Add generic Oauth allow_logout optionpull/317/head
@@ -1049,13 +1049,14 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err | |||
enableOauthSlack := app.Config().SlackOauth.ClientID != "" | |||
enableOauthWriteAs := app.Config().WriteAsOauth.ClientID != "" | |||
enableOauthGitLab := app.Config().GitlabOauth.ClientID != "" | |||
enableOauthGeneric := app.Config().GenericOauth.ClientID != "" | |||
oauthAccounts, err := app.db.GetOauthAccounts(r.Context(), u.ID) | |||
if err != nil { | |||
log.Error("Unable to get oauth accounts for settings: %s", err) | |||
return impart.HTTPError{http.StatusInternalServerError, "Unable to retrieve user data. The humans have been alerted."} | |||
} | |||
for _, oauthAccount := range oauthAccounts { | |||
for idx, oauthAccount := range oauthAccounts { | |||
switch oauthAccount.Provider { | |||
case "slack": | |||
enableOauthSlack = false | |||
@@ -1063,35 +1064,43 @@ func viewSettings(app *App, u *User, w http.ResponseWriter, r *http.Request) err | |||
enableOauthWriteAs = false | |||
case "gitlab": | |||
enableOauthGitLab = false | |||
case "generic": | |||
oauthAccounts[idx].DisplayName = app.Config().GenericOauth.DisplayName | |||
oauthAccounts[idx].AllowLogout = app.Config().GenericOauth.AllowLogout | |||
enableOauthGeneric = false | |||
} | |||
} | |||
displayOauthSection := enableOauthSlack || enableOauthWriteAs || enableOauthGitLab || len(oauthAccounts) > 0 | |||
displayOauthSection := enableOauthSlack || enableOauthWriteAs || enableOauthGitLab || enableOauthGeneric || len(oauthAccounts) > 0 | |||
obj := struct { | |||
*UserPage | |||
Email string | |||
HasPass bool | |||
IsLogOut bool | |||
Silenced bool | |||
OauthSection bool | |||
OauthAccounts []oauthAccountInfo | |||
OauthSlack bool | |||
OauthWriteAs bool | |||
OauthGitLab bool | |||
GitLabDisplayName string | |||
Email string | |||
HasPass bool | |||
IsLogOut bool | |||
Silenced bool | |||
OauthSection bool | |||
OauthAccounts []oauthAccountInfo | |||
OauthSlack bool | |||
OauthWriteAs bool | |||
OauthGitLab bool | |||
GitLabDisplayName string | |||
OauthGeneric bool | |||
OauthGenericDisplayName string | |||
}{ | |||
UserPage: NewUserPage(app, r, u, "Account Settings", flashes), | |||
Email: fullUser.EmailClear(app.keys), | |||
HasPass: passIsSet, | |||
IsLogOut: r.FormValue("logout") == "1", | |||
Silenced: fullUser.IsSilenced(), | |||
OauthSection: displayOauthSection, | |||
OauthAccounts: oauthAccounts, | |||
OauthSlack: enableOauthSlack, | |||
OauthWriteAs: enableOauthWriteAs, | |||
OauthGitLab: enableOauthGitLab, | |||
GitLabDisplayName: config.OrDefaultString(app.Config().GitlabOauth.DisplayName, gitlabDisplayName), | |||
UserPage: NewUserPage(app, r, u, "Account Settings", flashes), | |||
Email: fullUser.EmailClear(app.keys), | |||
HasPass: passIsSet, | |||
IsLogOut: r.FormValue("logout") == "1", | |||
Silenced: fullUser.IsSilenced(), | |||
OauthSection: displayOauthSection, | |||
OauthAccounts: oauthAccounts, | |||
OauthSlack: enableOauthSlack, | |||
OauthWriteAs: enableOauthWriteAs, | |||
OauthGitLab: enableOauthGitLab, | |||
GitLabDisplayName: config.OrDefaultString(app.Config().GitlabOauth.DisplayName, gitlabDisplayName), | |||
OauthGeneric: enableOauthGeneric, | |||
OauthGenericDisplayName: config.OrDefaultString(app.Config().GenericOauth.DisplayName, genericOauthDisplayName), | |||
} | |||
showUserPage(w, "settings", obj) | |||
@@ -86,17 +86,18 @@ type ( | |||
CallbackProxyAPI string `ini:"callback_proxy_api"` | |||
} | |||
GenericOauthCfg struct { | |||
ClientID string `ini:"client_id"` | |||
ClientSecret string `ini:"client_secret"` | |||
Host string `ini:"host"` | |||
DisplayName string `ini:"display_name"` | |||
CallbackProxy string `ini:"callback_proxy"` | |||
CallbackProxyAPI string `ini:"callback_proxy_api"` | |||
TokenEndpoint string `ini:"token_endpoint"` | |||
InspectEndpoint string `ini:"inspect_endpoint"` | |||
AuthEndpoint string `ini:"auth_endpoint"` | |||
} | |||
GenericOauthCfg struct { | |||
ClientID string `ini:"client_id"` | |||
ClientSecret string `ini:"client_secret"` | |||
Host string `ini:"host"` | |||
DisplayName string `ini:"display_name"` | |||
CallbackProxy string `ini:"callback_proxy"` | |||
CallbackProxyAPI string `ini:"callback_proxy_api"` | |||
TokenEndpoint string `ini:"token_endpoint"` | |||
InspectEndpoint string `ini:"inspect_endpoint"` | |||
AuthEndpoint string `ini:"auth_endpoint"` | |||
AllowLogout bool `ini:"allow_logout"` | |||
} | |||
// AppCfg holds values that affect how the application functions | |||
AppCfg struct { | |||
@@ -150,7 +151,7 @@ type ( | |||
SlackOauth SlackOauthCfg `ini:"oauth.slack"` | |||
WriteAsOauth WriteAsOauthCfg `ini:"oauth.writeas"` | |||
GitlabOauth GitlabOauthCfg `ini:"oauth.gitlab"` | |||
GenericOauth GenericOauthCfg `ini:"oauth.generic"` | |||
GenericOauth GenericOauthCfg `ini:"oauth.generic"` | |||
} | |||
) | |||
@@ -14,11 +14,12 @@ import ( | |||
"context" | |||
"database/sql" | |||
"fmt" | |||
wf_db "github.com/writeas/writefreely/db" | |||
"net/http" | |||
"strings" | |||
"time" | |||
wf_db "github.com/writeas/writefreely/db" | |||
"github.com/guregu/null" | |||
"github.com/guregu/null/zero" | |||
uuid "github.com/nu7hatch/gouuid" | |||
@@ -2590,6 +2591,8 @@ type oauthAccountInfo struct { | |||
Provider string | |||
ClientID string | |||
RemoteUserID string | |||
DisplayName string | |||
AllowLogout bool | |||
} | |||
func (db *datastore) GetOauthAccounts(ctx context.Context, userID int64) ([]oauthAccountInfo, error) { | |||
@@ -86,14 +86,22 @@ h3 { font-weight: normal; } | |||
<input type="hidden" name="client_id" value="{{ $oauth_account.ClientID }}" /> | |||
<input type="hidden" name="remote_user_id" value="{{ $oauth_account.RemoteUserID }}" /> | |||
<div class="section oauth-provider"> | |||
<img src="/img/mark/{{$oauth_account.Provider}}.png" alt="{{ $oauth_account.Provider | title }}" /> | |||
<input type="submit" value="Remove {{ $oauth_account.Provider | title }}" /> | |||
{{ if $oauth_account.DisplayName}} | |||
{{ if $oauth_account.AllowLogout}} | |||
<input type="submit" value="Remove {{.DisplayName}}" /> | |||
{{else}} | |||
<a class="btn cta"><strong>{{.DisplayName}}</strong></a> | |||
{{end}} | |||
{{else}} | |||
<img src="/img/mark/{{$oauth_account.Provider}}.png" alt="{{ $oauth_account.Provider | title }}" /> | |||
<input type="submit" value="Remove {{ $oauth_account.Provider | title }}" /> | |||
{{end}} | |||
</div> | |||
</form> | |||
{{ end }} | |||
</div> | |||
{{ end }} | |||
{{ if or .OauthSlack .OauthWriteAs .OauthGitLab }} | |||
{{ if or .OauthSlack .OauthWriteAs .OauthGitLab .OauthGeneric }} | |||
<div class="option"> | |||
<h2>Link External Accounts</h2> | |||
<p>Connect additional accounts to enable logging in with those providers, instead of using your username and password.</p> | |||
@@ -123,6 +131,13 @@ h3 { font-weight: normal; } | |||
</div> | |||
{{ end }} | |||
</div> | |||
{{ if .OauthGeneric }} | |||
<div class="row"> | |||
<div class="section oauth-provider"> | |||
<p><a class="btn cta loginbtn" id="generic-oauth-login" href="/oauth/generic?attach=t">Link <strong>{{ .OauthGenericDisplayName }}</strong></a></p> | |||
</div> | |||
</div> | |||
{{ end }} | |||
</div> | |||
{{ end }} | |||
{{ end }} | |||