Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add microsoft oauth2 providers #16544

Merged
1 change: 1 addition & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -762,6 +762,7 @@ github.com/mailru/easyjson v0.7.1/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7
github.com/mailru/easyjson v0.7.6/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
github.com/markbates/going v1.0.0 h1:DQw0ZP7NbNlFGcKbcE/IVSOAFzScxRtLpd0rLMzLhq0=
github.com/markbates/going v1.0.0/go.mod h1:I6mnB4BPnEeqo85ynXIx1ZFLLbtiLHNXVgWeFO9OGOA=
github.com/markbates/goth v1.68.0 h1:90sKvjRAKHcl9V2uC9x/PJXeD78cFPiBsyP1xVhoQfA=
github.com/markbates/goth v1.68.0/go.mod h1:V2VcDMzDiMHW+YmqYl7i0cMiAUeCkAe4QE6jRKBhXZw=
Expand Down
1 change: 1 addition & 0 deletions options/locale/locale_en-US.ini
Original file line number Diff line number Diff line change
Expand Up @@ -2440,6 +2440,7 @@ auths.oauth2_tokenURL = Token URL
auths.oauth2_authURL = Authorize URL
auths.oauth2_profileURL = Profile URL
auths.oauth2_emailURL = Email URL
auths.oauth2_tenant = Tenant
auths.enable_auto_register = Enable Auto Registration
auths.sspi_auto_create_users = Automatically create users
auths.sspi_auto_create_users_helper = Allow SSPI auth method to automatically create new accounts for users that login for the first time
Expand Down
Binary file added public/img/auth/azuread.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added public/img/auth/azureadv2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added public/img/auth/microsoftonline.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
34 changes: 21 additions & 13 deletions routers/web/admin/auths.go
Original file line number Diff line number Diff line change
Expand Up @@ -98,8 +98,8 @@ func NewAuthSource(ctx *context.Context) {
ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = smtp.Authenticators
ctx.Data["OAuth2Providers"] = oauth2.Providers
ctx.Data["OAuth2DefaultCustomURLMappings"] = oauth2.DefaultCustomURLMappings
oauth2providers := oauth2.GetOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers

ctx.Data["SSPIAutoCreateUsers"] = true
ctx.Data["SSPIAutoActivateUsers"] = true
Expand All @@ -108,10 +108,7 @@ func NewAuthSource(ctx *context.Context) {
ctx.Data["SSPIDefaultLanguage"] = ""

// only the first as default
for key := range oauth2.Providers {
ctx.Data["oauth2_provider"] = key
break
}
ctx.Data["oauth2_provider"] = oauth2providers[0]

ctx.HTML(http.StatusOK, tplAuthNew)
}
Expand Down Expand Up @@ -170,6 +167,7 @@ func parseOAuth2Config(form forms.AuthenticationForm) *oauth2.Source {
AuthURL: form.Oauth2AuthURL,
ProfileURL: form.Oauth2ProfileURL,
EmailURL: form.Oauth2EmailURL,
Tenant: form.Oauth2Tenant,
}
} else {
customURLMapping = nil
Expand Down Expand Up @@ -220,8 +218,8 @@ func NewAuthSourcePost(ctx *context.Context) {
ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = smtp.Authenticators
ctx.Data["OAuth2Providers"] = oauth2.Providers
ctx.Data["OAuth2DefaultCustomURLMappings"] = oauth2.DefaultCustomURLMappings
oauth2providers := oauth2.GetOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers

ctx.Data["SSPIAutoCreateUsers"] = true
ctx.Data["SSPIAutoActivateUsers"] = true
Expand Down Expand Up @@ -299,8 +297,8 @@ func EditAuthSource(ctx *context.Context) {

ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = smtp.Authenticators
ctx.Data["OAuth2Providers"] = oauth2.Providers
ctx.Data["OAuth2DefaultCustomURLMappings"] = oauth2.DefaultCustomURLMappings
oauth2providers := oauth2.GetOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers

source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
if err != nil {
Expand All @@ -311,7 +309,17 @@ func EditAuthSource(ctx *context.Context) {
ctx.Data["HasTLS"] = source.HasTLS()

if source.IsOAuth2() {
ctx.Data["CurrentOAuth2Provider"] = oauth2.Providers[source.Cfg.(*oauth2.Source).Provider]
type Named interface {
Name() string
}

for _, provider := range oauth2providers {
if provider.Name() == source.Cfg.(Named).Name() {
ctx.Data["CurrentOAuth2Provider"] = provider
break
}
}

}
ctx.HTML(http.StatusOK, tplAuthEdit)
}
Expand All @@ -324,8 +332,8 @@ func EditAuthSourcePost(ctx *context.Context) {
ctx.Data["PageIsAdminAuthentications"] = true

ctx.Data["SMTPAuths"] = smtp.Authenticators
ctx.Data["OAuth2Providers"] = oauth2.Providers
ctx.Data["OAuth2DefaultCustomURLMappings"] = oauth2.DefaultCustomURLMappings
oauth2providers := oauth2.GetOAuth2Providers()
ctx.Data["OAuth2Providers"] = oauth2providers

source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
if err != nil {
Expand Down
17 changes: 13 additions & 4 deletions routers/web/user/setting/security.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ import (
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/context"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/services/auth/source/oauth2"
)

const (
Expand Down Expand Up @@ -92,9 +91,19 @@ func loadSecurityData(ctx *context.Context) {
for _, externalAccount := range accountLinks {
if loginSource, err := models.GetLoginSourceByID(externalAccount.LoginSourceID); err == nil {
var providerDisplayName string
if loginSource.IsOAuth2() {
providerTechnicalName := loginSource.Cfg.(*oauth2.Source).Provider
providerDisplayName = oauth2.Providers[providerTechnicalName].DisplayName

type DisplayNamed interface {
DisplayName() string
}

type Named interface {
Name() string
}

if displayNamed, ok := loginSource.Cfg.(DisplayNamed); ok {
providerDisplayName = displayNamed.DisplayName()
} else if named, ok := loginSource.Cfg.(Named); ok {
providerDisplayName = named.Name()
} else {
providerDisplayName = loginSource.Name
}
Expand Down
Loading