mirror of
https://github.com/miniflux/v2.git
synced 2025-09-15 18:57:04 +00:00
Add OAuth2 PKCE support
This commit is contained in:
parent
fa1148915e
commit
ff5d391701
12 changed files with 126 additions and 68 deletions
|
@ -24,17 +24,30 @@ type googleProvider struct {
|
|||
redirectURL string
|
||||
}
|
||||
|
||||
func NewGoogleProvider(clientID, clientSecret, redirectURL string) *googleProvider {
|
||||
return &googleProvider{clientID: clientID, clientSecret: clientSecret, redirectURL: redirectURL}
|
||||
}
|
||||
|
||||
func (g *googleProvider) GetConfig() *oauth2.Config {
|
||||
return &oauth2.Config{
|
||||
RedirectURL: g.redirectURL,
|
||||
ClientID: g.clientID,
|
||||
ClientSecret: g.clientSecret,
|
||||
Scopes: []string{"email"},
|
||||
Endpoint: oauth2.Endpoint{
|
||||
AuthURL: "https://accounts.google.com/o/oauth2/auth",
|
||||
TokenURL: "https://accounts.google.com/o/oauth2/token",
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func (g *googleProvider) GetUserExtraKey() string {
|
||||
return "google_id"
|
||||
}
|
||||
|
||||
func (g *googleProvider) GetRedirectURL(state string) string {
|
||||
return g.config().AuthCodeURL(state)
|
||||
}
|
||||
|
||||
func (g *googleProvider) GetProfile(ctx context.Context, code string) (*Profile, error) {
|
||||
conf := g.config()
|
||||
token, err := conf.Exchange(ctx, code)
|
||||
func (g *googleProvider) GetProfile(ctx context.Context, code, codeVerifier string) (*Profile, error) {
|
||||
conf := g.GetConfig()
|
||||
token, err := conf.Exchange(ctx, code, oauth2.SetAuthURLParam("code_verifier", codeVerifier))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
@ -67,20 +80,3 @@ func (g *googleProvider) PopulateUserWithProfileID(user *model.User, profile *Pr
|
|||
func (g *googleProvider) UnsetUserProfileID(user *model.User) {
|
||||
user.GoogleID = ""
|
||||
}
|
||||
|
||||
func (g *googleProvider) config() *oauth2.Config {
|
||||
return &oauth2.Config{
|
||||
RedirectURL: g.redirectURL,
|
||||
ClientID: g.clientID,
|
||||
ClientSecret: g.clientSecret,
|
||||
Scopes: []string{"email"},
|
||||
Endpoint: oauth2.Endpoint{
|
||||
AuthURL: "https://accounts.google.com/o/oauth2/auth",
|
||||
TokenURL: "https://accounts.google.com/o/oauth2/token",
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
func newGoogleProvider(clientID, clientSecret, redirectURL string) *googleProvider {
|
||||
return &googleProvider{clientID: clientID, clientSecret: clientSecret, redirectURL: redirectURL}
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue