|
|
@@ -32,6 +32,7 @@ func (o *Oauth) OidcAuth(c *gin.Context) {
|
|
32
|
32
|
response.Error(c, response.TranslateMsg(c, "ParamsError")+err.Error())
|
|
33
|
33
|
return
|
|
34
|
34
|
}
|
|
|
35
|
+ //fmt.Println(f)
|
|
35
|
36
|
if f.Op != model.OauthTypeWebauth && f.Op != model.OauthTypeGoogle && f.Op != model.OauthTypeGithub && f.Op != model.OauthTypeOidc {
|
|
36
|
37
|
response.Error(c, response.TranslateMsg(c, "ParamsError"))
|
|
37
|
38
|
return
|
|
|
@@ -79,7 +80,7 @@ func (o *Oauth) OidcAuthQueryPre(c *gin.Context) (*model.User, *model.UserToken)
|
|
79
|
80
|
|
|
80
|
81
|
// 如果 UserId 为 0,说明还在授权中
|
|
81
|
82
|
if v.UserId == 0 {
|
|
82
|
|
- c.JSON(http.StatusOK, gin.H{"message": "Authorization in progress"})
|
|
|
83
|
+ c.JSON(http.StatusOK, gin.H{"message": "Authorization in progress, please login and bind"})
|
|
83
|
84
|
return nil, nil
|
|
84
|
85
|
}
|
|
85
|
86
|
|
|
|
@@ -123,6 +124,9 @@ func (o *Oauth) OidcAuthQueryPre(c *gin.Context) (*model.User, *model.UserToken)
|
|
123
|
124
|
// @Router /oidc/auth-query [get]
|
|
124
|
125
|
func (o *Oauth) OidcAuthQuery(c *gin.Context) {
|
|
125
|
126
|
u, ut := o.OidcAuthQueryPre(c)
|
|
|
127
|
+ if u == nil || ut == nil {
|
|
|
128
|
+ return
|
|
|
129
|
+ }
|
|
126
|
130
|
c.JSON(http.StatusOK, apiResp.LoginRes{
|
|
127
|
131
|
AccessToken: ut.Token,
|
|
128
|
132
|
Type: "access_token",
|
|
|
@@ -157,7 +161,10 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
|
|
157
|
161
|
ty := v.Op
|
|
158
|
162
|
ac := v.Action
|
|
159
|
163
|
var u *model.User
|
|
|
164
|
+ openid := ""
|
|
|
165
|
+ thirdName := ""
|
|
160
|
166
|
//fmt.Println("ty ac ", ty, ac)
|
|
|
167
|
+
|
|
161
|
168
|
if ty == model.OauthTypeGithub {
|
|
162
|
169
|
code := c.Query("code")
|
|
163
|
170
|
err, userData := service.AllService.OauthService.GithubCallback(code)
|
|
|
@@ -165,59 +172,8 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
|
|
165
|
172
|
c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthFailed")+response.TranslateMsg(c, err.Error()))
|
|
166
|
173
|
return
|
|
167
|
174
|
}
|
|
168
|
|
- if ac == service.OauthActionTypeBind {
|
|
169
|
|
- //fmt.Println("bind", ty, userData)
|
|
170
|
|
- utr := service.AllService.OauthService.UserThirdInfo(ty, strconv.Itoa(userData.Id))
|
|
171
|
|
- if utr.UserId > 0 {
|
|
172
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBindOtherUser"))
|
|
173
|
|
- return
|
|
174
|
|
- }
|
|
175
|
|
- //绑定
|
|
176
|
|
- u = service.AllService.UserService.InfoById(v.UserId)
|
|
177
|
|
- if u == nil {
|
|
178
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ItemNotFound"))
|
|
179
|
|
- return
|
|
180
|
|
- }
|
|
181
|
|
- //绑定github
|
|
182
|
|
- err = service.AllService.OauthService.BindGithubUser(strconv.Itoa(userData.Id), userData.Login, v.UserId)
|
|
183
|
|
- if err != nil {
|
|
184
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "BindFail"))
|
|
185
|
|
- return
|
|
186
|
|
- }
|
|
187
|
|
- c.String(http.StatusOK, response.TranslateMsg(c, "BindSuccess"))
|
|
188
|
|
- return
|
|
189
|
|
- } else if ac == service.OauthActionTypeLogin {
|
|
190
|
|
- //登录
|
|
191
|
|
- if v.UserId != 0 {
|
|
192
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBeenSuccess"))
|
|
193
|
|
- return
|
|
194
|
|
- }
|
|
195
|
|
- u = service.AllService.UserService.InfoByGithubId(strconv.Itoa(userData.Id))
|
|
196
|
|
- if u == nil {
|
|
197
|
|
- oa := service.AllService.OauthService.InfoByOp(ty)
|
|
198
|
|
- if !*oa.AutoRegister {
|
|
199
|
|
- //c.String(http.StatusInternalServerError, "还未绑定用户,请先绑定")
|
|
200
|
|
- v.ThirdName = userData.Login
|
|
201
|
|
- v.ThirdOpenId = strconv.Itoa(userData.Id)
|
|
202
|
|
- url := global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/bind/" + cacheKey
|
|
203
|
|
- c.Redirect(http.StatusFound, url)
|
|
204
|
|
- return
|
|
205
|
|
- }
|
|
206
|
|
-
|
|
207
|
|
- //自动注册
|
|
208
|
|
- u = service.AllService.UserService.RegisterByGithub(userData.Login, strconv.Itoa(userData.Id))
|
|
209
|
|
- if u.Id == 0 {
|
|
210
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthRegisterFailed"))
|
|
211
|
|
- return
|
|
212
|
|
- }
|
|
213
|
|
- }
|
|
214
|
|
-
|
|
215
|
|
- // v.UserId = u.Id
|
|
216
|
|
- // service.AllService.OauthService.SetOauthCache(cacheKey, v, 0)
|
|
217
|
|
- // c.String(http.StatusOK, response.TranslateMsg(c, "OauthSuccess"))
|
|
218
|
|
- // return
|
|
219
|
|
- }
|
|
220
|
|
-
|
|
|
175
|
+ openid = strconv.Itoa(userData.Id)
|
|
|
176
|
+ thirdName = userData.Login
|
|
221
|
177
|
} else if ty == model.OauthTypeGoogle {
|
|
222
|
178
|
code := c.Query("code")
|
|
223
|
179
|
err, userData := service.AllService.OauthService.GoogleCallback(code)
|
|
|
@@ -225,60 +181,9 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
|
|
225
|
181
|
c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthFailed")+response.TranslateMsg(c, err.Error()))
|
|
226
|
182
|
return
|
|
227
|
183
|
}
|
|
|
184
|
+ openid = userData.Email
|
|
228
|
185
|
//将空格替换成_
|
|
229
|
|
- googleName := strings.Replace(userData.Name, " ", "_", -1)
|
|
230
|
|
- if ac == service.OauthActionTypeBind {
|
|
231
|
|
- //fmt.Println("bind", ty, userData)
|
|
232
|
|
- utr := service.AllService.OauthService.UserThirdInfo(ty, userData.Email)
|
|
233
|
|
- if utr.UserId > 0 {
|
|
234
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBindOtherUser"))
|
|
235
|
|
- return
|
|
236
|
|
- }
|
|
237
|
|
- //绑定
|
|
238
|
|
- u = service.AllService.UserService.InfoById(v.UserId)
|
|
239
|
|
- if u == nil {
|
|
240
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ItemNotFound"))
|
|
241
|
|
- return
|
|
242
|
|
- }
|
|
243
|
|
- //绑定
|
|
244
|
|
- err = service.AllService.OauthService.BindGoogleUser(userData.Email, googleName, v.UserId)
|
|
245
|
|
- if err != nil {
|
|
246
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "BindFail"))
|
|
247
|
|
- return
|
|
248
|
|
- }
|
|
249
|
|
- c.String(http.StatusOK, response.TranslateMsg(c, "BindSuccess"))
|
|
250
|
|
- return
|
|
251
|
|
- } else if ac == service.OauthActionTypeLogin {
|
|
252
|
|
- if v.UserId != 0 {
|
|
253
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBeenSuccess"))
|
|
254
|
|
- return
|
|
255
|
|
- }
|
|
256
|
|
- u = service.AllService.UserService.InfoByGoogleEmail(userData.Email)
|
|
257
|
|
- if u == nil {
|
|
258
|
|
- oa := service.AllService.OauthService.InfoByOp(ty)
|
|
259
|
|
- if !*oa.AutoRegister {
|
|
260
|
|
- //c.String(http.StatusInternalServerError, "还未绑定用户,请先绑定")
|
|
261
|
|
-
|
|
262
|
|
- v.ThirdName = googleName
|
|
263
|
|
- v.ThirdOpenId = userData.Email
|
|
264
|
|
- url := global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/bind/" + cacheKey
|
|
265
|
|
- c.Redirect(http.StatusFound, url)
|
|
266
|
|
- return
|
|
267
|
|
- }
|
|
268
|
|
-
|
|
269
|
|
- //自动注册
|
|
270
|
|
- u = service.AllService.UserService.RegisterByGoogle(googleName, userData.Email)
|
|
271
|
|
- if u.Id == 0 {
|
|
272
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthRegisterFailed"))
|
|
273
|
|
- return
|
|
274
|
|
- }
|
|
275
|
|
- }
|
|
276
|
|
-
|
|
277
|
|
- // v.UserId = u.Id
|
|
278
|
|
- // service.AllService.OauthService.SetOauthCache(cacheKey, v, 0)
|
|
279
|
|
- // c.String(http.StatusOK, response.TranslateMsg(c, "OauthSuccess"))
|
|
280
|
|
- // return
|
|
281
|
|
- }
|
|
|
186
|
+ thirdName = strings.Replace(userData.Name, " ", "_", -1)
|
|
282
|
187
|
} else if ty == model.OauthTypeOidc {
|
|
283
|
188
|
code := c.Query("code")
|
|
284
|
189
|
err, userData := service.AllService.OauthService.OidcCallback(code)
|
|
|
@@ -286,85 +191,81 @@ func (o *Oauth) OauthCallback(c *gin.Context) {
|
|
286
|
191
|
c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthFailed")+response.TranslateMsg(c, err.Error()))
|
|
287
|
192
|
return
|
|
288
|
193
|
}
|
|
289
|
|
- //将空格替换成_
|
|
290
|
|
- // OidcName := strings.Replace(userData.Name, " ", "_", -1)
|
|
291
|
|
- if ac == service.OauthActionTypeBind {
|
|
292
|
|
- //fmt.Println("bind", ty, userData)
|
|
293
|
|
- utr := service.AllService.OauthService.UserThirdInfo(ty, userData.Sub)
|
|
294
|
|
- if utr.UserId > 0 {
|
|
295
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBindOtherUser"))
|
|
296
|
|
- return
|
|
297
|
|
- }
|
|
298
|
|
- //绑定
|
|
299
|
|
- u = service.AllService.UserService.InfoById(v.UserId)
|
|
300
|
|
- if u == nil {
|
|
301
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ItemNotFound"))
|
|
302
|
|
- return
|
|
303
|
|
- }
|
|
304
|
|
- //绑定, user preffered_username as username
|
|
305
|
|
- err = service.AllService.OauthService.BindOidcUser(userData.Sub, userData.PreferredUsername, v.UserId)
|
|
306
|
|
- if err != nil {
|
|
307
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "BindFail"))
|
|
308
|
|
- return
|
|
309
|
|
- }
|
|
310
|
|
- c.String(http.StatusOK, response.TranslateMsg(c, "BindSuccess"))
|
|
|
194
|
+ openid = userData.Sub
|
|
|
195
|
+ thirdName = userData.PreferredUsername
|
|
|
196
|
+ } else {
|
|
|
197
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ParamsError"))
|
|
|
198
|
+ return
|
|
|
199
|
+ }
|
|
|
200
|
+ if ac == service.OauthActionTypeBind {
|
|
|
201
|
+
|
|
|
202
|
+ //fmt.Println("bind", ty, userData)
|
|
|
203
|
+ utr := service.AllService.OauthService.UserThirdInfo(ty, openid)
|
|
|
204
|
+ if utr.UserId > 0 {
|
|
|
205
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBindOtherUser"))
|
|
311
|
206
|
return
|
|
312
|
|
- } else if ac == service.OauthActionTypeLogin {
|
|
313
|
|
- if v.UserId != 0 {
|
|
314
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBeenSuccess"))
|
|
|
207
|
+ }
|
|
|
208
|
+ //绑定
|
|
|
209
|
+ u = service.AllService.UserService.InfoById(v.UserId)
|
|
|
210
|
+ if u == nil {
|
|
|
211
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ItemNotFound"))
|
|
|
212
|
+ return
|
|
|
213
|
+ }
|
|
|
214
|
+ //绑定
|
|
|
215
|
+ err := service.AllService.OauthService.BindOauthUser(ty, openid, thirdName, v.UserId)
|
|
|
216
|
+ if err != nil {
|
|
|
217
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "BindFail"))
|
|
|
218
|
+ return
|
|
|
219
|
+ }
|
|
|
220
|
+ c.String(http.StatusOK, response.TranslateMsg(c, "BindSuccess"))
|
|
|
221
|
+ return
|
|
|
222
|
+
|
|
|
223
|
+ } else if ac == service.OauthActionTypeLogin {
|
|
|
224
|
+ //登录
|
|
|
225
|
+ if v.UserId != 0 {
|
|
|
226
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthHasBeenSuccess"))
|
|
|
227
|
+ return
|
|
|
228
|
+ }
|
|
|
229
|
+ u = service.AllService.UserService.InfoByGithubId(openid)
|
|
|
230
|
+ if u == nil {
|
|
|
231
|
+ oa := service.AllService.OauthService.InfoByOp(ty)
|
|
|
232
|
+ if !*oa.AutoRegister {
|
|
|
233
|
+ //c.String(http.StatusInternalServerError, "还未绑定用户,请先绑定")
|
|
|
234
|
+ v.ThirdName = thirdName
|
|
|
235
|
+ v.ThirdOpenId = openid
|
|
|
236
|
+ url := global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/bind/" + cacheKey
|
|
|
237
|
+ c.Redirect(http.StatusFound, url)
|
|
315
|
238
|
return
|
|
316
|
239
|
}
|
|
317
|
|
- u = service.AllService.UserService.InfoByOidcSub(userData.Sub)
|
|
318
|
|
- if u == nil {
|
|
319
|
|
- oa := service.AllService.OauthService.InfoByOp(ty)
|
|
320
|
|
- if !*oa.AutoRegister {
|
|
321
|
|
- //c.String(http.StatusInternalServerError, "还未绑定用户,请先绑定")
|
|
322
|
|
-
|
|
323
|
|
- v.ThirdName = userData.PreferredUsername
|
|
324
|
|
- v.ThirdOpenId = userData.Sub
|
|
325
|
|
- v.ThirdEmail = userData.Email
|
|
326
|
|
- url := global.Config.Rustdesk.ApiServer + "/_admin/#/oauth/bind/" + cacheKey
|
|
327
|
|
- c.Redirect(http.StatusFound, url)
|
|
328
|
|
- return
|
|
329
|
|
- }
|
|
330
|
240
|
|
|
331
|
|
- //自动注册
|
|
332
|
|
- u = service.AllService.UserService.RegisterByOidc(userData.PreferredUsername, userData.Sub)
|
|
333
|
|
- if u.Id == 0 {
|
|
334
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthRegisterFailed"))
|
|
335
|
|
- return
|
|
336
|
|
- }
|
|
|
241
|
+ //自动注册
|
|
|
242
|
+ u = service.AllService.UserService.RegisterByOauth(ty, thirdName, openid)
|
|
|
243
|
+ if u.Id == 0 {
|
|
|
244
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "OauthRegisterFailed"))
|
|
|
245
|
+ return
|
|
337
|
246
|
}
|
|
338
|
|
-
|
|
339
|
|
- // v.UserId = u.Id
|
|
340
|
|
- // service.AllService.OauthService.SetOauthCache(cacheKey, v, 0)
|
|
341
|
|
- // c.String(http.StatusOK, response.TranslateMsg(c, "OauthSuccess"))
|
|
342
|
|
- // return
|
|
343
|
247
|
}
|
|
344
|
|
- }
|
|
345
|
|
- // 如果u为空,说明没有绑定用户
|
|
346
|
|
- if u == nil {
|
|
347
|
|
- c.String(http.StatusInternalServerError, response.TranslateMsg(c, "SystemError"))
|
|
|
248
|
+ v.UserId = u.Id
|
|
|
249
|
+ service.AllService.OauthService.SetOauthCache(cacheKey, v, 0)
|
|
|
250
|
+ // 如果是webadmin,登录成功后跳转到webadmin
|
|
|
251
|
+ if v.DeviceType == "webadmin" {
|
|
|
252
|
+ /*service.AllService.UserService.Login(u, &model.LoginLog{
|
|
|
253
|
+ UserId: u.Id,
|
|
|
254
|
+ Client: "webadmin",
|
|
|
255
|
+ Uuid: "", //must be empty
|
|
|
256
|
+ Ip: c.ClientIP(),
|
|
|
257
|
+ Type: model.LoginLogTypeOauth,
|
|
|
258
|
+ Platform: v.DeviceOs,
|
|
|
259
|
+ })*/
|
|
|
260
|
+ url := global.Config.Rustdesk.ApiServer + "/_admin/#/"
|
|
|
261
|
+ c.Redirect(http.StatusFound, url)
|
|
|
262
|
+ return
|
|
|
263
|
+ }
|
|
|
264
|
+ c.String(http.StatusOK, response.TranslateMsg(c, "OauthSuccess"))
|
|
348
|
265
|
return
|
|
349
|
|
- }
|
|
350
|
|
- // 认证成功,设置缓存
|
|
351
|
|
- v.UserId = u.Id
|
|
352
|
|
- service.AllService.OauthService.SetOauthCache(cacheKey, v, 0)
|
|
353
|
|
- // 如果是webadmin,登录成功后跳转到webadmin
|
|
354
|
|
- if v.DeviceType == "webadmin" {
|
|
355
|
|
- service.AllService.UserService.Login(u, &model.LoginLog{
|
|
356
|
|
- UserId: u.Id,
|
|
357
|
|
- Client: "webadmin",
|
|
358
|
|
- Uuid: "",//must be empty
|
|
359
|
|
- Ip: c.ClientIP(),
|
|
360
|
|
- Type: "account",
|
|
361
|
|
- Platform: v.DeviceOs,
|
|
362
|
|
- })
|
|
363
|
|
- url := global.Config.Rustdesk.ApiServer + "/_admin/#/"
|
|
364
|
|
- c.Redirect(http.StatusFound, url)
|
|
|
266
|
+ } else {
|
|
|
267
|
+ c.String(http.StatusInternalServerError, response.TranslateMsg(c, "ParamsError"))
|
|
365
|
268
|
return
|
|
366
|
269
|
}
|
|
367
|
|
- c.String(http.StatusOK, response.TranslateMsg(c, "OauthSuccess"))
|
|
368
|
|
- return
|
|
369
|
270
|
|
|
370
|
271
|
}
|
ljw