mirror of
https://github.com/KaySar12/NextZen-UserService.git
synced 2025-03-15 23:25:35 +07:00
update
This commit is contained in:
parent
634c492519
commit
c385748979
1
.gitignore
vendored
1
.gitignore
vendored
@ -36,3 +36,4 @@ linux-amd64-nextzenos-user-service-v1.3.0.tar.gz
|
||||
dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service
|
||||
dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service
|
||||
linux-amd64-nextzenos-user-service-v1.2.3.tar.gz
|
||||
dist/casaos-user-service-amd64_linux_amd64_v1/build/sysroot/usr/bin/casaos-user-service
|
||||
|
Binary file not shown.
2
dist/metadata.json
vendored
2
dist/metadata.json
vendored
@ -1 +1 @@
|
||||
{"project_name":"casaos-user-service","tag":"v1.0.0","previous_tag":"","version":"1.0.1","commit":"5f1a22031693c9e00ce1e6708325735fce3a81d2","date":"2024-08-10T12:28:54.51296295+07:00","runtime":{"goos":"linux","goarch":"amd64"}}
|
||||
{"project_name":"casaos-user-service","tag":"v1.0.0","previous_tag":"","version":"1.0.1","commit":"634c492519a2c929fc20b8d2d1f2f403ea79197c","date":"2024-08-13T11:38:58.760480343+07:00","runtime":{"goos":"linux","goarch":"amd64"}}
|
@ -35,9 +35,8 @@ func InitRouter() *gin.Engine {
|
||||
r.GET("/v1/users/image", v1.GetUserImage)
|
||||
r.GET("/v1/users/:username", v1.GetUserInfoByUsername)
|
||||
r.GET("/v1/users/status", v1.GetUserStatus) // init/check
|
||||
r.GET("/v1/users/oidc/login", v1.OIDCLogin)
|
||||
r.POST("/v1/users/oidc/login", v1.OIDCLogin)
|
||||
r.GET("/v1/users/oidc/callback", v1.OIDCCallback)
|
||||
r.GET("/v1/users/oidc/profile")
|
||||
v1Group := r.Group("/v1")
|
||||
|
||||
v1Group.Use(jwt.JWT(
|
||||
|
@ -7,6 +7,7 @@ import (
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
json2 "encoding/json"
|
||||
"fmt"
|
||||
"image"
|
||||
"image/png"
|
||||
"io"
|
||||
@ -43,10 +44,11 @@ import (
|
||||
)
|
||||
|
||||
var (
|
||||
baseURL = "https://auth.c14soft.com"
|
||||
clientID = "6KwKSxLCtaQ4r6HoAn3gdNMbNOAf75j3SejLIAx7"
|
||||
clientSecret = "PE05fcDP4qESUmyZ1TNYpZNBxRPq70VpFI81vehsoJ6WhGz5yPXMljrFrOdMRdRhrYmF03fHWTZHgO9ZdNENrLN13BzL8CAgtEkTsyjXfgx9GvISheIjYfpSfvo219fL"
|
||||
authURL = "https://auth.c14soft.com/application/o/nextzenos-oidc/" // e.g., "https://authentik.example.com/"
|
||||
callbackURL = "http://172.26.157.79:81/v1/users/oidc/callback" // e.g., "http://localhost:8080/callback"
|
||||
authURL = "https://auth.c14soft.com/application/o/nextzenos-oidc/" //
|
||||
callbackURL = "http://172.26.157.79:8080/v1/users/oidc/callback"
|
||||
)
|
||||
|
||||
// @Summary register user
|
||||
@ -198,18 +200,23 @@ func OIDC() {
|
||||
ClientSecret: clientSecret,
|
||||
RedirectURL: callbackURL,
|
||||
Endpoint: provider.Endpoint(),
|
||||
Scopes: []string{oidc.ScopeOpenID, "profile", "email"},
|
||||
Scopes: []string{oidc.ScopeOpenID, "profile", "email", "goauthentik.io/api", "offline_access"},
|
||||
}
|
||||
}
|
||||
func OIDCLogin(c *gin.Context) {
|
||||
state, err := randString(16)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
json := make(map[string]string)
|
||||
c.ShouldBind(&json)
|
||||
state := json["state"]
|
||||
w := c.Writer
|
||||
r := c.Request
|
||||
setCallbackCookie(w, r, "state", state)
|
||||
c.Redirect(http.StatusFound, oauth2Config.AuthCodeURL(state))
|
||||
// c.Redirect(http.StatusFound, oauth2Config.AuthCodeURL(state))
|
||||
c.JSON(common_err.SUCCESS,
|
||||
model.Result{
|
||||
Success: common_err.SUCCESS,
|
||||
Message: common_err.GetMsg(common_err.SUCCESS),
|
||||
Data: oauth2Config.AuthCodeURL(state),
|
||||
})
|
||||
}
|
||||
func OIDCCallback(c *gin.Context) {
|
||||
w := c.Writer
|
||||
@ -237,12 +244,29 @@ func OIDCCallback(c *gin.Context) {
|
||||
OAuth2Token *oauth2.Token
|
||||
UserInfo *oidc.UserInfo
|
||||
}{oauth2Token, userInfo}
|
||||
data, err := json.MarshalIndent(resp, "", " ")
|
||||
if err != nil {
|
||||
http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
return
|
||||
// data, err := json.MarshalIndent(resp, "", " ")
|
||||
// if err != nil {
|
||||
// http.Error(w, err.Error(), http.StatusInternalServerError)
|
||||
// return
|
||||
// }
|
||||
//Save Userinfo and access token logic
|
||||
service.MyService.Authentik().GetUserInfo(resp.OAuth2Token.AccessToken)
|
||||
fmt.Println(resp)
|
||||
oldUser := service.MyService.User().GetUserInfoByUserName(resp.UserInfo.Email)
|
||||
if oldUser.Id > 0 {
|
||||
service.MyService.User().UpdateUser(oldUser)
|
||||
} else {
|
||||
user := model2.UserDBModel{}
|
||||
user.Username = resp.UserInfo.Email
|
||||
user.Password = encryption.GetMD5ByStr("123")
|
||||
user.Role = "admin"
|
||||
user = service.MyService.User().CreateUser(user)
|
||||
if user.Id == 0 {
|
||||
c.JSON(common_err.SERVICE_ERROR, model.Result{Success: common_err.SERVICE_ERROR, Message: common_err.GetMsg(common_err.SERVICE_ERROR)})
|
||||
return
|
||||
}
|
||||
}
|
||||
w.Write(data)
|
||||
c.Redirect(http.StatusFound, state.Value)
|
||||
}
|
||||
func OIDCProfile(c *gin.Context) {
|
||||
|
||||
|
@ -1,12 +1,46 @@
|
||||
package service
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"io"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
model2 "github.com/IceWhaleTech/CasaOS-UserService/service/model"
|
||||
)
|
||||
|
||||
type AuthentikService interface {
|
||||
HelloWorld() string
|
||||
GetUserInfo(accessToken string) model2.AuthentikUser
|
||||
}
|
||||
|
||||
type authentikService struct {
|
||||
}
|
||||
|
||||
func (a *authentikService) GetUserInfo(accessToken string) model2.AuthentikUser {
|
||||
bearer := "Bearer " + accessToken
|
||||
req, err := http.NewRequest("GET", "", bytes.NewBuffer(nil))
|
||||
req.Header.Set("Authorization", bearer)
|
||||
req.Header.Add("Accept", "application/json")
|
||||
client := &http.Client{}
|
||||
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
|
||||
for key, val := range via[0].Header {
|
||||
req.Header[key] = val
|
||||
}
|
||||
return err
|
||||
}
|
||||
resp, err := client.Do(req)
|
||||
if err != nil {
|
||||
log.Println("Error on response.\n[ERRO] -", err)
|
||||
} else {
|
||||
defer resp.Body.Close()
|
||||
data, _ := io.ReadAll(resp.Body)
|
||||
fmt.Println(string(data))
|
||||
}
|
||||
|
||||
return model2.AuthentikUser{}
|
||||
}
|
||||
func (a *authentikService) HelloWorld() string {
|
||||
return "Hello World!"
|
||||
}
|
||||
|
25
service/model/o_authentik_user.go
Normal file
25
service/model/o_authentik_user.go
Normal file
@ -0,0 +1,25 @@
|
||||
package model
|
||||
|
||||
type AuthentikUser struct {
|
||||
User struct {
|
||||
Avatar string `json:"avatar"`
|
||||
Email string `json:"email"`
|
||||
Groups []struct {
|
||||
Name string `json:"name"`
|
||||
Pk string `json:"pk"`
|
||||
} `json:"groups"`
|
||||
IsActive bool `json:"is_active"`
|
||||
IsSuperuser bool `json:"is_superuser"`
|
||||
Name string `json:"name"`
|
||||
Pk int64 `json:"pk"`
|
||||
Settings struct {
|
||||
Theme struct {
|
||||
Base string `json:"base"`
|
||||
} `json:"theme"`
|
||||
} `json:"settings"`
|
||||
SystemPermissions []string `json:"system_permissions"`
|
||||
Type string `json:"type"`
|
||||
UID string `json:"uid"`
|
||||
Username string `json:"username"`
|
||||
} `json:"user"`
|
||||
}
|
Loading…
Reference in New Issue
Block a user