casdoor/web/src/auth/Provider.js

// Copyright 2021 The Casdoor Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

import React from "react";
import {Tooltip} from "antd";
import * as Util from "./Util";
import * as Setting from "../Setting";

const authInfo = {
  Google: {
    scope: "profile+email",
    endpoint: "https://accounts.google.com/signin/oauth",
  },
  GitHub: {
    scope: "user:email+read:user",
    endpoint: "https://github.com/login/oauth/authorize",
  },
  QQ: {
    scope: "get_user_info",
    endpoint: "https://graph.qq.com/oauth2.0/authorize",
  },
  WeChat: {
    scope: "snsapi_login",
    endpoint: "https://open.weixin.qq.com/connect/qrconnect",
    mpScope: "snsapi_userinfo",
    mpEndpoint: "https://open.weixin.qq.com/connect/oauth2/authorize"
  },
  WeChatMiniProgram: {
    endpoint: "https://mp.weixin.qq.com/",
  },
  Facebook: {
    scope: "email,public_profile",
    endpoint: "https://www.facebook.com/dialog/oauth",
  },
  DingTalk: {
    scope: "openid",
    endpoint: "https://login.dingtalk.com/oauth2/auth",
  },
  Weibo: {
    scope: "email",
    endpoint: "https://api.weibo.com/oauth2/authorize",
  },
  Gitee: {
    scope: "user_info%20emails",
    endpoint: "https://gitee.com/oauth/authorize",
  },
  LinkedIn: {
    scope: "r_liteprofile%20r_emailaddress",
    endpoint: "https://www.linkedin.com/oauth/v2/authorization",
  },
  WeCom: {
    scope: "snsapi_userinfo",
    endpoint: "https://open.work.weixin.qq.com/wwopen/sso/3rd_qrConnect",
    silentEndpoint: "https://open.weixin.qq.com/connect/oauth2/authorize",
    internalEndpoint: "https://open.work.weixin.qq.com/wwopen/sso/qrConnect",
  },
  Lark: {
    // scope: "email",
    endpoint: "https://open.feishu.cn/open-apis/authen/v1/index",
  },
  GitLab: {
    scope: "read_user+profile",
    endpoint: "https://gitlab.com/oauth/authorize",
  },
  Adfs: {
    scope: "openid",
    endpoint: "http://example.com",
  },
  Baidu: {
    scope: "basic",
    endpoint: "http://openapi.baidu.com/oauth/2.0/authorize",
  },
  Alipay: {
    scope: "basic",
    endpoint: "https://openauth.alipay.com/oauth2/publicAppAuthorize.htm",
  },
  Casdoor: {
    scope: "openid%20profile%20email",
    endpoint: "http://example.com",
  },
  Infoflow: {
    endpoint: "https://xpc.im.baidu.com/oauth2/authorize",
  },
  Apple: {
    scope: "name%20email",
    endpoint: "https://appleid.apple.com/auth/authorize",
  },
  AzureAD: {
    scope: "user_impersonation",
    endpoint: "https://login.microsoftonline.com/common/oauth2/authorize",
  },
  Slack: {
    scope: "users:read",
    endpoint: "https://slack.com/oauth/authorize",
  },
  Steam: {
    endpoint: "https://steamcommunity.com/openid/login",
  },
  Okta: {
    scope: "openid%20profile%20email",
    endpoint: "http://example.com",
  },
  Custom: {
    endpoint: "https://example.com/",
  },
  Bilibili: {
    endpoint: "https://passport.bilibili.com/register/pc_oauth2.html"
  }
};

export function getProviderUrl(provider) {
  if (provider.category === "OAuth") {
    const endpoint = authInfo[provider.type].endpoint;
    const urlObj = new URL(endpoint);

    let host = urlObj.host;
    let tokens = host.split(".");
    if (tokens.length > 2) {
      tokens = tokens.slice(1);
    }
    host = tokens.join(".");

    return `${urlObj.protocol}//${host}`;
  } else {
    return Setting.OtherProviderInfo[provider.category][provider.type].url;
  }
}

export function getProviderLogoWidget(provider) {
  if (provider === undefined) {
    return null;
  }

  const url = getProviderUrl(provider);
  if (url !== "") {
    return (
      <Tooltip title={provider.type}>
        <a target="_blank" rel="noreferrer" href={getProviderUrl(provider)}>
          <img width={36} height={36} src={Setting.getProviderLogoURL(provider)} alt={provider.displayName} />
        </a>
      </Tooltip>
    )
  } else {
    return (
      <Tooltip title={provider.type}>
        <img width={36} height={36} src={Setting.getProviderLogoURL(provider)} alt={provider.displayName} />
      </Tooltip>
    )
  }
}

export function getAuthUrl(application, provider, method) {
  if (application === null || provider === null) {
    return "";
  }

  let endpoint = authInfo[provider.type].endpoint;
  const redirectUri = `${window.location.origin}/callback`;
  const scope = authInfo[provider.type].scope;
  const state = Util.getQueryParamsToState(application.name, provider.name, method);

  if (provider.type === "Google") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "GitHub") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "QQ") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "WeChat") {
    if (navigator.userAgent.includes("MicroMessenger")) {
      return `${authInfo[provider.type].mpEndpoint}?appid=${provider.clientId2}&redirect_uri=${redirectUri}&state=${state}&scope=${authInfo[provider.type].mpScope}&response_type=code#wechat_redirect`;
    } else {
      return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}#wechat_redirect`;
    }
  } else if (provider.type === "Facebook") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "DingTalk") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}&prompt=consent`;
  } else if (provider.type === "Weibo") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "Gitee") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "LinkedIn") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "WeCom") {
    if (provider.subType === "Internal") {
      if (provider.method === "Silent") {
        endpoint = authInfo[provider.type].silentEndpoint;
        return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&scope=${scope}&response_type=code#wechat_redirect`;
      } else if (provider.method === "Normal") {
        endpoint = authInfo[provider.type].internalEndpoint;
        return `${endpoint}?appid=${provider.clientId}&agentid=${provider.appId}&redirect_uri=${redirectUri}&state=${state}&usertype=member`;
      } else {
        return `https://error:not-supported-provider-method:${provider.method}`;
      }
    } else if (provider.subType === "Third-party") {
      if (provider.method === "Silent") {
        endpoint = authInfo[provider.type].silentEndpoint;
        return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&scope=${scope}&response_type=code#wechat_redirect`;
      } else if (provider.method === "Normal") {
        return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&usertype=member`;
      } else {
        return `https://error:not-supported-provider-method:${provider.method}`;
      }
    } else {
      return `https://error:not-supported-provider-sub-type:${provider.subType}`;
    }
  } else if (provider.type === "Lark") {
    return `${endpoint}?app_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}`;
  } else if (provider.type === "GitLab") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Adfs") {
    return `${provider.domain}/adfs/oauth2/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&nonce=casdoor&scope=openid`;
  } else if (provider.type === "Baidu") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&display=popup`;
  } else if (provider.type === "Alipay") {
    return `${endpoint}?app_id=${provider.clientId}&scope=auth_user&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&display=popup`;
  } else if (provider.type === "Casdoor") {
    return `${provider.domain}/login/oauth/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Infoflow"){
    return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}?state=${state}`
  } else if (provider.type === "Apple") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&response_mode=form_post`;
  } else if (provider.type === "AzureAD") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&resource=https://graph.windows.net/`;
  } else if (provider.type === "Slack") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Steam") {
    return `${endpoint}?openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.realm=${window.location.origin}&openid.return_to=${redirectUri}?state=${state}`;
  } else if (provider.type === "Okta") {
    return `${provider.domain}/v1/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Custom") {
    return `${provider.customAuthUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${provider.customScope}&response_type=code&state=${state}`;
  } else if (provider.type === "Bilibili") {
    return `${endpoint}#/?client_id=${provider.clientId}&return_url=${redirectUri}&state=${state}&response_type=code`
  }
}
Update license headers. 2022-02-13 23:39:27 +08:00			`// Copyright 2021 The Casdoor Authors. All Rights Reserved.`
Refactor the auth code. 2021-02-14 16:59:08 +08:00			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

Improve provider table in app edit page. 2021-11-28 18:46:20 +08:00			`import React from "react";`
			`import {Tooltip} from "antd";`
Add innerParams. 2021-03-21 13:45:55 +08:00			`import * as Util from "./Util";`
Remove GitHub provider hacking code. 2022-03-19 19:43:54 +08:00			`import * as Setting from "../Setting";`
Refactor the auth code. 2021-02-14 16:59:08 +08:00
Add authInfo to js. 2021-10-09 22:15:43 +08:00			`const authInfo = {`
			`Google: {`
			`scope: "profile+email",`
			`endpoint: "https://accounts.google.com/signin/oauth",`
			`},`
			`GitHub: {`
			`scope: "user:email+read:user",`
			`endpoint: "https://github.com/login/oauth/authorize",`
			`},`
			`QQ: {`
			`scope: "get_user_info",`
			`endpoint: "https://graph.qq.com/oauth2.0/authorize",`
			`},`
			`WeChat: {`
			`scope: "snsapi_login",`
			`endpoint: "https://open.weixin.qq.com/connect/qrconnect",`
Support WeChat MP at the same time. 2021-12-20 23:36:28 +08:00			`mpScope: "snsapi_userinfo",`
			`mpEndpoint: "https://open.weixin.qq.com/connect/oauth2/authorize"`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			`},`
feat: add wechat mini program support (#658) * feat: add wechat mini program support Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: accept suggestions. Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: error message and code level modification Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: simplify the use process Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-04-15 11:49:56 +08:00			`WeChatMiniProgram: {`
			`endpoint: "https://mp.weixin.qq.com/",`
			`},`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			`Facebook: {`
			`scope: "email,public_profile",`
			`endpoint: "https://www.facebook.com/dialog/oauth",`
			`},`
			`DingTalk: {`
fix: use new dingtalk api and support qrcode method (#486) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-10 17:14:18 +08:00			`scope: "openid",`
			`endpoint: "https://login.dingtalk.com/oauth2/auth",`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			`},`
			`Weibo: {`
			`scope: "email",`
			`endpoint: "https://api.weibo.com/oauth2/authorize",`
			`},`
			`Gitee: {`
			`scope: "user_info%20emails",`
			`endpoint: "https://gitee.com/oauth/authorize",`
			`},`
			`LinkedIn: {`
			`scope: "r_liteprofile%20r_emailaddress",`
			`endpoint: "https://www.linkedin.com/oauth/v2/authorization",`
			`},`
			`WeCom: {`
			`scope: "snsapi_userinfo",`
			`endpoint: "https://open.work.weixin.qq.com/wwopen/sso/3rd_qrConnect",`
			`silentEndpoint: "https://open.weixin.qq.com/connect/oauth2/authorize",`
Support WeCom Internal sub type. 2022-01-28 23:57:54 +08:00			`internalEndpoint: "https://open.work.weixin.qq.com/wwopen/sso/qrConnect",`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			`},`
			`Lark: {`
			`// scope: "email",`
			`endpoint: "https://open.feishu.cn/open-apis/authen/v1/index",`
			`},`
			`GitLab: {`
			`scope: "read_user+profile",`
			`endpoint: "https://gitlab.com/oauth/authorize",`
			`},`
feat: add AD-FS support (#505) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-20 15:01:48 +08:00			`Adfs: {`
			`scope: "openid",`
			`endpoint: "http://example.com",`
			`},`
feat: add baidu support as idp (#438) * feat: add baidu support as idp Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: add license Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-01-22 19:36:44 +08:00			`Baidu: {`
			`scope: "basic",`
			`endpoint: "http://openapi.baidu.com/oauth/2.0/authorize",`
			`},`
feat: add Alipay support as idp (#638) * feat: add alipay support as idp * fix: rename a static svg icon * fix: sort imports * fix: no longer use pkcs8 package 2022-04-02 22:37:13 +08:00			`Alipay: {`
			`scope: "basic",`
			`endpoint: "https://openauth.alipay.com/oauth2/publicAppAuthorize.htm",`
			`},`
feat: add casdoor as itself idp support (#578) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-03-18 18:28:46 +08:00			`Casdoor: {`
			`scope: "openid%20profile%20email",`
			`endpoint: "http://example.com",`
			`},`
feat: add infoflow idp support (#472) * feat: add infoflow internal backend support Signed-off-by: Steve0x2a <stevesough@gmail.com> * feat: add infoflow idp support Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: copyright and comment Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-05 21:54:38 +08:00			`Infoflow: {`
			`endpoint: "https://xpc.im.baidu.com/oauth2/authorize",`
			`},`
feat: add three idp support by goth. (#351) 1. add 3 providers: apple, azuread(v1) and slack. 2. support importing providers from goth. Signed-off-by: 0x2a <stevesough@gmail.com> 2021-12-10 00:55:27 +08:00			`Apple: {`
			`scope: "name%20email",`
			`endpoint: "https://appleid.apple.com/auth/authorize",`
			`},`
			`AzureAD: {`
			`scope: "user_impersonation",`
			`endpoint: "https://login.microsoftonline.com/common/oauth2/authorize",`
			`},`
			`Slack: {`
			`scope: "users:read",`
			`endpoint: "https://slack.com/oauth/authorize",`
			`},`
feat: add steam support (#497) * feat: add steam support Signed-off-by: 0x2a <stevesough@gmail.com> * fix: wrong name Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-16 19:57:46 +08:00			`Steam: {`
			`endpoint: "https://steamcommunity.com/openid/login",`
			`},`
Add Okta OAuth provider (#729) 2022-05-01 18:31:42 +08:00			`Okta: {`
			`scope: "openid%20profile%20email",`
			`endpoint: "http://example.com",`
			`},`
feat: try to support custom OAuth provider (#667) * feat: try to support private provider * fix: modify code according to code review * feat: set example values for custom params 2022-04-16 17:17:45 +08:00			`Custom: {`
			`endpoint: "https://example.com/",`
			`},`
feat: add Bilibili OAuth (#720) * implemented bilibili oauth * add bilibili oauth * add document address * add frontend page * uncheck 2022-05-12 10:07:52 +08:00			`Bilibili: {`
			`endpoint: "https://passport.bilibili.com/register/pc_oauth2.html"`
			`}`
Improve non-oauth logos. 2021-10-10 00:04:25 +08:00			`};`

			`export function getProviderUrl(provider) {`
			`if (provider.category === "OAuth") {`
			`const endpoint = authInfo[provider.type].endpoint;`
			`const urlObj = new URL(endpoint);`
Improve provider logos. 2021-10-09 22:33:39 +08:00
Improve non-oauth logos. 2021-10-10 00:04:25 +08:00			`let host = urlObj.host;`
			`let tokens = host.split(".");`
			`if (tokens.length > 2) {`
			`tokens = tokens.slice(1);`
			`}`
			`host = tokens.join(".");`
Improve provider logos. 2021-10-09 22:33:39 +08:00
Improve non-oauth logos. 2021-10-10 00:04:25 +08:00			return `${urlObj.protocol}//${host}`;
			`} else {`
fix #687 (#688) fix the display bug on the personal binding information page 2022-04-21 21:52:34 +08:00			`return Setting.OtherProviderInfo[provider.category][provider.type].url;`
Improve non-oauth logos. 2021-10-10 00:04:25 +08:00			`}`
Improve provider logos. 2021-10-09 22:33:39 +08:00			`}`

Improve provider table in app edit page. 2021-11-28 18:46:20 +08:00			`export function getProviderLogoWidget(provider) {`
			`if (provider === undefined) {`
			`return null;`
			`}`

			`const url = getProviderUrl(provider);`
			`if (url !== "") {`
			`return (`
			`<Tooltip title={provider.type}>`
			`<a target="_blank" rel="noreferrer" href={getProviderUrl(provider)}>`
fix #687 (#688) fix the display bug on the personal binding information page 2022-04-21 21:52:34 +08:00			`<img width={36} height={36} src={Setting.getProviderLogoURL(provider)} alt={provider.displayName} />`
Improve provider table in app edit page. 2021-11-28 18:46:20 +08:00			`</a>`
			`</Tooltip>`
			`)`
			`} else {`
			`return (`
			`<Tooltip title={provider.type}>`
fix #687 (#688) fix the display bug on the personal binding information page 2022-04-21 21:52:34 +08:00			`<img width={36} height={36} src={Setting.getProviderLogoURL(provider)} alt={provider.displayName} />`
Improve provider table in app edit page. 2021-11-28 18:46:20 +08:00			`</Tooltip>`
			`)`
			`}`
			`}`

Check user under org. 2021-02-14 21:21:42 +08:00			`export function getAuthUrl(application, provider, method) {`
Add Link API. 2021-04-19 01:14:41 +08:00			`if (application === null \|\| provider === null) {`
			`return "";`
			`}`

Support WeCom Internal sub type. 2022-01-28 23:57:54 +08:00			`let endpoint = authInfo[provider.type].endpoint;`
Simplify callback URL. 2021-03-21 16:05:00 +08:00			const redirectUri = `${window.location.origin}/callback`;
Add authInfo to js. 2021-10-09 22:15:43 +08:00			`const scope = authInfo[provider.type].scope;`
Simplify callback URL. 2021-03-21 16:05:00 +08:00			`const state = Util.getQueryParamsToState(application.name, provider.name, method);`
Add authInfo to js. 2021-10-09 22:15:43 +08:00
Fix provider type. 2021-03-28 20:20:40 +08:00			`if (provider.type === "Google") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
Fix provider type. 2021-03-28 20:20:40 +08:00			`} else if (provider.type === "GitHub") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
Fix provider type. 2021-03-28 20:20:40 +08:00			`} else if (provider.type === "QQ") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
Fix provider type. 2021-03-28 20:20:40 +08:00			`} else if (provider.type === "WeChat") {`
Support WeChat MP at the same time. 2021-12-20 23:36:28 +08:00			`if (navigator.userAgent.includes("MicroMessenger")) {`
Add GetMaskedProvider() and GetMaskedProviders(). 2021-12-20 23:46:38 +08:00			return `${authInfo[provider.type].mpEndpoint}?appid=${provider.clientId2}&redirect_uri=${redirectUri}&state=${state}&scope=${authInfo[provider.type].mpScope}&response_type=code#wechat_redirect`;
feat: support mobile login with WeChat Official Accounts (#383) * fix: adjust the accessToken field Signed-off-by: 0x2a <stevesough@gmail.com> * fix: missing name and owner Signed-off-by: 0x2a <stevesough@gmail.com> * feat: support mobile login with WeChat Signed-off-by: 0x2a <stevesough@gmail.com> 2021-12-20 20:21:12 +08:00			`} else {`
Support WeChat MP at the same time. 2021-12-20 23:36:28 +08:00			return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}#wechat_redirect`;
feat: support mobile login with WeChat Official Accounts (#383) * fix: adjust the accessToken field Signed-off-by: 0x2a <stevesough@gmail.com> * fix: missing name and owner Signed-off-by: 0x2a <stevesough@gmail.com> * feat: support mobile login with WeChat Signed-off-by: 0x2a <stevesough@gmail.com> 2021-12-20 20:21:12 +08:00			`}`
feat: add facebook provider (#79) * feat: add facebook provider Signed-off-by: WindSpirit <simon343riley@gmail.com> * fix: set fb id to username and reformat Signed-off-by: WindSpirit <simon343riley@gmail.com> 2021-06-06 10:06:54 +08:00			`} else if (provider.type === "Facebook") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
feat: add dingtalk provider (#94) * feat: add dingtalk provider Signed-off-by: zKen <690898835@qq.com> * fix: amend the comment Signed-off-by: zKen <690898835@qq.com> 2021-06-09 11:15:49 +08:00			`} else if (provider.type === "DingTalk") {`
fix: use new dingtalk api and support qrcode method (#486) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-10 17:14:18 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}&prompt=consent`;
feat: add weibo provider Signed-off-by: wasabi <690898835@qq.com> 2021-06-10 16:55:31 +08:00			`} else if (provider.type === "Weibo") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
feat: add gitee provider (#104) * feat: add gitee provider Signed-off-by: wasabi <690898835@qq.com> * Update gitee.go Signed-off-by: wasabi <690898835@qq.com> 2021-06-14 12:53:07 +08:00			`} else if (provider.type === "Gitee") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
feat: add linkedin provider Signed-off-by: wasabi <690898835@qq.com> 2021-07-03 20:53:38 +08:00			`} else if (provider.type === "LinkedIn") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
feat: add lark provider (#264) Signed-off-by: sh1luo <690898835@qq.com> 2021-08-14 16:00:38 +08:00			`} else if (provider.type === "WeCom") {`
Support WeCom Internal sub type. 2022-01-28 23:57:54 +08:00			`if (provider.subType === "Internal") {`
			`if (provider.method === "Silent") {`
			`endpoint = authInfo[provider.type].silentEndpoint;`
			return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&scope=${scope}&response_type=code#wechat_redirect`;
			`} else if (provider.method === "Normal") {`
			`endpoint = authInfo[provider.type].internalEndpoint;`
			return `${endpoint}?appid=${provider.clientId}&agentid=${provider.appId}&redirect_uri=${redirectUri}&state=${state}&usertype=member`;
			`} else {`
			return `https://error:not-supported-provider-method:${provider.method}`;
			`}`
			`} else if (provider.subType === "Third-party") {`
			`if (provider.method === "Silent") {`
			`endpoint = authInfo[provider.type].silentEndpoint;`
			return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&scope=${scope}&response_type=code#wechat_redirect`;
			`} else if (provider.method === "Normal") {`
			return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&usertype=member`;
			`} else {`
			return `https://error:not-supported-provider-method:${provider.method}`;
			`}`
feat: support web-auth way for wecom (#275) Signed-off-by: sh1luo <690898835@qq.com> 2021-08-23 22:25:55 +08:00			`} else {`
Support WeCom Internal sub type. 2022-01-28 23:57:54 +08:00			return `https://error:not-supported-provider-sub-type:${provider.subType}`;
feat: support web-auth way for wecom (#275) Signed-off-by: sh1luo <690898835@qq.com> 2021-08-23 22:25:55 +08:00			`}`
feat: add lark provider (#264) Signed-off-by: sh1luo <690898835@qq.com> 2021-08-14 16:00:38 +08:00			`} else if (provider.type === "Lark") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?app_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}`;
feat: add gitlab provider (#273) Signed-off-by: sh1luo <690898835@qq.com> 2021-08-19 21:03:57 +08:00			`} else if (provider.type === "GitLab") {`
Add authInfo to js. 2021-10-09 22:15:43 +08:00			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
feat: add AD-FS support (#505) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-20 15:01:48 +08:00			`} else if (provider.type === "Adfs") {`
			return `${provider.domain}/adfs/oauth2/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&nonce=casdoor&scope=openid`;
feat: add baidu support as idp (#438) * feat: add baidu support as idp Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: add license Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-01-22 19:36:44 +08:00			`} else if (provider.type === "Baidu") {`
			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&display=popup`;
feat: add Alipay support as idp (#638) * feat: add alipay support as idp * fix: rename a static svg icon * fix: sort imports * fix: no longer use pkcs8 package 2022-04-02 22:37:13 +08:00			`} else if (provider.type === "Alipay") {`
			return `${endpoint}?app_id=${provider.clientId}&scope=auth_user&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&display=popup`;
feat: add casdoor as itself idp support (#578) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-03-18 18:28:46 +08:00			`} else if (provider.type === "Casdoor") {`
			return `${provider.domain}/login/oauth/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
feat: add infoflow idp support (#472) * feat: add infoflow internal backend support Signed-off-by: Steve0x2a <stevesough@gmail.com> * feat: add infoflow idp support Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: copyright and comment Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-05 21:54:38 +08:00			`} else if (provider.type === "Infoflow"){`
fix: missing state parameter (#478) Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-07 15:54:37 +08:00			return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}?state=${state}`
feat: add three idp support by goth. (#351) 1. add 3 providers: apple, azuread(v1) and slack. 2. support importing providers from goth. Signed-off-by: 0x2a <stevesough@gmail.com> 2021-12-10 00:55:27 +08:00			`} else if (provider.type === "Apple") {`
			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&response_mode=form_post`;
			`} else if (provider.type === "AzureAD") {`
			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&resource=https://graph.windows.net/`;
			`} else if (provider.type === "Slack") {`
			return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
feat: add steam support (#497) * feat: add steam support Signed-off-by: 0x2a <stevesough@gmail.com> * fix: wrong name Signed-off-by: Steve0x2a <stevesough@gmail.com> 2022-02-16 19:57:46 +08:00			`} else if (provider.type === "Steam") {`
			return `${endpoint}?openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.realm=${window.location.origin}&openid.return_to=${redirectUri}?state=${state}`;
Add Okta OAuth provider (#729) 2022-05-01 18:31:42 +08:00			`} else if (provider.type === "Okta") {`
			return `${provider.domain}/v1/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
feat: try to support custom OAuth provider (#667) * feat: try to support private provider * fix: modify code according to code review * feat: set example values for custom params 2022-04-16 17:17:45 +08:00			`} else if (provider.type === "Custom") {`
			return `${provider.customAuthUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${provider.customScope}&response_type=code&state=${state}`;
feat: add Bilibili OAuth (#720) * implemented bilibili oauth * add bilibili oauth * add document address * add frontend page * uncheck 2022-05-12 10:07:52 +08:00			`} else if (provider.type === "Bilibili") {`
			return `${endpoint}#/?client_id=${provider.clientId}&return_url=${redirectUri}&state=${state}&response_type=code`
			`}`
Refactor the auth code. 2021-02-14 16:59:08 +08:00			`}`