Move internal packages to an internal folder

For reference: https://go.dev/doc/go1.4#internalpackages
2025-08-01 17:38:37 +00:00 · 2023-08-10 19:46:45 -07:00 · 2023-08-10 19:46:45 -07:00 · 168a870c02
commit 168a870c02
parent c234903255
433 changed files with 1121 additions and 1123 deletions
--- a/internal/oauth2/google.go
+++ b/internal/oauth2/google.go
@ -0,0 +1,86 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package oauth2 // import "miniflux.app/v2/internal/oauth2"
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+
+	"miniflux.app/v2/internal/model"
+
+	"golang.org/x/oauth2"
+)
+
+type googleProfile struct {
+	Sub   string `json:"sub"`
+	Email string `json:"email"`
+}
+
+type googleProvider struct {
+	clientID     string
+	clientSecret string
+	redirectURL  string
+}
+
+func (g *googleProvider) GetUserExtraKey() string {
+	return "google_id"
+}
+
+func (g *googleProvider) GetRedirectURL(state string) string {
+	return g.config().AuthCodeURL(state)
+}
+
+func (g *googleProvider) GetProfile(ctx context.Context, code string) (*Profile, error) {
+	conf := g.config()
+	token, err := conf.Exchange(ctx, code)
+	if err != nil {
+		return nil, err
+	}
+
+	client := conf.Client(ctx, token)
+	resp, err := client.Get("https://www.googleapis.com/oauth2/v3/userinfo")
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+
+	var user googleProfile
+	decoder := json.NewDecoder(resp.Body)
+	if err := decoder.Decode(&user); err != nil {
+		return nil, fmt.Errorf("oauth2: unable to unserialize google profile: %v", err)
+	}
+
+	profile := &Profile{Key: g.GetUserExtraKey(), ID: user.Sub, Username: user.Email}
+	return profile, nil
+}
+
+func (g *googleProvider) PopulateUserCreationWithProfileID(user *model.UserCreationRequest, profile *Profile) {
+	user.GoogleID = profile.ID
+}
+
+func (g *googleProvider) PopulateUserWithProfileID(user *model.User, profile *Profile) {
+	user.GoogleID = profile.ID
+}
+
+func (g *googleProvider) UnsetUserProfileID(user *model.User) {
+	user.GoogleID = ""
+}
+
+func (g *googleProvider) config() *oauth2.Config {
+	return &oauth2.Config{
+		RedirectURL:  g.redirectURL,
+		ClientID:     g.clientID,
+		ClientSecret: g.clientSecret,
+		Scopes:       []string{"email"},
+		Endpoint: oauth2.Endpoint{
+			AuthURL:  "https://accounts.google.com/o/oauth2/auth",
+			TokenURL: "https://accounts.google.com/o/oauth2/token",
+		},
+	}
+}
+
+func newGoogleProvider(clientID, clientSecret, redirectURL string) *googleProvider {
+	return &googleProvider{clientID: clientID, clientSecret: clientSecret, redirectURL: redirectURL}
+}
--- a/internal/oauth2/manager.go
+++ b/internal/oauth2/manager.go
@ -0,0 +1,46 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package oauth2 // import "miniflux.app/v2/internal/oauth2"
+
+import (
+	"context"
+	"errors"
+
+	"miniflux.app/v2/internal/logger"
+)
+
+// Manager handles OAuth2 providers.
+type Manager struct {
+	providers map[string]Provider
+}
+
+// FindProvider returns the given provider.
+func (m *Manager) FindProvider(name string) (Provider, error) {
+	if provider, found := m.providers[name]; found {
+		return provider, nil
+	}
+
+	return nil, errors.New("oauth2 provider not found")
+}
+
+// AddProvider add a new OAuth2 provider.
+func (m *Manager) AddProvider(name string, provider Provider) {
+	m.providers[name] = provider
+}
+
+// NewManager returns a new Manager.
+func NewManager(ctx context.Context, clientID, clientSecret, redirectURL, oidcDiscoveryEndpoint string) *Manager {
+	m := &Manager{providers: make(map[string]Provider)}
+	m.AddProvider("google", newGoogleProvider(clientID, clientSecret, redirectURL))
+
+	if oidcDiscoveryEndpoint != "" {
+		if genericOidcProvider, err := newOidcProvider(ctx, clientID, clientSecret, redirectURL, oidcDiscoveryEndpoint); err != nil {
+			logger.Error("[OAuth2] failed to initialize OIDC provider: %v", err)
+		} else {
+			m.AddProvider("oidc", genericOidcProvider)
+		}
+	}
+
+	return m
+}
--- a/internal/oauth2/oidc.go
+++ b/internal/oauth2/oidc.go
@ -0,0 +1,75 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package oauth2 // import "miniflux.app/v2/internal/oauth2"
+
+import (
+	"context"
+
+	"miniflux.app/v2/internal/model"
+
+	"github.com/coreos/go-oidc/v3/oidc"
+	"golang.org/x/oauth2"
+)
+
+type oidcProvider struct {
+	clientID     string
+	clientSecret string
+	redirectURL  string
+	provider     *oidc.Provider
+}
+
+func (o *oidcProvider) GetUserExtraKey() string {
+	return "openid_connect_id"
+}
+
+func (o *oidcProvider) GetRedirectURL(state string) string {
+	return o.config().AuthCodeURL(state)
+}
+
+func (o *oidcProvider) GetProfile(ctx context.Context, code string) (*Profile, error) {
+	conf := o.config()
+	token, err := conf.Exchange(ctx, code)
+	if err != nil {
+		return nil, err
+	}
+
+	userInfo, err := o.provider.UserInfo(ctx, oauth2.StaticTokenSource(token))
+	if err != nil {
+		return nil, err
+	}
+
+	profile := &Profile{Key: o.GetUserExtraKey(), ID: userInfo.Subject, Username: userInfo.Email}
+	return profile, nil
+}
+
+func (o *oidcProvider) PopulateUserCreationWithProfileID(user *model.UserCreationRequest, profile *Profile) {
+	user.OpenIDConnectID = profile.ID
+}
+
+func (o *oidcProvider) PopulateUserWithProfileID(user *model.User, profile *Profile) {
+	user.OpenIDConnectID = profile.ID
+}
+
+func (o *oidcProvider) UnsetUserProfileID(user *model.User) {
+	user.OpenIDConnectID = ""
+}
+
+func (o *oidcProvider) config() *oauth2.Config {
+	return &oauth2.Config{
+		RedirectURL:  o.redirectURL,
+		ClientID:     o.clientID,
+		ClientSecret: o.clientSecret,
+		Scopes:       []string{"openid", "email"},
+		Endpoint:     o.provider.Endpoint(),
+	}
+}
+
+func newOidcProvider(ctx context.Context, clientID, clientSecret, redirectURL, discoveryEndpoint string) (*oidcProvider, error) {
+	provider, err := oidc.NewProvider(ctx, discoveryEndpoint)
+	if err != nil {
+		return nil, err
+	}
+
+	return &oidcProvider{clientID: clientID, clientSecret: clientSecret, redirectURL: redirectURL, provider: provider}, nil
+}
--- a/internal/oauth2/profile.go
+++ b/internal/oauth2/profile.go
@ -0,0 +1,19 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package oauth2 // import "miniflux.app/v2/internal/oauth2"
+
+import (
+	"fmt"
+)
+
+// Profile is the OAuth2 user profile.
+type Profile struct {
+	Key      string
+	ID       string
+	Username string
+}
+
+func (p Profile) String() string {
+	return fmt.Sprintf(`Key=%s ; ID=%s ; Username=%s`, p.Key, p.ID, p.Username)
+}
--- a/internal/oauth2/provider.go
+++ b/internal/oauth2/provider.go
@ -0,0 +1,20 @@
+// SPDX-FileCopyrightText: Copyright The Miniflux Authors. All rights reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+package oauth2 // import "miniflux.app/v2/internal/oauth2"
+
+import (
+	"context"
+
+	"miniflux.app/v2/internal/model"
+)
+
+// Provider is an interface for OAuth2 providers.
+type Provider interface {
+	GetUserExtraKey() string
+	GetRedirectURL(state string) string
+	GetProfile(ctx context.Context, code string) (*Profile, error)
+	PopulateUserCreationWithProfileID(user *model.UserCreationRequest, profile *Profile)
+	PopulateUserWithProfileID(user *model.User, profile *Profile)
+	UnsetUserProfileID(user *model.User)
+}