquist
  • Geoff Franks
  • Raphael Geronimi
  • Noah Shibley
  • lumost
  • oov
  • Felix Lamouroux
  • Rafael Quintela
  • Tyler
  • DenSm
  • Samy KACIMI
  • dante gray
  • Noah
  • Jacob Walker
  • Marin Martinic
  • Roy
  • Omni Adams
  • Sasa Brankovic
  • dkhamsing
  • Dante Swift
  • Attila Domokos
  • Albin Gilles
  • Syed Zubairuddin
  • Johnny Boursiquot
  • Jerome Touffe-Blin
  • bryanl
  • Masanobu YOSHIOKA
  • Jonathan Hall
  • HaiMing.Yin
  • Sairam Kunala