optional profile load for oauth

_docs/ui_authorization.md

@@ -16,8 +16,8 @@ Defined in the section: `auth.oauth2`
 * `callback_url` - redirect URL, must point to your sever plus `/ui/auth/oauth2/callback`
 * `auth_url` - authenticate URL, different for each provider
 * `token_url` - issue token URL, different for each provider
-* `profile_url` - URL that should return user JSON profile on GET request with authorization by token
-* `login_field` - filed name (should be string) in profile that identifies user (ex: `login`, `username` or `email`)
+* `profile_url` (optional) - URL that should return user JSON profile on GET request with authorization by token; if not defined login will an empty string
+* `login_field` - (required only if `profile_url` set)  filed name (should be string) in profile that identifies user (ex: `login`, `username` or `email`)
 * `scopes` (optional) - list of OAuth2 scopes
 
 

server/ui/authorization.go

@@ -89,7 +89,7 @@ func (auth Authorization) restrict(redirectTo func(gctx *gin.Context) string, se
 	if !auth.Enabled() {
 		return func(gctx *gin.Context) {
 			gctx.Set(ctxAuthorized, false)
-			gctx.Set(ctxLogin, "anonymous")
+			gctx.Set(ctxLogin, "")
 			gctx.Next()
 		}
 	}

server/ui/oauth.go

@@ -48,10 +48,12 @@ func (cfg OAuth2) Attach(router gin.IRouter, storage SessionStorage) {
 
 		sessionID := uuid.New().String()
 		session := newOAuthSession(token)
-		err = session.fetchLogin(gctx.Request.Context(), cfg.ProfileURL, cfg.LoginField)
-		if err != nil {
-			_ = gctx.AbortWithError(http.StatusForbidden, err)
-			return
+		if cfg.ProfileURL != "" {
+			err = session.fetchLogin(gctx.Request.Context(), cfg.ProfileURL, cfg.LoginField)
+			if err != nil {
+				_ = gctx.AbortWithError(http.StatusForbidden, err)
+				return
+			}
 		}
 
 		gctx.SetCookie(sessionCookie, sessionID, 0, "", "", false, true)