optional profile load for oauth

This commit is contained in:
Alexander Baryshnikov 2020-10-02 12:40:18 +08:00
parent 0f5061e9e9
commit e828d450d3
3 changed files with 9 additions and 7 deletions

View File

@ -16,8 +16,8 @@ Defined in the section: `auth.oauth2`
* `callback_url` - redirect URL, must point to your sever plus `/ui/auth/oauth2/callback`
* `auth_url` - authenticate URL, different for each provider
* `token_url` - issue token URL, different for each provider
* `profile_url` - URL that should return user JSON profile on GET request with authorization by token
* `login_field` - filed name (should be string) in profile that identifies user (ex: `login`, `username` or `email`)
* `profile_url` (optional) - URL that should return user JSON profile on GET request with authorization by token; if not defined login will an empty string
* `login_field` - (required only if `profile_url` set) filed name (should be string) in profile that identifies user (ex: `login`, `username` or `email`)
* `scopes` (optional) - list of OAuth2 scopes

View File

@ -89,7 +89,7 @@ func (auth Authorization) restrict(redirectTo func(gctx *gin.Context) string, se
if !auth.Enabled() {
return func(gctx *gin.Context) {
gctx.Set(ctxAuthorized, false)
gctx.Set(ctxLogin, "anonymous")
gctx.Set(ctxLogin, "")
gctx.Next()
}
}

View File

@ -48,10 +48,12 @@ func (cfg OAuth2) Attach(router gin.IRouter, storage SessionStorage) {
sessionID := uuid.New().String()
session := newOAuthSession(token)
err = session.fetchLogin(gctx.Request.Context(), cfg.ProfileURL, cfg.LoginField)
if err != nil {
_ = gctx.AbortWithError(http.StatusForbidden, err)
return
if cfg.ProfileURL != "" {
err = session.fetchLogin(gctx.Request.Context(), cfg.ProfileURL, cfg.LoginField)
if err != nil {
_ = gctx.AbortWithError(http.StatusForbidden, err)
return
}
}
gctx.SetCookie(sessionCookie, sessionID, 0, "", "", false, true)