dragonflyoss · gaius-qi · Sep 1, 2021 · Aug 31, 2021 · Aug 31, 2021 · Sep 1, 2021
@@ -31,6 +31,8 @@ require (
 	github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e
 	github.com/golang/mock v1.6.0
 	github.com/golang/protobuf v1.5.2
+	github.com/google/go-github v17.0.0+incompatible
+	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/uuid v1.2.0
 	github.com/gorilla/mux v1.7.3
 	github.com/jarcoal/httpmock v1.0.8
@@ -73,6 +75,7 @@ require (
 	golang.org/x/time v0.0.0-20201208040808-7e3f01d25324
 	golang.org/x/tools v0.1.4 // indirect
 	gonum.org/v1/gonum v0.9.3
+	google.golang.org/api v0.39.0
 	google.golang.org/grpc v1.39.0
 	google.golang.org/protobuf v1.26.0
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
@@ -81,6 +84,6 @@ require (
 	gorm.io/driver/mysql v1.0.5
 	gorm.io/gorm v1.21.9
 	gorm.io/plugin/soft_delete v1.0.2
-	k8s.io/apimachinery v0.20.6 // indirect
+	k8s.io/apimachinery v0.20.6
 	k8s.io/client-go v11.0.0+incompatible
 )
@@ -341,6 +341,10 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-github v17.0.0+incompatible h1:N0LgJ1j65A7kfXrZnUDaYCs/Sf4rEjNlfyDHW9dolSY=
+github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
+github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
+github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=

@@ -1,59 +1,78 @@
+/*
+ *     Copyright 2020 The Dragonfly Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package oauth
 
 import (
-	"encoding/json"
-	"io/ioutil"
-	"net/http"
-	"strings"
+	"context"
+	"crypto/rand"
+	"encoding/base64"
 
+	"github.com/google/go-github/github"
 	"golang.org/x/oauth2"
-	"golang.org/x/oauth2/github"
-	"gorm.io/gorm"
+	oauth2github "golang.org/x/oauth2/github"
 )
 
-type githubOauth2 struct {
-	baseOauth2
+var githubScopes = []string{
+	"user",
+	"public_repo",
 }
 
-func NewGithubOauth2(name string, clientID string, clientSecret string, db *gorm.DB) (Oauther, error) {
+type oauthGithub struct {
+	*oauth2.Config
+}
 
-	oa := &githubOauth2{}
-	oa.Name = name
-	oa.Config = &oauth2.Config{
-		ClientID:     clientID,
-		ClientSecret: clientSecret,
-		Scopes:       strings.Split(GithubScopes, ","),
-		Endpoint:     github.Endpoint,
+func newGithub(name, clientID, clientSecret, redirectURL string) *oauthGithub {
+	return &oauthGithub{
+		Config: &oauth2.Config{
+			ClientID:     clientID,
+			ClientSecret: clientSecret,
+			Scopes:       githubScopes,
+			Endpoint:     oauth2github.Endpoint,
+			RedirectURL:  redirectURL,
+		},
 	}
-	oa.UserInfoURL = GithubUserInfoURL
+}
 
-	redirectURL, err := oa.GetRediectURL(db)
-	if err != nil {
-		return nil, err
-	}
-	oa.Config.RedirectURL = redirectURL
-	return oa, nil
+func (g *oauthGithub) AuthCodeURL() string {
+	b := make([]byte, 16)
+	rand.Read(b)
+	return g.Config.AuthCodeURL(base64.URLEncoding.EncodeToString(b))
 }
 
-func (oa *githubOauth2) GetOauthUserInfo(token string) (*oauth2User, error) {
-	req, err := http.NewRequest("GET", oa.UserInfoURL, nil)
-	if err != nil {
-		return nil, err
-	}
-	req.Header.Set("Authorization", "token"+" "+token)
-	response, err := (&http.Client{}).Do(req)
-	if err != nil {
-		return nil, err
-	}
-	defer response.Body.Close()
-	contents, err := ioutil.ReadAll(response.Body)
-	if err != nil {
-		return nil, err
-	}
-	u := oauth2User{}
-	err = json.Unmarshal(contents, &u)
+func (g *oauthGithub) Exchange(code string) (*oauth2.Token, error) {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	return g.Config.Exchange(ctx, code)
+}
+
+func (g *oauthGithub) GetUser(token *oauth2.Token) (*User, error) {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	client := github.NewClient(g.Client(ctx, token))
+	user, _, err := client.Users.Get(ctx, "")
 	if err != nil {
 		return nil, err
 	}
-	return &u, nil
+
+	return &User{
+		Name:   *user.Name,
+		Email:  *user.Email,
+		Avatar: *user.AvatarURL,
+	}, nil
 }
@@ -1,33 +1,83 @@
+/*
+ *     Copyright 2020 The Dragonfly Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
 package oauth
 
 import (
-	"strings"
+	"context"
+	"crypto/rand"
+	"encoding/base64"
 
 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/google"
-	"gorm.io/gorm"
+	oauth2v2 "google.golang.org/api/oauth2/v2"
+	"google.golang.org/api/option"
 )
 
-type googleOauth2 struct {
-	baseOauth2
+var googleScopes = []string{
+	"https://www.googleapis.com/auth/userinfo.email",
+	"https://www.googleapis.com/auth/userinfo.profile",
+}
+
+type oauthGoogle struct {
+	*oauth2.Config
+}
+
+func newGoogle(name, clientID, clientSecret, redirectURL string) *oauthGoogle {
+	return &oauthGoogle{
+		Config: &oauth2.Config{
+			ClientID:     clientID,
+			ClientSecret: clientSecret,
+			Scopes:       googleScopes,
+			Endpoint:     google.Endpoint,
+			RedirectURL:  redirectURL,
+		},
+	}
+}
+
+func (g *oauthGoogle) AuthCodeURL() string {
+	b := make([]byte, 16)
+	rand.Read(b)
+	return g.Config.AuthCodeURL(base64.URLEncoding.EncodeToString(b))
+}
+
+func (g *oauthGoogle) Exchange(code string) (*oauth2.Token, error) {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
+
+	return g.Config.Exchange(ctx, code)
 }
 
-func NewGoogleOauth2(name string, clientID string, clientSecret string, db *gorm.DB) (Oauther, error) {
+func (g *oauthGoogle) GetUser(token *oauth2.Token) (*User, error) {
+	ctx, cancel := context.WithTimeout(context.Background(), timeout)
+	defer cancel()
 
-	oa := &googleOauth2{}
-	oa.Name = name
-	oa.Config = &oauth2.Config{
-		ClientID:     clientID,
-		ClientSecret: clientSecret,
-		Scopes:       strings.Split(GoogleScopes, ","),
-		Endpoint:     google.Endpoint,
+	client, err := oauth2v2.NewService(ctx, option.WithTokenSource(g.Config.TokenSource(ctx, token)))
+	if err != nil {
+		return nil, err
 	}
-	oa.UserInfoURL = GithubUserInfoURL
 
-	redirectURL, err := oa.GetRediectURL(db)
+	user, err := client.Userinfo.Get().Do()
 	if err != nil {
 		return nil, err
 	}
-	oa.Config.RedirectURL = redirectURL
-	return oa, nil
+
+	return &User{
+		Name:   user.Name,
+		Email:  user.Email,
+		Avatar: user.Picture,
+	}, nil
 }