Refactor server code (#407)

internal/auth/oauth/gitea.go

@@ -0,0 +1,117 @@
+package oauth
+
+import (
+	gocontext "context"
+	gojson "encoding/json"
+	"github.com/markbates/goth"
+	"github.com/markbates/goth/gothic"
+	"github.com/markbates/goth/providers/gitea"
+	"github.com/rs/zerolog/log"
+	"github.com/thomiceli/opengist/internal/config"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"io"
+	"net/http"
+)
+
+type GiteaProvider struct {
+	Provider
+	URL string
+}
+
+func (p *GiteaProvider) RegisterProvider() error {
+	goth.UseProviders(
+		gitea.NewCustomisedURL(
+			config.C.GiteaClientKey,
+			config.C.GiteaSecret,
+			urlJoin(p.URL, "/oauth/gitea/callback"),
+			urlJoin(config.C.GiteaUrl, "/login/oauth/authorize"),
+			urlJoin(config.C.GiteaUrl, "/login/oauth/access_token"),
+			urlJoin(config.C.GiteaUrl, "/api/v1/user"),
+		),
+	)
+
+	return nil
+}
+
+func (p *GiteaProvider) BeginAuthHandler(ctx *context.Context) {
+	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GiteaProviderString)
+	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
+
+	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
+}
+
+func (p *GiteaProvider) UserHasProvider(user *db.User) bool {
+	return user.GiteaID != ""
+}
+
+func NewGiteaProvider(url string) *GiteaProvider {
+	return &GiteaProvider{
+		URL: url,
+	}
+}
+
+type GiteaCallbackProvider struct {
+	CallbackProvider
+	User *goth.User
+}
+
+func (p *GiteaCallbackProvider) GetProvider() string {
+	return GiteaProviderString
+}
+
+func (p *GiteaCallbackProvider) GetProviderUser() *goth.User {
+	return p.User
+}
+
+func (p *GiteaCallbackProvider) GetProviderUserID(user *db.User) bool {
+	return user.GiteaID != ""
+}
+
+func (p *GiteaCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
+	resp, err := http.Get(urlJoin(config.C.GiteaUrl, p.User.NickName+".keys"))
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	return readKeys(resp)
+}
+
+func (p *GiteaCallbackProvider) UpdateUserDB(user *db.User) {
+	user.GiteaID = p.User.UserID
+
+	resp, err := http.Get(urlJoin(config.C.GiteaUrl, "/api/v1/users/", p.User.UserID))
+	if err != nil {
+		log.Error().Err(err).Msg("Cannot get user from Gitea")
+		return
+	}
+	defer resp.Body.Close()
+
+	body, err := io.ReadAll(resp.Body)
+	if err != nil {
+		log.Error().Err(err).Msg("Cannot read Gitea response body")
+		return
+	}
+
+	var result map[string]interface{}
+	err = gojson.Unmarshal(body, &result)
+	if err != nil {
+		log.Error().Err(err).Msg("Cannot unmarshal Gitea response body")
+		return
+	}
+
+	field, ok := result["avatar_url"]
+	if !ok {
+		log.Error().Msg("Field 'avatar_url' not found in Gitea JSON response")
+		return
+	}
+
+	user.AvatarURL = field.(string)
+}
+
+func NewGiteaCallbackProvider(user *goth.User) CallbackProvider {
+	return &GiteaCallbackProvider{
+		User: user,
+	}
+}

internal/auth/oauth/github.go

@@ -0,0 +1,84 @@
+package oauth
+
+import (
+	gocontext "context"
+	"github.com/markbates/goth"
+	"github.com/markbates/goth/gothic"
+	"github.com/markbates/goth/providers/github"
+	"github.com/thomiceli/opengist/internal/config"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"net/http"
+)
+
+type GitHubProvider struct {
+	Provider
+	URL string
+}
+
+func (p *GitHubProvider) RegisterProvider() error {
+	goth.UseProviders(
+		github.New(
+			config.C.GithubClientKey,
+			config.C.GithubSecret,
+			urlJoin(p.URL, "/oauth/github/callback"),
+		),
+	)
+
+	return nil
+}
+
+func (p *GitHubProvider) BeginAuthHandler(ctx *context.Context) {
+	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GitHubProviderString)
+	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
+
+	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
+}
+
+func (p *GitHubProvider) UserHasProvider(user *db.User) bool {
+	return user.GithubID != ""
+}
+
+func NewGitHubProvider(url string) *GitHubProvider {
+	return &GitHubProvider{
+		URL: url,
+	}
+}
+
+type GitHubCallbackProvider struct {
+	CallbackProvider
+	User *goth.User
+}
+
+func (p *GitHubCallbackProvider) GetProvider() string {
+	return GitHubProviderString
+}
+
+func (p *GitHubCallbackProvider) GetProviderUser() *goth.User {
+	return p.User
+}
+
+func (p *GitHubCallbackProvider) GetProviderUserID(user *db.User) bool {
+	return user.GithubID != ""
+}
+
+func (p *GitHubCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
+	resp, err := http.Get("https://github.com/" + p.User.NickName + ".keys")
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	return readKeys(resp)
+}
+
+func (p *GitHubCallbackProvider) UpdateUserDB(user *db.User) {
+	user.GithubID = p.User.UserID
+	user.AvatarURL = "https://avatars.githubusercontent.com/u/" + p.User.UserID + "?v=4"
+}
+
+func NewGitHubCallbackProvider(user *goth.User) CallbackProvider {
+	return &GitHubCallbackProvider{
+		User: user,
+	}
+}

internal/auth/oauth/gitlab.go

@@ -0,0 +1,87 @@
+package oauth
+
+import (
+	gocontext "context"
+	"github.com/markbates/goth"
+	"github.com/markbates/goth/gothic"
+	"github.com/markbates/goth/providers/gitlab"
+	"github.com/thomiceli/opengist/internal/config"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"net/http"
+)
+
+type GitLabProvider struct {
+	Provider
+	URL string
+}
+
+func (p *GitLabProvider) RegisterProvider() error {
+	goth.UseProviders(
+		gitlab.NewCustomisedURL(
+			config.C.GitlabClientKey,
+			config.C.GitlabSecret,
+			urlJoin(p.URL, "/oauth/gitlab/callback"),
+			urlJoin(config.C.GitlabUrl, "/oauth/authorize"),
+			urlJoin(config.C.GitlabUrl, "/oauth/token"),
+			urlJoin(config.C.GitlabUrl, "/api/v4/user"),
+		),
+	)
+
+	return nil
+}
+
+func (p *GitLabProvider) BeginAuthHandler(ctx *context.Context) {
+	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, GitLabProviderString)
+	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
+
+	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
+}
+
+func (p *GitLabProvider) UserHasProvider(user *db.User) bool {
+	return user.GitlabID != ""
+}
+
+func NewGitLabProvider(url string) *GitLabProvider {
+	return &GitLabProvider{
+		URL: url,
+	}
+}
+
+type GitLabCallbackProvider struct {
+	CallbackProvider
+	User *goth.User
+}
+
+func (p *GitLabCallbackProvider) GetProvider() string {
+	return GitLabProviderString
+}
+
+func (p *GitLabCallbackProvider) GetProviderUser() *goth.User {
+	return p.User
+}
+
+func (p *GitLabCallbackProvider) GetProviderUserID(user *db.User) bool {
+	return user.GitlabID != ""
+}
+
+func (p *GitLabCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
+	resp, err := http.Get(urlJoin(config.C.GitlabUrl, p.User.NickName+".keys"))
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	return readKeys(resp)
+}
+
+func (p *GitLabCallbackProvider) UpdateUserDB(user *db.User) {
+	user.GitlabID = p.User.UserID
+	user.AvatarURL = urlJoin(config.C.GitlabUrl, "/uploads/-/system/user/avatar/", p.User.UserID, "/avatar.png") + "?width=400"
+}
+
+func NewGitLabCallbackProvider(user *goth.User) CallbackProvider {
+	return &GitLabCallbackProvider{
+		User: user,
+	}
+}

internal/auth/oauth/openid.go

@@ -0,0 +1,85 @@
+package oauth
+
+import (
+	gocontext "context"
+	"errors"
+	"github.com/markbates/goth"
+	"github.com/markbates/goth/gothic"
+	"github.com/markbates/goth/providers/openidConnect"
+	"github.com/thomiceli/opengist/internal/config"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/web/context"
+)
+
+type OIDCProvider struct {
+	Provider
+	URL string
+}
+
+func (p *OIDCProvider) RegisterProvider() error {
+	oidcProvider, err := openidConnect.New(
+		config.C.OIDCClientKey,
+		config.C.OIDCSecret,
+		urlJoin(p.URL, "/oauth/openid-connect/callback"),
+		config.C.OIDCDiscoveryUrl,
+		"openid",
+		"email",
+		"profile",
+	)
+
+	if err != nil {
+		return errors.New("Cannot create OIDC provider: " + err.Error())
+	}
+
+	goth.UseProviders(oidcProvider)
+	return nil
+}
+
+func (p *OIDCProvider) BeginAuthHandler(ctx *context.Context) {
+	ctxValue := gocontext.WithValue(ctx.Request().Context(), gothic.ProviderParamKey, OpenIDConnectString)
+	ctx.SetRequest(ctx.Request().WithContext(ctxValue))
+
+	gothic.BeginAuthHandler(ctx.Response(), ctx.Request())
+}
+
+func (p *OIDCProvider) UserHasProvider(user *db.User) bool {
+	return user.OIDCID != ""
+}
+
+func NewOIDCProvider(url string) *OIDCProvider {
+	return &OIDCProvider{
+		URL: url,
+	}
+}
+
+type OIDCCallbackProvider struct {
+	CallbackProvider
+	User *goth.User
+}
+
+func (p *OIDCCallbackProvider) GetProvider() string {
+	return OpenIDConnectString
+}
+
+func (p *OIDCCallbackProvider) GetProviderUser() *goth.User {
+	return p.User
+}
+
+func (p *OIDCCallbackProvider) GetProviderUserID(user *db.User) bool {
+	return user.OIDCID != ""
+}
+
+func (p *OIDCCallbackProvider) GetProviderUserSSHKeys() ([]string, error) {
+	return nil, nil
+}
+
+func (p *OIDCCallbackProvider) UpdateUserDB(user *db.User) {
+	user.OIDCID = p.User.UserID
+	user.AvatarURL = p.User.AvatarURL
+}
+
+func NewOIDCCallbackProvider(user *goth.User) CallbackProvider {
+	return &OIDCCallbackProvider{
+		User: user,
+	}
+}

internal/auth/oauth/provider.go

@@ -0,0 +1,93 @@
+package oauth
+
+import (
+	"fmt"
+	"github.com/markbates/goth"
+	"github.com/markbates/goth/gothic"
+	"github.com/rs/zerolog/log"
+	"github.com/thomiceli/opengist/internal/db"
+	"github.com/thomiceli/opengist/internal/web/context"
+	"io"
+	"net/http"
+	"net/url"
+	"strings"
+)
+
+const (
+	GitHubProviderString = "github"
+	GitLabProviderString = "gitlab"
+	GiteaProviderString  = "gitea"
+	OpenIDConnectString  = "openid-connect"
+)
+
+type Provider interface {
+	RegisterProvider() error
+	BeginAuthHandler(ctx *context.Context)
+	UserHasProvider(user *db.User) bool
+}
+
+type CallbackProvider interface {
+	GetProvider() string
+	GetProviderUser() *goth.User
+	GetProviderUserID(user *db.User) bool
+	GetProviderUserSSHKeys() ([]string, error)
+	UpdateUserDB(user *db.User)
+}
+
+func DefineProvider(provider string, url string) (Provider, error) {
+	switch provider {
+	case GitHubProviderString:
+		return NewGitHubProvider(url), nil
+	case GitLabProviderString:
+		return NewGitLabProvider(url), nil
+	case GiteaProviderString:
+		return NewGiteaProvider(url), nil
+	case OpenIDConnectString:
+		return NewOIDCProvider(url), nil
+	}
+
+	return nil, fmt.Errorf("unsupported provider %s", provider)
+}
+
+func CompleteUserAuth(ctx *context.Context) (CallbackProvider, error) {
+	user, err := gothic.CompleteUserAuth(ctx.Response(), ctx.Request())
+	if err != nil {
+		return nil, err
+	}
+
+	switch user.Provider {
+	case GitHubProviderString:
+		return NewGitHubCallbackProvider(&user), nil
+	case GitLabProviderString:
+		return NewGitLabCallbackProvider(&user), nil
+	case GiteaProviderString:
+		return NewGiteaCallbackProvider(&user), nil
+	case OpenIDConnectString:
+		return NewOIDCCallbackProvider(&user), nil
+	}
+
+	return nil, fmt.Errorf("unsupported provider %s", user.Provider)
+}
+
+func urlJoin(base string, elem ...string) string {
+	joined, err := url.JoinPath(base, elem...)
+	if err != nil {
+		log.Error().Err(err).Msg("Cannot join url")
+	}
+
+	return joined
+}
+
+func readKeys(response *http.Response) ([]string, error) {
+	body, err := io.ReadAll(response.Body)
+	if err != nil {
+		return nil, fmt.Errorf("could not get user keys %v", err)
+	}
+
+	keys := strings.Split(string(body), "\n")
+	if len(keys[len(keys)-1]) == 0 {
+		keys = keys[:len(keys)-1]
+	}
+
+	return keys, nil
+}