Merge branch 'master' into add_seatalk_oauth

bgdsh · Dec 5, 2019 · 033dca6 · 033dca6
2 parents b18449c + fe22ae6
commit 033dca6
Show file tree

Hide file tree

Showing 32 changed files with 2,101 additions and 117 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -3,11 +3,10 @@ language: go
 sudo: false
 
 go:
-  - 1.7
-  - 1.8
-  - 1.9
+  - "1.9"
   - "1.10"
   - "1.11"
+  - "1.12"
   - tip
 
 matrix:

diff --git a/README.md b/README.md
@@ -17,6 +17,7 @@ $ go get github.com/markbates/goth
 ## Supported Providers
 
 * Amazon
+* Apple
 * Auth0
 * Azure AD
 * Battle.net
@@ -31,6 +32,7 @@ $ go get github.com/markbates/goth
 * Eve Online
 * Facebook
 * Fitbit
+* Gitea
 * GitHub
 * Gitlab
 * Google
@@ -41,6 +43,7 @@ $ go get github.com/markbates/goth
 * Intercom
 * Lastfm
 * Linkedin
+* LINE
 * Mailru
 * Meetup
 * MicrosoftOnline
@@ -50,6 +53,7 @@ $ go get github.com/markbates/goth
 * OpenID Connect (auto discovery)
 * Paypal
 * SalesForce
+* Shopify
 * Slack
 * Soundcloud
 * Spotify

diff --git a/examples/main.go b/examples/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"fmt"
+	"github.com/markbates/goth/providers/apple"
 	"html/template"
 	"net/http"
 	"os"
@@ -27,6 +28,7 @@ import (
 	"github.com/markbates/goth/providers/eveonline"
 	"github.com/markbates/goth/providers/facebook"
 	"github.com/markbates/goth/providers/fitbit"
+	"github.com/markbates/goth/providers/gitea"
 	"github.com/markbates/goth/providers/github"
 	"github.com/markbates/goth/providers/gitlab"
 	"github.com/markbates/goth/providers/google"
@@ -35,6 +37,7 @@ import (
 	"github.com/markbates/goth/providers/instagram"
 	"github.com/markbates/goth/providers/intercom"
 	"github.com/markbates/goth/providers/lastfm"
+	"github.com/markbates/goth/providers/line"
 	"github.com/markbates/goth/providers/linkedin"
 	"github.com/markbates/goth/providers/meetup"
 	"github.com/markbates/goth/providers/microsoftonline"
@@ -45,6 +48,7 @@ import (
 	"github.com/markbates/goth/providers/paypal"
 	"github.com/markbates/goth/providers/salesforce"
 	"github.com/markbates/goth/providers/seatalk"
+	"github.com/markbates/goth/providers/shopify"
 	"github.com/markbates/goth/providers/slack"
 	"github.com/markbates/goth/providers/soundcloud"
 	"github.com/markbates/goth/providers/spotify"
@@ -75,6 +79,7 @@ func main() {
 		github.New(os.Getenv("GITHUB_KEY"), os.Getenv("GITHUB_SECRET"), "http://localhost:3000/auth/github/callback"),
 		spotify.New(os.Getenv("SPOTIFY_KEY"), os.Getenv("SPOTIFY_SECRET"), "http://localhost:3000/auth/spotify/callback"),
 		linkedin.New(os.Getenv("LINKEDIN_KEY"), os.Getenv("LINKEDIN_SECRET"), "http://localhost:3000/auth/linkedin/callback"),
+		line.New(os.Getenv("LINE_KEY"), os.Getenv("LINE_SECRET"), "http://localhost:3000/auth/line/callback", "profile", "openid", "email"),
 		lastfm.New(os.Getenv("LASTFM_KEY"), os.Getenv("LASTFM_SECRET"), "http://localhost:3000/auth/lastfm/callback"),
 		twitch.New(os.Getenv("TWITCH_KEY"), os.Getenv("TWITCH_SECRET"), "http://localhost:3000/auth/twitch/callback"),
 		dropbox.New(os.Getenv("DROPBOX_KEY"), os.Getenv("DROPBOX_SECRET"), "http://localhost:3000/auth/dropbox/callback"),
@@ -120,6 +125,9 @@ func main() {
 		naver.New(os.Getenv("NAVER_KEY"), os.Getenv("NAVER_SECRET"), "http://localhost:3000/auth/naver/callback"),
 		yandex.New(os.Getenv("YANDEX_KEY"), os.Getenv("YANDEX_SECRET"), "http://localhost:3000/auth/yandex/callback"),
 		nextcloud.NewCustomisedDNS(os.Getenv("NEXTCLOUD_KEY"), os.Getenv("NEXTCLOUD_SECRET"), "http://localhost:3000/auth/nextcloud/callback", os.Getenv("NEXTCLOUD_URL")),
+		gitea.New(os.Getenv("GITEA_KEY"), os.Getenv("GITEA_SECRET"), "http://localhost:3000/auth/gitea/callback"),
+		shopify.New(os.Getenv("SHOPIFY_KEY"), os.Getenv("SHOPIFY_SECRET"), "http://localhost:3000/auth/shopify/callback", shopify.ScopeReadCustomers, shopify.ScopeReadOrders),
+		apple.New(os.Getenv("APPLE_KEY"), os.Getenv("APPLE_SECRET"), "http://localhost:3000/auth/apple/callback", nil, apple.ScopeName, apple.ScopeEmail),
 	)
 
 	// OpenID Connect is based on OpenID Connect Auto Discovery URL (https://openid.net/specs/openid-connect-discovery-1_0-17.html)
@@ -142,10 +150,12 @@ func main() {
 	m["eveonline"] = "Eve Online"
 	m["facebook"] = "Facebook"
 	m["fitbit"] = "Fitbit"
+	m["gitea"] = "Gitea"
 	m["github"] = "Github"
 	m["gitlab"] = "Gitlab"
 	m["google"] = "Google"
 	m["gplus"] = "Google Plus"
+	m["shopify"] = "Shopify"
 	m["soundcloud"] = "SoundCloud"
 	m["spotify"] = "Spotify"
 	m["steam"] = "Steam"
@@ -160,6 +170,7 @@ func main() {
 	m["intercom"] = "Intercom"
 	m["lastfm"] = "Last FM"
 	m["linkedin"] = "Linkedin"
+	m["line"] = "LINE"
 	m["onedrive"] = "Onedrive"
 	m["azuread"] = "Azure AD"
 	m["microsoftonline"] = "Microsoft Online"
@@ -178,6 +189,7 @@ func main() {
 	m["yandex"] = "Yandex"
 	m["nextcloud"] = "NextCloud"
 	m["seatalk"] = "SeaTalk"
+	m["apple"] = "Apple"
 
 	var keys []string
 	for k := range m {

diff --git a/go.mod b/go.mod
@@ -3,12 +3,15 @@ module github.com/markbates/goth
 require (
 	cloud.google.com/go v0.30.0 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/gorilla/mux v1.6.2
 	github.com/gorilla/pat v0.0.0-20180118222023-199c85a7f6d1
 	github.com/gorilla/sessions v1.1.1
 	github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da
+	github.com/lestrrat-go/jwx v0.9.0
 	github.com/markbates/going v1.0.0
 	github.com/mrjones/oauth v0.0.0-20180629183705-f4e24b6d100c
+	github.com/pkg/errors v0.8.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/stretchr/testify v1.2.2
 	golang.org/x/oauth2 v0.0.0-20180620175406-ef147856a6dd

diff --git a/go.sum b/go.sum
@@ -2,6 +2,8 @@ cloud.google.com/go v0.30.0 h1:xKvyLgk56d0nksWq49J0UyGEeUIicTl4+UBiX1NPX9g=
 cloud.google.com/go v0.30.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8=
@@ -16,10 +18,16 @@ github.com/gorilla/sessions v1.1.1 h1:YMDmfaK68mUixINzY/XjscuJ47uXFWSSHzFbBQM0Pr
 github.com/gorilla/sessions v1.1.1/go.mod h1:8KCfur6+4Mqcc6S0FEfKuN15Vl5MgXW92AE8ovaJD0w=
 github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da h1:FjHUJJ7oBW4G/9j1KzlHaXL09LyMVM9rupS39lncbXk=
 github.com/jarcoal/httpmock v0.0.0-20180424175123-9c70cfe4a1da/go.mod h1:ks+b9deReOc7jgqp+e7LuFiCBH6Rm5hL32cLcEAArb4=
+github.com/lestrrat-go/jwx v0.9.0 h1:Fnd0EWzTm0kFrBPzE/PEPp9nzllES5buMkksPMjEKpM=
+github.com/lestrrat-go/jwx v0.9.0/go.mod h1:iEoxlYfZjvoGpuWwxUz+eR5e6KTJGsaRcy/YNA/UnBk=
+github.com/lestrrat/jwx v0.9.0 h1:sxyUKCQ0KpX4+GPvSu9lAS0tIwpg7F/O8p/HqyZL4ns=
+github.com/lestrrat/jwx v0.9.0/go.mod h1:Ogdl8bCZz7p5/jj4RY2LQTceY/c+AoTIk9gJY+KP4H0=
 github.com/markbates/going v1.0.0 h1:DQw0ZP7NbNlFGcKbcE/IVSOAFzScxRtLpd0rLMzLhq0=
 github.com/markbates/going v1.0.0/go.mod h1:I6mnB4BPnEeqo85ynXIx1ZFLLbtiLHNXVgWeFO9OGOA=
 github.com/mrjones/oauth v0.0.0-20180629183705-f4e24b6d100c h1:3wkDRdxK92dF+c1ke2dtj7ZzemFWBHB9plnJOtlwdFA=
 github.com/mrjones/oauth v0.0.0-20180629183705-f4e24b6d100c/go.mod h1:skjdDftzkFALcuGzYSklqYd8gvat6F1gZJ4YPVbkZpM=
+github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=

diff --git a/gothic/gothic.go b/gothic/gothic.go
@@ -245,19 +245,6 @@ var GetProviderName = getProviderName
 
 func getProviderName(req *http.Request) (string, error) {
 
-	// get all the used providers
-	providers := goth.GetProviders()
-
-	// loop over the used providers, if we already have a valid session for any provider (ie. user is already logged-in with a provider), then return that provider name
-	for _, provider := range providers {
-		p := provider.Name()
-		session, _ := Store.Get(req, p+SessionName)
-		value := session.Values[p]
-		if _, ok := value.(string); ok {
-			return p, nil
-		}
-	}
-
 	// try to get it from the url param "provider"
 	if p := req.URL.Query().Get("provider"); p != "" {
 		return p, nil
@@ -278,6 +265,17 @@ func getProviderName(req *http.Request) (string, error) {
 		return p, nil
 	}
 
+	// As a fallback, loop over the used providers, if we already have a valid session for any provider (ie. user has already begun authentication with a provider), then return that provider name
+	providers := goth.GetProviders()
+	session, _ := Store.Get(req, SessionName)
+	for _, provider := range providers {
+		p := provider.Name()
+		value := session.Values[p]
+		if _, ok := value.(string); ok {
+			return p, nil
+		}
+	}
+
 	// if not found then return an empty string with the corresponding error
 	return "", errors.New("you must select a provider")
 }

diff --git a/gothic/gothic_test.go b/gothic/gothic_test.go
@@ -19,16 +19,21 @@ import (
 	"github.com/stretchr/testify/assert"
 )
 
+type mapKey struct {
+	r *http.Request
+	n string
+}
+
 type ProviderStore struct {
-	Store map[*http.Request]*sessions.Session
+	Store map[mapKey]*sessions.Session
 }
 
 func NewProviderStore() *ProviderStore {
-	return &ProviderStore{map[*http.Request]*sessions.Session{}}
+	return &ProviderStore{map[mapKey]*sessions.Session{}}
 }
 
 func (p ProviderStore) Get(r *http.Request, name string) (*sessions.Session, error) {
-	s := p.Store[r]
+	s := p.Store[mapKey{r, name}]
 	if s == nil {
 		s, err := p.New(r, name)
 		return s, err
@@ -42,12 +47,12 @@ func (p ProviderStore) New(r *http.Request, name string) (*sessions.Session, err
 		Path:   "/",
 		MaxAge: 86400 * 30,
 	}
-	p.Store[r] = s
+	p.Store[mapKey{r, name}] = s
 	return s, nil
 }
 
 func (p ProviderStore) Save(r *http.Request, w http.ResponseWriter, s *sessions.Session) error {
-	p.Store[r] = s
+	p.Store[mapKey{r, s.Name()}] = s
 	return nil
 }
 
@@ -68,7 +73,7 @@ func Test_BeginAuthHandler(t *testing.T) {
 
 	BeginAuthHandler(res, req)
 
-	sess, err := Store.Get(req, "faux"+SessionName)
+	sess, err := Store.Get(req, SessionName)
 	if err != nil {
 		t.Fatalf("error getting faux Gothic session: %v", err)
 	}
@@ -128,7 +133,28 @@ func Test_CompleteUserAuth(t *testing.T) {
 	a.NoError(err)
 
 	sess := faux.Session{Name: "Homer Simpson", Email: "[email protected]"}
-	session, _ := Store.Get(req, "faux"+SessionName)
+	session, _ := Store.Get(req, SessionName)
+	session.Values["faux"] = gzipString(sess.Marshal())
+	err = session.Save(req, res)
+	a.NoError(err)
+
+	user, err := CompleteUserAuth(res, req)
+	a.NoError(err)
+
+	a.Equal(user.Name, "Homer Simpson")
+	a.Equal(user.Email, "[email protected]")
+}
+
+func Test_CompleteUserAuthWithSessionDeducedProvider(t *testing.T) {
+	a := assert.New(t)
+
+	res := httptest.NewRecorder()
+	// Inteintionally omit a provider argument, force looking in session.
+	req, err := http.NewRequest("GET", "/auth/callback", nil)
+	a.NoError(err)
+
+	sess := faux.Session{Name: "Homer Simpson", Email: "[email protected]"}
+	session, _ := Store.Get(req, SessionName)
 	session.Values["faux"] = gzipString(sess.Marshal())
 	err = session.Save(req, res)
 	a.NoError(err)
@@ -148,7 +174,7 @@ func Test_Logout(t *testing.T) {
 	a.NoError(err)
 
 	sess := faux.Session{Name: "Homer Simpson", Email: "[email protected]"}
-	session, _ := Store.Get(req, "faux"+SessionName)
+	session, _ := Store.Get(req, SessionName)
 	session.Values["faux"] = gzipString(sess.Marshal())
 	err = session.Save(req, res)
 	a.NoError(err)
@@ -160,7 +186,7 @@ func Test_Logout(t *testing.T) {
 	a.Equal(user.Email, "[email protected]")
 	err = Logout(res, req)
 	a.NoError(err)
-	session, _ = Store.Get(req, "faux"+SessionName)
+	session, _ = Store.Get(req, SessionName)
 	a.Equal(session.Values, make(map[interface{}]interface{}))
 	a.Equal(session.Options.MaxAge, -1)
 }
@@ -188,7 +214,7 @@ func Test_StateValidation(t *testing.T) {
 	a.NoError(err)
 
 	BeginAuthHandler(res, req)
-	session, _ := Store.Get(req, "faux"+SessionName)
+	session, _ := Store.Get(req, SessionName)
 
 	// Assert that matching states will return a nil error
 	req, err = http.NewRequest("GET", "/auth/callback?provider=faux&state=state_REAL", nil)
-Original file line number
+Diff line change
@@ Expand Up / @@ -3,11 +3,10 @@ language: go @@
     sudo: false
     go:
-      - 1.7
-      - 1.8
-      - 1.9
+      - "1.9"
       - "1.10"
       - "1.11"
+      - "1.12"
       - tip
     matrix:
@@ Expand Down @@