mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-06-21 02:37:13 -04:00
Refactor auth package (#17962)
This commit is contained in:
Lunny Xiao
GitHub
parent
e61b390d54
commit
de8e3948a5
87 changed files with 2880 additions and 2770 deletions
|
|
@ -5,7 +5,7 @@
|
|||
package db_test
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
auth_model "code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/services/auth"
|
||||
"code.gitea.io/gitea/services/auth/source/db"
|
||||
)
|
||||
|
|
@ -15,7 +15,7 @@ import (
|
|||
|
||||
type sourceInterface interface {
|
||||
auth.PasswordAuthenticator
|
||||
login.Config
|
||||
auth_model.Config
|
||||
}
|
||||
|
||||
var _ (sourceInterface) = &db.Source{}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package db
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
)
|
||||
|
||||
|
|
@ -29,6 +29,6 @@ func (source *Source) Authenticate(user *user_model.User, login, password string
|
|||
}
|
||||
|
||||
func init() {
|
||||
login.RegisterTypeConfig(login.NoType, &Source{})
|
||||
login.RegisterTypeConfig(login.Plain, &Source{})
|
||||
auth.RegisterTypeConfig(auth.NoType, &Source{})
|
||||
auth.RegisterTypeConfig(auth.Plain, &Source{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package ldap_test
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
auth_model "code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/services/auth"
|
||||
"code.gitea.io/gitea/services/auth/source/ldap"
|
||||
)
|
||||
|
|
@ -17,12 +17,12 @@ type sourceInterface interface {
|
|||
auth.PasswordAuthenticator
|
||||
auth.SynchronizableSource
|
||||
auth.LocalTwoFASkipper
|
||||
login.SSHKeyProvider
|
||||
login.Config
|
||||
login.SkipVerifiable
|
||||
login.HasTLSer
|
||||
login.UseTLSer
|
||||
login.SourceSettable
|
||||
auth_model.SSHKeyProvider
|
||||
auth_model.Config
|
||||
auth_model.SkipVerifiable
|
||||
auth_model.HasTLSer
|
||||
auth_model.UseTLSer
|
||||
auth_model.SourceSettable
|
||||
}
|
||||
|
||||
var _ (sourceInterface) = &ldap.Source{}
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ package ldap
|
|||
import (
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/json"
|
||||
"code.gitea.io/gitea/modules/secret"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
|
|
@ -55,8 +55,8 @@ type Source struct {
|
|||
UserUID string // User Attribute listed in Group
|
||||
SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
// reference to the authSource
|
||||
authSource *auth.Source
|
||||
}
|
||||
|
||||
// FromDB fills up a LDAPConfig from serialized format.
|
||||
|
|
@ -109,12 +109,12 @@ func (source *Source) ProvidesSSHKeys() bool {
|
|||
return len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
|
||||
}
|
||||
|
||||
// SetLoginSource sets the related LoginSource
|
||||
func (source *Source) SetLoginSource(loginSource *login.Source) {
|
||||
source.loginSource = loginSource
|
||||
// SetAuthSource sets the related AuthSource
|
||||
func (source *Source) SetAuthSource(authSource *auth.Source) {
|
||||
source.authSource = authSource
|
||||
}
|
||||
|
||||
func init() {
|
||||
login.RegisterTypeConfig(login.LDAP, &Source{})
|
||||
login.RegisterTypeConfig(login.DLDAP, &Source{})
|
||||
auth.RegisterTypeConfig(auth.LDAP, &Source{})
|
||||
auth.RegisterTypeConfig(auth.DLDAP, &Source{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ import (
|
|||
"strings"
|
||||
|
||||
asymkey_model "code.gitea.io/gitea/models/asymkey"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/models/db"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/services/mailer"
|
||||
user_service "code.gitea.io/gitea/services/user"
|
||||
|
|
@ -19,7 +19,7 @@ import (
|
|||
// Authenticate queries if login/password is valid against the LDAP directory pool,
|
||||
// and create a local user if success when enabled.
|
||||
func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) {
|
||||
sr := source.SearchEntry(userName, password, source.loginSource.Type == login.DLDAP)
|
||||
sr := source.SearchEntry(userName, password, source.authSource.Type == auth.DLDAP)
|
||||
if sr == nil {
|
||||
// User not in LDAP, do nothing
|
||||
return nil, user_model.ErrUserNotExist{Name: userName}
|
||||
|
|
@ -59,7 +59,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
|
|||
}
|
||||
|
||||
if user != nil {
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(user, source.loginSource, sr.SSHPublicKey) {
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(user, source.authSource, sr.SSHPublicKey) {
|
||||
return user, asymkey_model.RewriteAllPublicKeys()
|
||||
}
|
||||
|
||||
|
|
@ -80,8 +80,8 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
|
|||
Name: sr.Username,
|
||||
FullName: composeFullName(sr.Name, sr.Surname, sr.Username),
|
||||
Email: sr.Mail,
|
||||
LoginType: source.loginSource.Type,
|
||||
LoginSource: source.loginSource.ID,
|
||||
LoginType: source.authSource.Type,
|
||||
LoginSource: source.authSource.ID,
|
||||
LoginName: userName,
|
||||
IsActive: true,
|
||||
IsAdmin: sr.IsAdmin,
|
||||
|
|
@ -95,7 +95,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
|
|||
|
||||
mailer.SendRegisterNotifyMail(user)
|
||||
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.AddPublicKeysBySource(user, source.loginSource, sr.SSHPublicKey) {
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.AddPublicKeysBySource(user, source.authSource, sr.SSHPublicKey) {
|
||||
err = asymkey_model.RewriteAllPublicKeys()
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -19,22 +19,22 @@ import (
|
|||
|
||||
// Sync causes this ldap source to synchronize its users with the db
|
||||
func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
||||
log.Trace("Doing: SyncExternalUsers[%s]", source.loginSource.Name)
|
||||
log.Trace("Doing: SyncExternalUsers[%s]", source.authSource.Name)
|
||||
|
||||
var existingUsers []int
|
||||
isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0
|
||||
var sshKeysNeedUpdate bool
|
||||
|
||||
// Find all users with this login type - FIXME: Should this be an iterator?
|
||||
users, err := user_model.GetUsersBySource(source.loginSource)
|
||||
users, err := user_model.GetUsersBySource(source.authSource)
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers: %v", err)
|
||||
return err
|
||||
}
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
log.Warn("SyncExternalUsers: Cancelled before update of %s", source.loginSource.Name)
|
||||
return db.ErrCancelledf("Before update of %s", source.loginSource.Name)
|
||||
log.Warn("SyncExternalUsers: Cancelled before update of %s", source.authSource.Name)
|
||||
return db.ErrCancelledf("Before update of %s", source.authSource.Name)
|
||||
default:
|
||||
}
|
||||
|
||||
|
|
@ -44,7 +44,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
|
||||
sr, err := source.SearchEntries()
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers LDAP source failure [%s], skipped", source.loginSource.Name)
|
||||
log.Error("SyncExternalUsers LDAP source failure [%s], skipped", source.authSource.Name)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
@ -65,7 +65,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
for _, su := range sr {
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.loginSource.Name)
|
||||
log.Warn("SyncExternalUsers: Cancelled at update of %s before completed update of users", source.authSource.Name)
|
||||
// Rewrite authorized_keys file if LDAP Public SSH Key attribute is set and any key was added or removed
|
||||
if sshKeysNeedUpdate {
|
||||
err = asymkey_model.RewriteAllPublicKeys()
|
||||
|
|
@ -73,7 +73,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
log.Error("RewriteAllPublicKeys: %v", err)
|
||||
}
|
||||
}
|
||||
return db.ErrCancelledf("During update of %s before completed update of users", source.loginSource.Name)
|
||||
return db.ErrCancelledf("During update of %s before completed update of users", source.authSource.Name)
|
||||
default:
|
||||
}
|
||||
if len(su.Username) == 0 {
|
||||
|
|
@ -96,14 +96,14 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
fullName := composeFullName(su.Name, su.Surname, su.Username)
|
||||
// If no existing user found, create one
|
||||
if usr == nil {
|
||||
log.Trace("SyncExternalUsers[%s]: Creating user %s", source.loginSource.Name, su.Username)
|
||||
log.Trace("SyncExternalUsers[%s]: Creating user %s", source.authSource.Name, su.Username)
|
||||
|
||||
usr = &user_model.User{
|
||||
LowerName: su.LowerName,
|
||||
Name: su.Username,
|
||||
FullName: fullName,
|
||||
LoginType: source.loginSource.Type,
|
||||
LoginSource: source.loginSource.ID,
|
||||
LoginType: source.authSource.Type,
|
||||
LoginSource: source.authSource.ID,
|
||||
LoginName: su.Username,
|
||||
Email: su.Mail,
|
||||
IsAdmin: su.IsAdmin,
|
||||
|
|
@ -114,12 +114,12 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
err = user_model.CreateUser(usr)
|
||||
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.loginSource.Name, su.Username, err)
|
||||
log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.authSource.Name, su.Username, err)
|
||||
}
|
||||
|
||||
if err == nil && isAttributeSSHPublicKeySet {
|
||||
log.Trace("SyncExternalUsers[%s]: Adding LDAP Public SSH Keys for user %s", source.loginSource.Name, usr.Name)
|
||||
if asymkey_model.AddPublicKeysBySource(usr, source.loginSource, su.SSHPublicKey) {
|
||||
log.Trace("SyncExternalUsers[%s]: Adding LDAP Public SSH Keys for user %s", source.authSource.Name, usr.Name)
|
||||
if asymkey_model.AddPublicKeysBySource(usr, source.authSource, su.SSHPublicKey) {
|
||||
sshKeysNeedUpdate = true
|
||||
}
|
||||
}
|
||||
|
|
@ -129,7 +129,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
}
|
||||
} else if updateExisting {
|
||||
// Synchronize SSH Public Key if that attribute is set
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(usr, source.loginSource, su.SSHPublicKey) {
|
||||
if isAttributeSSHPublicKeySet && asymkey_model.SynchronizePublicKeys(usr, source.authSource, su.SSHPublicKey) {
|
||||
sshKeysNeedUpdate = true
|
||||
}
|
||||
|
||||
|
|
@ -140,7 +140,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
usr.FullName != fullName ||
|
||||
!usr.IsActive {
|
||||
|
||||
log.Trace("SyncExternalUsers[%s]: Updating user %s", source.loginSource.Name, usr.Name)
|
||||
log.Trace("SyncExternalUsers[%s]: Updating user %s", source.authSource.Name, usr.Name)
|
||||
|
||||
usr.FullName = fullName
|
||||
usr.Email = su.Mail
|
||||
|
|
@ -156,7 +156,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, usr, "full_name", "email", "is_admin", "is_restricted", "is_active")
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.loginSource.Name, usr.Name, err)
|
||||
log.Error("SyncExternalUsers[%s]: Error updating user %s: %v", source.authSource.Name, usr.Name, err)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -179,8 +179,8 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
|
||||
select {
|
||||
case <-ctx.Done():
|
||||
log.Warn("SyncExternalUsers: Cancelled during update of %s before delete users", source.loginSource.Name)
|
||||
return db.ErrCancelledf("During update of %s before delete users", source.loginSource.Name)
|
||||
log.Warn("SyncExternalUsers: Cancelled during update of %s before delete users", source.authSource.Name)
|
||||
return db.ErrCancelledf("During update of %s before delete users", source.authSource.Name)
|
||||
default:
|
||||
}
|
||||
|
||||
|
|
@ -192,12 +192,12 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error {
|
|||
existPos++
|
||||
}
|
||||
if usr.IsActive && (existPos >= len(existingUsers) || i < existingUsers[existPos]) {
|
||||
log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.loginSource.Name, usr.Name)
|
||||
log.Trace("SyncExternalUsers[%s]: Deactivating user %s", source.authSource.Name, usr.Name)
|
||||
|
||||
usr.IsActive = false
|
||||
err = user_model.UpdateUserCols(db.DefaultContext, usr, "is_active")
|
||||
if err != nil {
|
||||
log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.loginSource.Name, usr.Name, err)
|
||||
log.Error("SyncExternalUsers[%s]: Error deactivating user %s: %v", source.authSource.Name, usr.Name, err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package oauth2_test
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
auth_model "code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/services/auth"
|
||||
"code.gitea.io/gitea/services/auth/source/oauth2"
|
||||
)
|
||||
|
|
@ -14,9 +14,9 @@ import (
|
|||
// It tightly binds the interfaces and implementation without breaking go import cycles
|
||||
|
||||
type sourceInterface interface {
|
||||
login.Config
|
||||
login.SourceSettable
|
||||
login.RegisterableSource
|
||||
auth_model.Config
|
||||
auth_model.SourceSettable
|
||||
auth_model.RegisterableSource
|
||||
auth.PasswordAuthenticator
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import (
|
|||
"net/http"
|
||||
"sync"
|
||||
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
|
||||
|
|
@ -52,19 +52,19 @@ func Init() error {
|
|||
// Unlock our mutex
|
||||
gothRWMutex.Unlock()
|
||||
|
||||
return initOAuth2LoginSources()
|
||||
return initOAuth2Sources()
|
||||
}
|
||||
|
||||
// ResetOAuth2 clears existing OAuth2 providers and loads them from DB
|
||||
func ResetOAuth2() error {
|
||||
ClearProviders()
|
||||
return initOAuth2LoginSources()
|
||||
return initOAuth2Sources()
|
||||
}
|
||||
|
||||
// initOAuth2LoginSources is used to load and register all active OAuth2 providers
|
||||
func initOAuth2LoginSources() error {
|
||||
loginSources, _ := login.GetActiveOAuth2ProviderLoginSources()
|
||||
for _, source := range loginSources {
|
||||
// initOAuth2Sources is used to load and register all active OAuth2 providers
|
||||
func initOAuth2Sources() error {
|
||||
authSources, _ := auth.GetActiveOAuth2ProviderSources()
|
||||
for _, source := range authSources {
|
||||
oauth2Source, ok := source.Cfg.(*Source)
|
||||
if !ok {
|
||||
continue
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ import (
|
|||
"net/url"
|
||||
"sort"
|
||||
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
|
||||
|
|
@ -55,7 +55,7 @@ func NewImagedProvider(image string, provider GothProvider) *ImagedProvider {
|
|||
}
|
||||
|
||||
// Providers contains the map of registered OAuth2 providers in Gitea (based on goth)
|
||||
// key is used to map the OAuth2Provider with the goth provider type (also in LoginSource.OAuth2Config.Provider)
|
||||
// key is used to map the OAuth2Provider with the goth provider type (also in AuthSource.OAuth2Config.Provider)
|
||||
// value is used to store display data
|
||||
var gothProviders = map[string]GothProvider{}
|
||||
|
||||
|
|
@ -88,14 +88,14 @@ func GetOAuth2Providers() []Provider {
|
|||
func GetActiveOAuth2Providers() ([]string, map[string]Provider, error) {
|
||||
// Maybe also separate used and unused providers so we can force the registration of only 1 active provider for each type
|
||||
|
||||
loginSources, err := login.GetActiveOAuth2ProviderLoginSources()
|
||||
authSources, err := auth.GetActiveOAuth2ProviderSources()
|
||||
if err != nil {
|
||||
return nil, nil, err
|
||||
}
|
||||
|
||||
var orderedKeys []string
|
||||
providers := make(map[string]Provider)
|
||||
for _, source := range loginSources {
|
||||
for _, source := range authSources {
|
||||
prov := gothProviders[source.Cfg.(*Source).Provider]
|
||||
if source.Cfg.(*Source).IconURL != "" {
|
||||
prov = &ImagedProvider{prov, source.Cfg.(*Source).IconURL}
|
||||
|
|
@ -140,8 +140,8 @@ func ClearProviders() {
|
|||
}
|
||||
|
||||
var (
|
||||
// ErrLoginSourceNotActived login source is not actived error
|
||||
ErrLoginSourceNotActived = errors.New("Login source is not actived")
|
||||
// ErrAuthSourceNotActived login source is not actived error
|
||||
ErrAuthSourceNotActived = errors.New("auth source is not actived")
|
||||
)
|
||||
|
||||
// used to create different types of goth providers
|
||||
|
|
@ -153,7 +153,7 @@ func createProvider(providerName string, source *Source) (goth.Provider, error)
|
|||
|
||||
p, ok := gothProviders[source.Provider]
|
||||
if !ok {
|
||||
return nil, ErrLoginSourceNotActived
|
||||
return nil, ErrAuthSourceNotActived
|
||||
}
|
||||
|
||||
provider, err = p.CreateGothProvider(providerName, callbackURL, source)
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package oauth2
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/json"
|
||||
)
|
||||
|
||||
|
|
@ -33,8 +33,8 @@ type Source struct {
|
|||
RestrictedGroup string
|
||||
SkipLocalTwoFA bool `json:",omitempty"`
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
// reference to the authSource
|
||||
authSource *auth.Source
|
||||
}
|
||||
|
||||
// FromDB fills up an OAuth2Config from serialized format.
|
||||
|
|
@ -47,11 +47,11 @@ func (source *Source) ToDB() ([]byte, error) {
|
|||
return json.Marshal(source)
|
||||
}
|
||||
|
||||
// SetLoginSource sets the related LoginSource
|
||||
func (source *Source) SetLoginSource(loginSource *login.Source) {
|
||||
source.loginSource = loginSource
|
||||
// SetAuthSource sets the related AuthSource
|
||||
func (source *Source) SetAuthSource(authSource *auth.Source) {
|
||||
source.authSource = authSource
|
||||
}
|
||||
|
||||
func init() {
|
||||
login.RegisterTypeConfig(login.OAuth2, &Source{})
|
||||
auth.RegisterTypeConfig(auth.OAuth2, &Source{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ import (
|
|||
// Callout redirects request/response pair to authenticate against the provider
|
||||
func (source *Source) Callout(request *http.Request, response http.ResponseWriter) error {
|
||||
// not sure if goth is thread safe (?) when using multiple providers
|
||||
request.Header.Set(ProviderHeaderKey, source.loginSource.Name)
|
||||
request.Header.Set(ProviderHeaderKey, source.authSource.Name)
|
||||
|
||||
// don't use the default gothic begin handler to prevent issues when some error occurs
|
||||
// normally the gothic library will write some custom stuff to the response instead of our own nice error page
|
||||
|
|
@ -34,7 +34,7 @@ func (source *Source) Callout(request *http.Request, response http.ResponseWrite
|
|||
// this will trigger a new authentication request, but because we save it in the session we can use that
|
||||
func (source *Source) Callback(request *http.Request, response http.ResponseWriter) (goth.User, error) {
|
||||
// not sure if goth is thread safe (?) when using multiple providers
|
||||
request.Header.Set(ProviderHeaderKey, source.loginSource.Name)
|
||||
request.Header.Set(ProviderHeaderKey, source.authSource.Name)
|
||||
|
||||
gothRWMutex.RLock()
|
||||
defer gothRWMutex.RUnlock()
|
||||
|
|
|
|||
|
|
@ -10,13 +10,13 @@ import (
|
|||
|
||||
// RegisterSource causes an OAuth2 configuration to be registered
|
||||
func (source *Source) RegisterSource() error {
|
||||
err := RegisterProviderWithGothic(source.loginSource.Name, source)
|
||||
return wrapOpenIDConnectInitializeError(err, source.loginSource.Name, source)
|
||||
err := RegisterProviderWithGothic(source.authSource.Name, source)
|
||||
return wrapOpenIDConnectInitializeError(err, source.authSource.Name, source)
|
||||
}
|
||||
|
||||
// UnregisterSource causes an OAuth2 configuration to be unregistered
|
||||
func (source *Source) UnregisterSource() error {
|
||||
RemoveProviderFromGothic(source.loginSource.Name)
|
||||
RemoveProviderFromGothic(source.authSource.Name)
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package pam_test
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
auth_model "code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/services/auth"
|
||||
"code.gitea.io/gitea/services/auth/source/pam"
|
||||
)
|
||||
|
|
@ -15,8 +15,8 @@ import (
|
|||
|
||||
type sourceInterface interface {
|
||||
auth.PasswordAuthenticator
|
||||
login.Config
|
||||
login.SourceSettable
|
||||
auth_model.Config
|
||||
auth_model.SourceSettable
|
||||
}
|
||||
|
||||
var _ (sourceInterface) = &pam.Source{}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package pam
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/json"
|
||||
)
|
||||
|
||||
|
|
@ -22,8 +22,8 @@ type Source struct {
|
|||
EmailDomain string
|
||||
SkipLocalTwoFA bool `json:",omitempty"` // Skip Local 2fa for users authenticated with this source
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
// reference to the authSource
|
||||
authSource *auth.Source
|
||||
}
|
||||
|
||||
// FromDB fills up a PAMConfig from serialized format.
|
||||
|
|
@ -36,11 +36,11 @@ func (source *Source) ToDB() ([]byte, error) {
|
|||
return json.Marshal(source)
|
||||
}
|
||||
|
||||
// SetLoginSource sets the related LoginSource
|
||||
func (source *Source) SetLoginSource(loginSource *login.Source) {
|
||||
source.loginSource = loginSource
|
||||
// SetAuthSource sets the related AuthSource
|
||||
func (source *Source) SetAuthSource(authSource *auth.Source) {
|
||||
source.authSource = authSource
|
||||
}
|
||||
|
||||
func init() {
|
||||
login.RegisterTypeConfig(login.PAM, &Source{})
|
||||
auth.RegisterTypeConfig(auth.PAM, &Source{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ import (
|
|||
"fmt"
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/auth/pam"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
|
|
@ -55,8 +55,8 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
|
|||
Name: username,
|
||||
Email: email,
|
||||
Passwd: password,
|
||||
LoginType: login.PAM,
|
||||
LoginSource: source.loginSource.ID,
|
||||
LoginType: auth.PAM,
|
||||
LoginSource: source.authSource.ID,
|
||||
LoginName: userName, // This is what the user typed in
|
||||
IsActive: true,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package smtp_test
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
auth_model "code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/services/auth"
|
||||
"code.gitea.io/gitea/services/auth/source/smtp"
|
||||
)
|
||||
|
|
@ -15,11 +15,11 @@ import (
|
|||
|
||||
type sourceInterface interface {
|
||||
auth.PasswordAuthenticator
|
||||
login.Config
|
||||
login.SkipVerifiable
|
||||
login.HasTLSer
|
||||
login.UseTLSer
|
||||
login.SourceSettable
|
||||
auth_model.Config
|
||||
auth_model.SkipVerifiable
|
||||
auth_model.HasTLSer
|
||||
auth_model.UseTLSer
|
||||
auth_model.SourceSettable
|
||||
}
|
||||
|
||||
var _ (sourceInterface) = &smtp.Source{}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package smtp
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/json"
|
||||
)
|
||||
|
||||
|
|
@ -28,8 +28,8 @@ type Source struct {
|
|||
DisableHelo bool
|
||||
SkipLocalTwoFA bool `json:",omitempty"`
|
||||
|
||||
// reference to the loginSource
|
||||
loginSource *login.Source
|
||||
// reference to the authSource
|
||||
authSource *auth.Source
|
||||
}
|
||||
|
||||
// FromDB fills up an SMTPConfig from serialized format.
|
||||
|
|
@ -57,11 +57,11 @@ func (source *Source) UseTLS() bool {
|
|||
return source.ForceSMTPS || source.Port == 465
|
||||
}
|
||||
|
||||
// SetLoginSource sets the related LoginSource
|
||||
func (source *Source) SetLoginSource(loginSource *login.Source) {
|
||||
source.loginSource = loginSource
|
||||
// SetAuthSource sets the related AuthSource
|
||||
func (source *Source) SetAuthSource(authSource *auth.Source) {
|
||||
source.authSource = authSource
|
||||
}
|
||||
|
||||
func init() {
|
||||
login.RegisterTypeConfig(login.SMTP, &Source{})
|
||||
auth.RegisterTypeConfig(auth.SMTP, &Source{})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ import (
|
|||
"net/textproto"
|
||||
"strings"
|
||||
|
||||
"code.gitea.io/gitea/models/login"
|
||||
auth_model "code.gitea.io/gitea/models/auth"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
"code.gitea.io/gitea/services/mailer"
|
||||
|
|
@ -71,8 +71,8 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str
|
|||
Name: strings.ToLower(username),
|
||||
Email: userName,
|
||||
Passwd: password,
|
||||
LoginType: login.SMTP,
|
||||
LoginSource: source.loginSource.ID,
|
||||
LoginType: auth_model.SMTP,
|
||||
LoginSource: source.authSource.ID,
|
||||
LoginName: userName,
|
||||
IsActive: true,
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package sspi_test
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/services/auth/source/sspi"
|
||||
)
|
||||
|
||||
|
|
@ -13,7 +13,7 @@ import (
|
|||
// It tightly binds the interfaces and implementation without breaking go import cycles
|
||||
|
||||
type sourceInterface interface {
|
||||
login.Config
|
||||
auth.Config
|
||||
}
|
||||
|
||||
var _ (sourceInterface) = &sspi.Source{}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
package sspi
|
||||
|
||||
import (
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/models/auth"
|
||||
"code.gitea.io/gitea/modules/json"
|
||||
)
|
||||
|
||||
|
|
@ -36,5 +36,5 @@ func (cfg *Source) ToDB() ([]byte, error) {
|
|||
}
|
||||
|
||||
func init() {
|
||||
login.RegisterTypeConfig(login.SSPI, &Source{})
|
||||
auth.RegisterTypeConfig(auth.SSPI, &Source{})
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue