před 4 roky · 0797a55ee3
--- a/mod/auth/oauth2/github.go
+++ b/mod/auth/oauth2/github.go
@@ -3,7 +3,6 @@ package oauth2
 
				 import (
			
 
				 	"encoding/json"
			
 
				 	"io/ioutil"
			
 
				-	"log"
			
 
				 	"net/http"
			
 
				 	"time"
			
 
				 
			
@@ -75,7 +74,6 @@ func githubUserInfo(accessToken string) (string, error) {
 
				 
			
 
				 	defer response.Body.Close()
			
 
				 	contents, err := ioutil.ReadAll(response.Body)
			
 
				-	log.Println(string(contents))
			
 
				 	var data GithubField
			
 
				 	json.Unmarshal([]byte(contents), &data)
			
 
				 
			
--- a/mod/auth/oauth2/internal.go
+++ b/mod/auth/oauth2/internal.go
@@ -5,6 +5,12 @@ import (
 
				 	"net/http"
			
 
				 )
			
 
				 
			
 
				+//Common functions
			
 
				+func sendHTMLResponse(w http.ResponseWriter, msg string) {
			
 
				+	w.Header().Set("Content-Type", "text/html")
			
 
				+	w.Write([]byte(msg))
			
 
				+}
			
 
				+
			
 
				 //Common functions
			
 
				 func sendTextResponse(w http.ResponseWriter, msg string) {
			
 
				 	w.Write([]byte(msg))
			
--- a/mod/auth/oauth2/microsoft.go
+++ b/mod/auth/oauth2/microsoft.go
@@ -0,0 +1,43 @@
 
				+package oauth2
			
 
				+
			
 
				+import (
			
 
				+	"encoding/json"
			
 
				+	"io/ioutil"
			
 
				+	"net/http"
			
 
				+
			
 
				+	"golang.org/x/oauth2"
			
 
				+)
			
 
				+
			
 
				+type MicrosoftField struct {
			
 
				+	Sub        string `json:"sub"`
			
 
				+	Name       string `json:"name"`
			
 
				+	GivenName  string `json:"given_name"`
			
 
				+	FamilyName string `json:"family_name"`
			
 
				+	Email      string `json:"email"`
			
 
				+	Picture    string `json:"picture"`
			
 
				+}
			
 
				+
			
 
				+func microsoftScope() []string {
			
 
				+	return []string{"user.read openid email profile"}
			
 
				+}
			
 
				+
			
 
				+func microsoftEndpoint() oauth2.Endpoint {
			
 
				+	return oauth2.Endpoint{
			
 
				+		AuthURL:  "https://login.microsoftonline.com/consumers/oauth2/v2.0/authorize",
			
 
				+		TokenURL: "https://login.microsoftonline.com/consumers/oauth2/v2.0/token",
			
 
				+	}
			
 
				+}
			
 
				+
			
 
				+func microsoftUserInfo(accessToken string) (string, error) {
			
 
				+	client := &http.Client{}
			
 
				+	req, err := http.NewRequest("GET", "https://graph.microsoft.com/oidc/userinfo", nil)
			
 
				+	req.Header.Set("Authorization", "Bearer "+accessToken)
			
 
				+	response, err := client.Do(req)
			
 
				+
			
 
				+	defer response.Body.Close()
			
 
				+	contents, err := ioutil.ReadAll(response.Body)
			
 
				+	var data MicrosoftField
			
 
				+	json.Unmarshal([]byte(contents), &data)
			
 
				+
			
 
				+	return data.Email, err
			
 
				+}
			
--- a/mod/auth/oauth2/oauth2.go
+++ b/mod/auth/oauth2/oauth2.go
@@ -98,6 +98,10 @@ func (oh *OauthHandler) HandleAuthorize(w http.ResponseWriter, r *http.Request)
 
				 	}
			
 
				 
			
 
				 	username, err := getUserInfo(token.AccessToken, oh.coredb)
			
 
				+	if err != nil {
			
 
				+		sendTextResponse(w, "Failed to obtain user info.")
			
 
				+		return
			
 
				+	}
			
 
				 
			
 
				 	if !oh.ag.UserExists(username) {
			
 
				 		//register user if not already exists
			
@@ -105,7 +109,7 @@ func (oh *OauthHandler) HandleAuthorize(w http.ResponseWriter, r *http.Request)
 
				 		if oh.reg.AllowRegistry {
			
 
				 			http.Redirect(w, r, "/public/register/register.system?user="+username, 302)
			
 
				 		} else {
			
 
				-			sendTextResponse(w, "You are not allowed to register in this system.&nbsp;<a href=\"/\">Back</a>")
			
 
				+			sendHTMLResponse(w, "You are not allowed to register in this system.&nbsp;<a href=\"/\">Back</a>")
			
 
				 		}
			
 
				 	} else {
			
 
				 		log.Println(username + " logged in via OAuth.")
			
--- a/mod/auth/oauth2/serviceSelector.go
+++ b/mod/auth/oauth2/serviceSelector.go
@@ -13,6 +13,8 @@ func getScope(coredb *db.Database) []string {
 
				 		return googleScope()
			
 
				 	} else if idp == "Github" {
			
 
				 		return githubScope()
			
 
				+	} else if idp == "Microsoft" {
			
 
				+		return microsoftScope()
			
 
				 	}
			
 
				 	return []string{}
			
 
				 }
			
@@ -23,6 +25,8 @@ func getEndpoint(coredb *db.Database) oauth2.Endpoint {
 
				 		return googleEndpoint()
			
 
				 	} else if idp == "Github" {
			
 
				 		return githubEndpoint()
			
 
				+	} else if idp == "Microsoft" {
			
 
				+		return microsoftEndpoint()
			
 
				 	}
			
 
				 	return oauth2.Endpoint{}
			
 
				 }
			
@@ -33,6 +37,8 @@ func getUserInfo(accessToken string, coredb *db.Database) (string, error) {
 
				 		return googleUserInfo(accessToken)
			
 
				 	} else if idp == "Github" {
			
 
				 		return githubUserInfo(accessToken)
			
 
				+	} else if idp == "Microsoft" {
			
 
				+		return microsoftUserInfo(accessToken)
			
 
				 	}
			
 
				 	return "", errors.New("Unauthorized")
			
 
				 }
			
--- a/system/auth/register.system
+++ b/system/auth/register.system
@@ -78,7 +78,9 @@
 
				             //1. read the parameters from the URL
			
 
				             if(get('user') != undefined){
			
 
				                 $("#emailfield").val(get('user'));
			
 
				+                $("#emailfield").attr("disabled", "disabled");
			
 
				                 $("input[name='username']").val(get('user'));
			
 
				+                $("input[name='username']").attr("disabled", "disabled");
			
 
				             }
			
 
				 
			
 
				             function toggleSignupBox(toggle){