optional profile load for oauth
This commit is contained in:
parent
0f5061e9e9
commit
e828d450d3
@ -16,8 +16,8 @@ Defined in the section: `auth.oauth2`
|
||||
* `callback_url` - redirect URL, must point to your sever plus `/ui/auth/oauth2/callback`
|
||||
* `auth_url` - authenticate URL, different for each provider
|
||||
* `token_url` - issue token URL, different for each provider
|
||||
* `profile_url` - URL that should return user JSON profile on GET request with authorization by token
|
||||
* `login_field` - filed name (should be string) in profile that identifies user (ex: `login`, `username` or `email`)
|
||||
* `profile_url` (optional) - URL that should return user JSON profile on GET request with authorization by token; if not defined login will an empty string
|
||||
* `login_field` - (required only if `profile_url` set) filed name (should be string) in profile that identifies user (ex: `login`, `username` or `email`)
|
||||
* `scopes` (optional) - list of OAuth2 scopes
|
||||
|
||||
|
||||
|
@ -89,7 +89,7 @@ func (auth Authorization) restrict(redirectTo func(gctx *gin.Context) string, se
|
||||
if !auth.Enabled() {
|
||||
return func(gctx *gin.Context) {
|
||||
gctx.Set(ctxAuthorized, false)
|
||||
gctx.Set(ctxLogin, "anonymous")
|
||||
gctx.Set(ctxLogin, "")
|
||||
gctx.Next()
|
||||
}
|
||||
}
|
||||
|
@ -48,10 +48,12 @@ func (cfg OAuth2) Attach(router gin.IRouter, storage SessionStorage) {
|
||||
|
||||
sessionID := uuid.New().String()
|
||||
session := newOAuthSession(token)
|
||||
err = session.fetchLogin(gctx.Request.Context(), cfg.ProfileURL, cfg.LoginField)
|
||||
if err != nil {
|
||||
_ = gctx.AbortWithError(http.StatusForbidden, err)
|
||||
return
|
||||
if cfg.ProfileURL != "" {
|
||||
err = session.fetchLogin(gctx.Request.Context(), cfg.ProfileURL, cfg.LoginField)
|
||||
if err != nil {
|
||||
_ = gctx.AbortWithError(http.StatusForbidden, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
gctx.SetCookie(sessionCookie, sessionID, 0, "", "", false, true)
|
||||
|
Loading…
Reference in New Issue
Block a user