llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-22 18:25:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: fix Apple OAuth issue (#2338)

Browse Source 
* feat: fix sign in with apple bug

* fix username
This commit is contained in:
UsherFall 2023-09-18 15:42:00 +08:00 committed by Yang Luo
parent 0fc48bb6cd
commit 7f298efebc
6 changed files with 38 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
authz/authz.go
View File

@ -46,6 +46,7 @@ p, *, *, POST, /api/login, *, *
p, *, *, GET, /api/get-app-login, *, * p, *, *, GET, /api/get-app-login, *, *
p, *, *, POST, /api/logout, *, * p, *, *, POST, /api/logout, *, *
p, *, *, GET, /api/logout, *, * p, *, *, GET, /api/logout, *, *
p, *, *, POST, /api/callback, *, *
p, *, *, GET, /api/get-account, *, * p, *, *, GET, /api/get-account, *, *
p, *, *, GET, /api/userinfo, *, * p, *, *, GET, /api/userinfo, *, *
p, *, *, GET, /api/user, *, * p, *, *, GET, /api/user, *, *

14
controllers/auth.go
View File

@ -20,6 +20,7 @@ import (
"encoding/xml" "encoding/xml"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"net/http"
"net/url" "net/url"
"strconv" "strconv"
"strings" "strings"
@ -896,3 +897,16 @@ func (c *ApiController) GetCaptchaStatus() {
} }
c.ResponseOk(captchaEnabled) c.ResponseOk(captchaEnabled)
} }
// Callback
// @Title Callback
// @Tag Callback API
// @Description Get Login Error Counts
// @router /api/Callback [post]
func (c *ApiController) Callback() {
code := c.GetString("code")
state := c.GetString("state")
frontendCallbackUrl := fmt.Sprintf("/callback?code=%s&state=%s", code, state)
c.Ctx.Redirect(http.StatusFound, frontendCallbackUrl)
}

10
idp/goth.go
View File

@ -19,6 +19,7 @@ import (
"net/http" "net/http"
"net/url" "net/url"
"reflect" "reflect"
"strings"
"time" "time"
"github.com/casdoor/casdoor/util" "github.com/casdoor/casdoor/util"
@ -97,6 +98,9 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
Session: &amazon.Session{}, Session: &amazon.Session{},
} }
case "Apple": case "Apple":
if !strings.Contains(redirectUrl, "/api/callback") {
redirectUrl = strings.Replace(redirectUrl, "/callback", "/api/callback", 1)
}
idp = GothIdProvider{ idp = GothIdProvider{
Provider: apple.New(clientId, clientSecret, redirectUrl, nil), Provider: apple.New(clientId, clientSecret, redirectUrl, nil),
Session: &apple.Session{}, Session: &apple.Session{},
@ -392,7 +396,9 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
// Goth's idp all implement the Client method, but since the goth.Provider interface does not provide to modify idp's client method, reflection is required // Goth's idp all implement the Client method, but since the goth.Provider interface does not provide to modify idp's client method, reflection is required
func (idp *GothIdProvider) SetHttpClient(client *http.Client) { func (idp *GothIdProvider) SetHttpClient(client *http.Client) {
idpClient := reflect.ValueOf(idp.Provider).Elem().FieldByName("HTTPClient") idpClient := reflect.ValueOf(idp.Provider).Elem().FieldByName("HTTPClient")
idpClient.Set(reflect.ValueOf(client)) if idpClient.IsValid() {
idpClient.Set(reflect.ValueOf(client))
}
} }
func (idp *GothIdProvider) GetToken(code string) (*oauth2.Token, error) { func (idp *GothIdProvider) GetToken(code string) (*oauth2.Token, error) {
@ -468,6 +474,8 @@ func getUser(gothUser goth.User, provider string) *UserInfo {
if provider == "steam" { if provider == "steam" {
user.Username = user.Id user.Username = user.Id
user.Email = "" user.Email = ""
} else if provider == "apple" {
user.Username = util.GetUsernameFromEmail(user.Email)
} }
return &user return &user
} }

1
routers/router.go
View File

@ -63,6 +63,7 @@ func initAPI() {
beego.Router("/api/webhook", &controllers.ApiController{}, "POST:HandleOfficialAccountEvent") beego.Router("/api/webhook", &controllers.ApiController{}, "POST:HandleOfficialAccountEvent")
beego.Router("/api/get-webhook-event", &controllers.ApiController{}, "GET:GetWebhookEventType") beego.Router("/api/get-webhook-event", &controllers.ApiController{}, "GET:GetWebhookEventType")
beego.Router("/api/get-captcha-status", &controllers.ApiController{}, "GET:GetCaptchaStatus") beego.Router("/api/get-captcha-status", &controllers.ApiController{}, "GET:GetCaptchaStatus")
beego.Router("/api/callback", &controllers.ApiController{}, "POST:Callback")
beego.Router("/api/get-organizations", &controllers.ApiController{}, "GET:GetOrganizations") beego.Router("/api/get-organizations", &controllers.ApiController{}, "GET:GetOrganizations")
beego.Router("/api/get-organization", &controllers.ApiController{}, "GET:GetOrganization") beego.Router("/api/get-organization", &controllers.ApiController{}, "GET:GetOrganization")

9
util/string.go
View File

@ -300,3 +300,12 @@ func GetValueFromDataSourceName(key string, dataSourceName string) string {
return "" return ""
} }
func GetUsernameFromEmail(email string) string {
tokens := strings.Split(email, "@")
if len(tokens) == 0 {
return uuid.NewString()
} else {
return tokens[0]
}
}

6
web/src/auth/Provider.js
View File

@ -379,7 +379,7 @@ export function getAuthUrl(application, provider, method) {
} }
let endpoint = authInfo[provider.type].endpoint; let endpoint = authInfo[provider.type].endpoint;
const redirectUri = `${window.location.origin}/callback`; let redirectUri = `${window.location.origin}/callback`;
const scope = authInfo[provider.type].scope; const scope = authInfo[provider.type].scope;
const isShortState = provider.type === "WeChat" && navigator.userAgent.includes("MicroMessenger"); const isShortState = provider.type === "WeChat" && navigator.userAgent.includes("MicroMessenger");
@ -390,6 +390,8 @@ export function getAuthUrl(application, provider, method) {
if (provider.domain !== "") { if (provider.domain !== "") {
endpoint = endpoint.replace("common", provider.domain); endpoint = endpoint.replace("common", provider.domain);
} }
} else if (provider.type === "Apple") {
redirectUri = `${window.location.origin}/api/callback`;
} }
if (provider.type === "Google" || provider.type === "GitHub" || provider.type === "QQ" || provider.type === "Facebook" if (provider.type === "Google" || provider.type === "GitHub" || provider.type === "QQ" || provider.type === "Facebook"
@ -448,7 +450,7 @@ export function getAuthUrl(application, provider, method) {
} else if (provider.type === "Infoflow") { } else if (provider.type === "Infoflow") {
return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}?state=${state}`; return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}?state=${state}`;
} else if (provider.type === "Apple") { } else if (provider.type === "Apple") {
return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&response_mode=form_post`; return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code%20id_token&scope=${scope}&response_mode=form_post`;
} else if (provider.type === "Steam") { } else if (provider.type === "Steam") {
return `${endpoint}?openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.realm=${window.location.origin}&openid.return_to=${redirectUri}?state=${state}`; return `${endpoint}?openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.realm=${window.location.origin}&openid.return_to=${redirectUri}?state=${state}`;
} else if (provider.type === "Okta") { } else if (provider.type === "Okta") {