feat: add all remaining Goth providers to Casdoor OAuth login (#1484)

* feat: add Amazon support as OAuth 3rd-party login * refactor: comebine the same URLs * refactor: use hyper component to create login button * feat: add all remaining Goth providers to Casdoor OAuth login * refactor: remove redundant props * fix: check provider auth url and params
2025-05-23 02:35:49 +08:00 · 2023-02-04 12:20:18 +08:00 · 2023-02-04 12:20:18 +08:00 · 8698f4111a
commit 8698f4111a
parent fdccb8b22b
9 changed files with 631 additions and 92 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -174,13 +174,36 @@ func (c *ApiController) GetApplicationLogin() {
 }

 func setHttpClient(idProvider idp.IdProvider, providerType string) {
-	if providerType == "GitHub" || providerType == "Google" || providerType == "Facebook" || providerType == "LinkedIn" || providerType == "Steam" || providerType == "Line" {
+	if isProxyProviderType(providerType) {
 		idProvider.SetHttpClient(proxy.ProxyHttpClient)
 	} else {
 		idProvider.SetHttpClient(proxy.DefaultHttpClient)
 	}
 }

+func isProxyProviderType(providerType string) bool {
+	providerTypes := []string{
+		"GitHub",
+		"Google",
+		"Facebook",
+		"LinkedIn",
+		"Steam",
+		"Line",
+		"Amazon",
+		"Instagram",
+		"TikTok",
+		"Twitter",
+		"Uber",
+		"Yahoo",
+	}
+	for _, v := range providerTypes {
+		if strings.EqualFold(v, providerType) {
+			return true
+		}
+	}
+	return false
+}
+
 // Login ...
 // @Title Login
 // @Tag Login API
--- a/idp/goth.go
+++ b/idp/goth.go
@ -25,30 +25,59 @@ import (
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/providers/amazon"
 	"github.com/markbates/goth/providers/apple"
+	"github.com/markbates/goth/providers/auth0"
 	"github.com/markbates/goth/providers/azureadv2"
+	"github.com/markbates/goth/providers/battlenet"
 	"github.com/markbates/goth/providers/bitbucket"
+	"github.com/markbates/goth/providers/box"
+	"github.com/markbates/goth/providers/cloudfoundry"
+	"github.com/markbates/goth/providers/dailymotion"
+	"github.com/markbates/goth/providers/deezer"
 	"github.com/markbates/goth/providers/digitalocean"
 	"github.com/markbates/goth/providers/discord"
 	"github.com/markbates/goth/providers/dropbox"
+	"github.com/markbates/goth/providers/eveonline"
 	"github.com/markbates/goth/providers/facebook"
+	"github.com/markbates/goth/providers/fitbit"
 	"github.com/markbates/goth/providers/gitea"
 	"github.com/markbates/goth/providers/github"
 	"github.com/markbates/goth/providers/gitlab"
 	"github.com/markbates/goth/providers/google"
 	"github.com/markbates/goth/providers/heroku"
+	"github.com/markbates/goth/providers/influxcloud"
 	"github.com/markbates/goth/providers/instagram"
+	"github.com/markbates/goth/providers/intercom"
 	"github.com/markbates/goth/providers/kakao"
+	"github.com/markbates/goth/providers/lastfm"
 	"github.com/markbates/goth/providers/line"
 	"github.com/markbates/goth/providers/linkedin"
+	"github.com/markbates/goth/providers/mailru"
+	"github.com/markbates/goth/providers/meetup"
 	"github.com/markbates/goth/providers/microsoftonline"
+	"github.com/markbates/goth/providers/naver"
+	"github.com/markbates/goth/providers/nextcloud"
+	"github.com/markbates/goth/providers/onedrive"
+	"github.com/markbates/goth/providers/oura"
+	"github.com/markbates/goth/providers/patreon"
 	"github.com/markbates/goth/providers/paypal"
 	"github.com/markbates/goth/providers/salesforce"
 	"github.com/markbates/goth/providers/shopify"
 	"github.com/markbates/goth/providers/slack"
+	"github.com/markbates/goth/providers/soundcloud"
+	"github.com/markbates/goth/providers/spotify"
 	"github.com/markbates/goth/providers/steam"
+	"github.com/markbates/goth/providers/strava"
+	"github.com/markbates/goth/providers/stripe"
+	"github.com/markbates/goth/providers/tiktok"
 	"github.com/markbates/goth/providers/tumblr"
-	"github.com/markbates/goth/providers/twitter"
+	"github.com/markbates/goth/providers/twitch"
+	"github.com/markbates/goth/providers/twitterv2"
+	"github.com/markbates/goth/providers/typetalk"
+	"github.com/markbates/goth/providers/uber"
+	"github.com/markbates/goth/providers/wepay"
+	"github.com/markbates/goth/providers/xero"
 	"github.com/markbates/goth/providers/yahoo"
+	"github.com/markbates/goth/providers/yammer"
 	"github.com/markbates/goth/providers/yandex"
 	"github.com/markbates/goth/providers/zoom"
 	"golang.org/x/oauth2"
@ -77,11 +106,41 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: azureadv2.New(clientId, clientSecret, redirectUrl, azureadv2.ProviderOptions{Tenant: "common"}),
 			Session:  &azureadv2.Session{},
 		}
+	case "Auth0":
+		idp = GothIdProvider{
+			Provider: auth0.New(clientId, clientSecret, redirectUrl, "casdoor.auth0.com"),
+			Session:  &auth0.Session{},
+		}
+	case "BattleNet":
+		idp = GothIdProvider{
+			Provider: battlenet.New(clientId, clientSecret, redirectUrl),
+			Session:  &battlenet.Session{},
+		}
 	case "Bitbucket":
 		idp = GothIdProvider{
 			Provider: bitbucket.New(clientId, clientSecret, redirectUrl),
 			Session:  &bitbucket.Session{},
 		}
+	case "Box":
+		idp = GothIdProvider{
+			Provider: box.New(clientId, clientSecret, redirectUrl),
+			Session:  &box.Session{},
+		}
+	case "CloudFoundry":
+		idp = GothIdProvider{
+			Provider: cloudfoundry.New("", clientId, clientSecret, redirectUrl),
+			Session:  &cloudfoundry.Session{},
+		}
+	case "Dailymotion":
+		idp = GothIdProvider{
+			Provider: dailymotion.New(clientId, clientSecret, redirectUrl),
+			Session:  &dailymotion.Session{},
+		}
+	case "Deezer":
+		idp = GothIdProvider{
+			Provider: deezer.New(clientId, clientSecret, redirectUrl),
+			Session:  &deezer.Session{},
+		}
 	case "DigitalOcean":
 		idp = GothIdProvider{
 			Provider: digitalocean.New(clientId, clientSecret, redirectUrl),
@ -97,6 +156,16 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: dropbox.New(clientId, clientSecret, redirectUrl),
 			Session:  &dropbox.Session{},
 		}
+	case "EveOnline":
+		idp = GothIdProvider{
+			Provider: eveonline.New(clientId, clientSecret, redirectUrl),
+			Session:  &eveonline.Session{},
+		}
+	case "Fitbit":
+		idp = GothIdProvider{
+			Provider: fitbit.New(clientId, clientSecret, redirectUrl),
+			Session:  &fitbit.Session{},
+		}
 	case "Facebook":
 		idp = GothIdProvider{
 			Provider: facebook.New(clientId, clientSecret, redirectUrl),
@ -127,16 +196,31 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: heroku.New(clientId, clientSecret, redirectUrl),
 			Session:  &heroku.Session{},
 		}
+	case "InfluxCloud":
+		idp = GothIdProvider{
+			Provider: influxcloud.New(clientId, clientSecret, redirectUrl),
+			Session:  &influxcloud.Session{},
+		}
 	case "Instagram":
 		idp = GothIdProvider{
 			Provider: instagram.New(clientId, clientSecret, redirectUrl),
 			Session:  &instagram.Session{},
 		}
+	case "Intercom":
+		idp = GothIdProvider{
+			Provider: intercom.New(clientId, clientSecret, redirectUrl),
+			Session:  &intercom.Session{},
+		}
 	case "Kakao":
 		idp = GothIdProvider{
 			Provider: kakao.New(clientId, clientSecret, redirectUrl),
 			Session:  &kakao.Session{},
 		}
+	case "Lastfm":
+		idp = GothIdProvider{
+			Provider: lastfm.New(clientId, clientSecret, redirectUrl),
+			Session:  &lastfm.Session{},
+		}
 	case "Linkedin":
 		idp = GothIdProvider{
 			Provider: linkedin.New(clientId, clientSecret, redirectUrl),
@ -147,11 +231,46 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: line.New(clientId, clientSecret, redirectUrl),
 			Session:  &line.Session{},
 		}
+	case "Mailru":
+		idp = GothIdProvider{
+			Provider: mailru.New(clientId, clientSecret, redirectUrl),
+			Session:  &mailru.Session{},
+		}
+	case "Meetup":
+		idp = GothIdProvider{
+			Provider: meetup.New(clientId, clientSecret, redirectUrl),
+			Session:  &meetup.Session{},
+		}
 	case "MicrosoftOnline":
 		idp = GothIdProvider{
 			Provider: microsoftonline.New(clientId, clientSecret, redirectUrl),
 			Session:  &microsoftonline.Session{},
 		}
+	case "Naver":
+		idp = GothIdProvider{
+			Provider: naver.New(clientId, clientSecret, redirectUrl),
+			Session:  &naver.Session{},
+		}
+	case "Nextcloud":
+		idp = GothIdProvider{
+			Provider: nextcloud.New(clientId, clientSecret, redirectUrl),
+			Session:  &nextcloud.Session{},
+		}
+	case "OneDrive":
+		idp = GothIdProvider{
+			Provider: onedrive.New(clientId, clientSecret, redirectUrl),
+			Session:  &onedrive.Session{},
+		}
+	case "Oura":
+		idp = GothIdProvider{
+			Provider: oura.New(clientId, clientSecret, redirectUrl),
+			Session:  &oura.Session{},
+		}
+	case "Patreon":
+		idp = GothIdProvider{
+			Provider: patreon.New(clientId, clientSecret, redirectUrl),
+			Session:  &patreon.Session{},
+		}
 	case "Paypal":
 		idp = GothIdProvider{
 			Provider: paypal.New(clientId, clientSecret, redirectUrl),
@ -172,26 +291,81 @@ func NewGothIdProvider(providerType string, clientId string, clientSecret string
 			Provider: slack.New(clientId, clientSecret, redirectUrl),
 			Session:  &slack.Session{},
 		}
+	case "Soundcloud":
+		idp = GothIdProvider{
+			Provider: soundcloud.New(clientId, clientSecret, redirectUrl),
+			Session:  &soundcloud.Session{},
+		}
+	case "Spotify":
+		idp = GothIdProvider{
+			Provider: spotify.New(clientId, clientSecret, redirectUrl),
+			Session:  &spotify.Session{},
+		}
 	case "Steam":
 		idp = GothIdProvider{
 			Provider: steam.New(clientSecret, redirectUrl),
 			Session:  &steam.Session{},
 		}
+	case "Strava":
+		idp = GothIdProvider{
+			Provider: strava.New(clientId, clientSecret, redirectUrl),
+			Session:  &strava.Session{},
+		}
+	case "Stripe":
+		idp = GothIdProvider{
+			Provider: stripe.New(clientId, clientSecret, redirectUrl),
+			Session:  &stripe.Session{},
+		}
+	case "TikTok":
+		idp = GothIdProvider{
+			Provider: tiktok.New(clientId, clientSecret, redirectUrl),
+			Session:  &tiktok.Session{},
+		}
 	case "Tumblr":
 		idp = GothIdProvider{
 			Provider: tumblr.New(clientId, clientSecret, redirectUrl),
 			Session:  &tumblr.Session{},
 		}
+	case "Twitch":
+		idp = GothIdProvider{
+			Provider: twitch.New(clientId, clientSecret, redirectUrl),
+			Session:  &twitch.Session{},
+		}
 	case "Twitter":
 		idp = GothIdProvider{
-			Provider: twitter.New(clientId, clientSecret, redirectUrl),
-			Session:  &twitter.Session{},
+			Provider: twitterv2.New(clientId, clientSecret, redirectUrl),
+			Session:  &twitterv2.Session{},
+		}
+	case "Typetalk":
+		idp = GothIdProvider{
+			Provider: typetalk.New(clientId, clientSecret, redirectUrl),
+			Session:  &typetalk.Session{},
+		}
+	case "Uber":
+		idp = GothIdProvider{
+			Provider: uber.New(clientId, clientSecret, redirectUrl),
+			Session:  &uber.Session{},
+		}
+	case "Wepay":
+		idp = GothIdProvider{
+			Provider: wepay.New(clientId, clientSecret, redirectUrl),
+			Session:  &wepay.Session{},
+		}
+	case "Xero":
+		idp = GothIdProvider{
+			Provider: xero.New(clientId, clientSecret, redirectUrl),
+			Session:  &xero.Session{},
 		}
 	case "Yahoo":
 		idp = GothIdProvider{
 			Provider: yahoo.New(clientId, clientSecret, redirectUrl),
 			Session:  &yahoo.Session{},
 		}
+	case "Yammer":
+		idp = GothIdProvider{
+			Provider: yammer.New(clientId, clientSecret, redirectUrl),
+			Session:  &yammer.Session{},
+		}
 	case "Yandex":
 		idp = GothIdProvider{
 			Provider: yandex.New(clientId, clientSecret, redirectUrl),
@ -232,6 +406,9 @@ func (idp *GothIdProvider) GetToken(code string) (*oauth2.Token, error) {
 		// to call the function to obtain accessToken
 		value = url.Values{}
 		value.Add("code", code)
+		if idp.Provider.Name() == "twitterv2" || idp.Provider.Name() == "fitbit" {
+			value.Add("oauth_verifier", "casdoor-verifier")
+		}
 	}
 	accessToken, err := idp.Session.Authorize(idp.Provider, value)
 	if err != nil {
--- a/idp/provider.go
+++ b/idp/provider.go
@ -98,7 +98,61 @@ func GetIdProvider(typ string, subType string, clientId string, clientSecret str
 	return nil
 }

-var gothList = []string{"Apple", "AzureAD", "Slack", "Steam", "Line"}
+var gothList = []string{
+	"Apple",
+	"AzureAD",
+	"Slack",
+	"Steam",
+	"Line",
+	"Amazon",
+	"Auth0",
+	"BattleNet",
+	"Bitbucket",
+	"Box",
+	"CloudFoundry",
+	"Dailymotion",
+	"Deezer",
+	"DigitalOcean",
+	"Discord",
+	"Dropbox",
+	"EveOnline",
+	"Fitbit",
+	"Gitea",
+	"Heroku",
+	"InfluxCloud",
+	"Instagram",
+	"Intercom",
+	"Kakao",
+	"Lastfm",
+	"Mailru",
+	"Meetup",
+	"MicrosoftOnline",
+	"Naver",
+	"Nextcloud",
+	"OneDrive",
+	"Oura",
+	"Patreon",
+	"Paypal",
+	"SalesForce",
+	"Shopify",
+	"Soundcloud",
+	"Spotify",
+	"Strava",
+	"Stripe",
+	"TikTok",
+	"Tumblr",
+	"Twitch",
+	"Twitter",
+	"Typetalk",
+	"Uber",
+	"VK",
+	"Wepay",
+	"Xero",
+	"Yahoo",
+	"Yammer",
+	"Yandex",
+	"Zoom",
+}

 func isGothSupport(provider string) bool {
 	for _, value := range gothList {
--- a/object/user.go
+++ b/object/user.go
@ -78,32 +78,80 @@ type User struct {
 	LastSigninTime string `xorm:"varchar(100)" json:"lastSigninTime"`
 	LastSigninIp   string `xorm:"varchar(100)" json:"lastSigninIp"`

-	GitHub   string `xorm:"github varchar(100)" json:"github"`
-	Google   string `xorm:"varchar(100)" json:"google"`
-	QQ       string `xorm:"qq varchar(100)" json:"qq"`
-	WeChat   string `xorm:"wechat varchar(100)" json:"wechat"`
-	Facebook string `xorm:"facebook varchar(100)" json:"facebook"`
-	DingTalk string `xorm:"dingtalk varchar(100)" json:"dingtalk"`
-	Weibo    string `xorm:"weibo varchar(100)" json:"weibo"`
-	Gitee    string `xorm:"gitee varchar(100)" json:"gitee"`
-	LinkedIn string `xorm:"linkedin varchar(100)" json:"linkedin"`
-	Wecom    string `xorm:"wecom varchar(100)" json:"wecom"`
-	Lark     string `xorm:"lark varchar(100)" json:"lark"`
-	Gitlab   string `xorm:"gitlab varchar(100)" json:"gitlab"`
-	Adfs     string `xorm:"adfs varchar(100)" json:"adfs"`
-	Baidu    string `xorm:"baidu varchar(100)" json:"baidu"`
-	Alipay   string `xorm:"alipay varchar(100)" json:"alipay"`
-	Casdoor  string `xorm:"casdoor varchar(100)" json:"casdoor"`
-	Infoflow string `xorm:"infoflow varchar(100)" json:"infoflow"`
-	Apple    string `xorm:"apple varchar(100)" json:"apple"`
-	AzureAD  string `xorm:"azuread varchar(100)" json:"azuread"`
-	Slack    string `xorm:"slack varchar(100)" json:"slack"`
-	Steam    string `xorm:"steam varchar(100)" json:"steam"`
-	Bilibili string `xorm:"bilibili varchar(100)" json:"bilibili"`
-	Okta     string `xorm:"okta varchar(100)" json:"okta"`
-	Douyin   string `xorm:"douyin varchar(100)" json:"douyin"`
-	Line     string `xorm:"line varchar(100)" json:"line"`
-	Custom   string `xorm:"custom varchar(100)" json:"custom"`
+	GitHub          string `xorm:"github varchar(100)" json:"github"`
+	Google          string `xorm:"varchar(100)" json:"google"`
+	QQ              string `xorm:"qq varchar(100)" json:"qq"`
+	WeChat          string `xorm:"wechat varchar(100)" json:"wechat"`
+	Facebook        string `xorm:"facebook varchar(100)" json:"facebook"`
+	DingTalk        string `xorm:"dingtalk varchar(100)" json:"dingtalk"`
+	Weibo           string `xorm:"weibo varchar(100)" json:"weibo"`
+	Gitee           string `xorm:"gitee varchar(100)" json:"gitee"`
+	LinkedIn        string `xorm:"linkedin varchar(100)" json:"linkedin"`
+	Wecom           string `xorm:"wecom varchar(100)" json:"wecom"`
+	Lark            string `xorm:"lark varchar(100)" json:"lark"`
+	Gitlab          string `xorm:"gitlab varchar(100)" json:"gitlab"`
+	Adfs            string `xorm:"adfs varchar(100)" json:"adfs"`
+	Baidu           string `xorm:"baidu varchar(100)" json:"baidu"`
+	Alipay          string `xorm:"alipay varchar(100)" json:"alipay"`
+	Casdoor         string `xorm:"casdoor varchar(100)" json:"casdoor"`
+	Infoflow        string `xorm:"infoflow varchar(100)" json:"infoflow"`
+	Apple           string `xorm:"apple varchar(100)" json:"apple"`
+	AzureAD         string `xorm:"azuread varchar(100)" json:"azuread"`
+	Slack           string `xorm:"slack varchar(100)" json:"slack"`
+	Steam           string `xorm:"steam varchar(100)" json:"steam"`
+	Bilibili        string `xorm:"bilibili varchar(100)" json:"bilibili"`
+	Okta            string `xorm:"okta varchar(100)" json:"okta"`
+	Douyin          string `xorm:"douyin varchar(100)" json:"douyin"`
+	Line            string `xorm:"line varchar(100)" json:"line"`
+	Amazon          string `xorm:"amazon varchar(100)" json:"amazon"`
+	Auth0           string `xorm:"auth0 varchar(100)" json:"auth0"`
+	BattleNet       string `xorm:"battlenet varchar(100)" json:"battlenet"`
+	Bitbucket       string `xorm:"bitbucket varchar(100)" json:"bitbucket"`
+	Box             string `xorm:"box varchar(100)" json:"box"`
+	CloudFoundry    string `xorm:"cloudfoundry varchar(100)" json:"cloudfoundry"`
+	Dailymotion     string `xorm:"dailymotion varchar(100)" json:"dailymotion"`
+	Deezer          string `xorm:"deezer varchar(100)" json:"deezer"`
+	DigitalOcean    string `xorm:"digitalocean varchar(100)" json:"digitalocean"`
+	Discord         string `xorm:"discord varchar(100)" json:"discord"`
+	Dropbox         string `xorm:"dropbox varchar(100)" json:"dropbox"`
+	EveOnline       string `xorm:"eveonline varchar(100)" json:"eveonline"`
+	Fitbit          string `xorm:"fitbit varchar(100)" json:"fitbit"`
+	Gitea           string `xorm:"gitea varchar(100)" json:"gitea"`
+	Heroku          string `xorm:"heroku varchar(100)" json:"heroku"`
+	InfluxCloud     string `xorm:"influxcloud varchar(100)" json:"influxcloud"`
+	Instagram       string `xorm:"instagram varchar(100)" json:"instagram"`
+	Intercom        string `xorm:"intercom varchar(100)" json:"intercom"`
+	Kakao           string `xorm:"kakao varchar(100)" json:"kakao"`
+	Lastfm          string `xorm:"lastfm varchar(100)" json:"lastfm"`
+	Mailru          string `xorm:"mailru varchar(100)" json:"mailru"`
+	Meetup          string `xorm:"meetup varchar(100)" json:"meetup"`
+	MicrosoftOnline string `xorm:"microsoftonline varchar(100)" json:"microsoftonline"`
+	Naver           string `xorm:"naver varchar(100)" json:"naver"`
+	Nextcloud       string `xorm:"nextcloud varchar(100)" json:"nextcloud"`
+	OneDrive        string `xorm:"onedrive varchar(100)" json:"onedrive"`
+	Oura            string `xorm:"oura varchar(100)" json:"oura"`
+	Patreon         string `xorm:"patreon varchar(100)" json:"patreon"`
+	Paypal          string `xorm:"paypal varchar(100)" json:"paypal"`
+	SalesForce      string `xorm:"salesforce varchar(100)" json:"salesforce"`
+	Shopify         string `xorm:"shopify varchar(100)" json:"shopify"`
+	Soundcloud      string `xorm:"soundcloud varchar(100)" json:"soundcloud"`
+	Spotify         string `xorm:"spotify varchar(100)" json:"spotify"`
+	Strava          string `xorm:"strava varchar(100)" json:"strava"`
+	Stripe          string `xorm:"stripe varchar(100)" json:"stripe"`
+	TikTok          string `xorm:"tiktok varchar(100)" json:"tiktok"`
+	Tumblr          string `xorm:"tumblr varchar(100)" json:"tumblr"`
+	Twitch          string `xorm:"twitch varchar(100)" json:"twitch"`
+	Twitter         string `xorm:"twitter varchar(100)" json:"twitter"`
+	Typetalk        string `xorm:"typetalk varchar(100)" json:"typetalk"`
+	Uber            string `xorm:"uber varchar(100)" json:"uber"`
+	VK              string `xorm:"vk varchar(100)" json:"vk"`
+	Wepay           string `xorm:"wepay varchar(100)" json:"wepay"`
+	Xero            string `xorm:"xero varchar(100)" json:"xero"`
+	Yahoo           string `xorm:"yahoo varchar(100)" json:"yahoo"`
+	Yammer          string `xorm:"yammer varchar(100)" json:"yammer"`
+	Yandex          string `xorm:"yandex varchar(100)" json:"yandex"`
+	Zoom            string `xorm:"zoom varchar(100)" json:"zoom"`
+	Custom          string `xorm:"custom varchar(100)" json:"custom"`

 	WebauthnCredentials []webauthn.Credential `xorm:"webauthnCredentials blob" json:"webauthnCredentials"`

--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -779,6 +779,54 @@ export function getProviderTypeOptions(category) {
        {id: "Okta", name: "Okta"},
        {id: "Douyin", name: "Douyin"},
        {id: "Line", name: "Line"},
+        {id: "Amazon", name: "Amazon"},
+        {id: "Auth0", name: "Auth0"},
+        {id: "BattleNet", name: "Battle.net"},
+        {id: "Bitbucket", name: "Bitbucket"},
+        {id: "Box", name: "Box"},
+        {id: "CloudFoundry", name: "Cloud Foundry"},
+        {id: "Dailymotion", name: "Dailymotion"},
+        {id: "Deezer", name: "Deezer"},
+        {id: "DigitalOcean", name: "DigitalOcean"},
+        {id: "Discord", name: "Discord"},
+        {id: "Dropbox", name: "Dropbox"},
+        {id: "EveOnline", name: "Eve Online"},
+        {id: "Fitbit", name: "Fitbit"},
+        {id: "Gitea", name: "Gitea"},
+        {id: "Heroku", name: "Heroku"},
+        {id: "InfluxCloud", name: "InfluxCloud"},
+        {id: "Instagram", name: "Instagram"},
+        {id: "Intercom", name: "Intercom"},
+        {id: "Kakao", name: "Kakao"},
+        {id: "Lastfm", name: "Lastfm"},
+        {id: "Mailru", name: "Mailru"},
+        {id: "Meetup", name: "Meetup"},
+        {id: "MicrosoftOnline", name: "MicrosoftOnline"},
+        {id: "Naver", name: "Naver"},
+        {id: "Nextcloud", name: "Nextcloud"},
+        {id: "OneDrive", name: "OneDrive"},
+        {id: "Oura", name: "Oura"},
+        {id: "Patreon", name: "Patreon"},
+        {id: "Paypal", name: "Paypal"},
+        {id: "SalesForce", name: "SalesForce"},
+        {id: "Shopify", name: "Shopify"},
+        {id: "Soundcloud", name: "Soundcloud"},
+        {id: "Spotify", name: "Spotify"},
+        {id: "Strava", name: "Strava"},
+        {id: "Stripe", name: "Stripe"},
+        {id: "TikTok", name: "TikTok"},
+        {id: "Tumblr", name: "Tumblr"},
+        {id: "Twitch", name: "Twitch"},
+        {id: "Twitter", name: "Twitter"},
+        {id: "Typetalk", name: "Typetalk"},
+        {id: "Uber", name: "Uber"},
+        {id: "VK", name: "VK"},
+        {id: "Wepay", name: "Wepay"},
+        {id: "Xero", name: "Xero"},
+        {id: "Yahoo", name: "Yahoo"},
+        {id: "Yammer", name: "Yammer"},
+        {id: "Yandex", name: "Yandex"},
+        {id: "Zoom", name: "Zoom"},
        {id: "Custom", name: "Custom"},
      ]
    );
--- a/web/src/auth/LineLoginButton.js
+++ b/web/src/auth/LineLoginButton.js
@ -1,32 +0,0 @@
-// Copyright 2021 The Casdoor Authors. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-import {createButton} from "react-social-login-buttons";
-import {StaticBaseUrl} from "../Setting";
-
-function Icon({width = 24, height = 24, color}) {
-  return <img src={`${StaticBaseUrl}/buttons/line.svg`} alt="Sign in with Line" style={{width: 24, height: 24}} />;
-}
-
-const config = {
-  text: "Sign in with Line",
-  icon: Icon,
-  iconFormat: name => `fa fa-${name}`,
-  style: {background: "#ffffff", color: "#000000"},
-  activeStyle: {background: "#ededee"},
-};
-
-const LineLoginButton = createButton(config);
-
-export default LineLoginButton;
--- a/web/src/auth/LoginButton.js
+++ b/web/src/auth/LoginButton.js
@ -0,0 +1,34 @@
+// Copyright 2023 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import i18next from "i18next";
+import {createButton} from "react-social-login-buttons";
+import {StaticBaseUrl} from "../Setting";
+
+function LoginButton({type, align = "center", style = {background: "#ffffff", color: "#000000"}, activeStyle = {background: "#ededee"}}) {
+  function Icon({width = 24, height = 24, color}) {
+    return <img src={`${StaticBaseUrl}/buttons/${type.toLowerCase()}.svg`} alt={`Sign in with ${type}`} style={{width: width, height: height}} />;
+  }
+  const config = {
+    text: `Sign in with ${type}`,
+    icon: Icon,
+    style: style,
+    activeStyle: activeStyle,
+  };
+  const Button = createButton(config);
+  const text = i18next.t("login:Sign in with {type}").replace("{type}", type);
+  return <Button text={text} align={align} />;
+}
+
+export default LoginButton;
--- a/web/src/auth/Provider.js
+++ b/web/src/auth/Provider.js
@ -125,6 +125,198 @@ const authInfo = {
    scope: "profile%20openid%20email",
    endpoint: "https://access.line.me/oauth2/v2.1/authorize",
  },
+  Amazon: {
+    scope: "profile",
+    endpoint: "https://www.amazon.com/ap/oa",
+  },
+  Auth0: {
+    scope: "openid%20profile%20email",
+    endpoint: "http://auth0.com/authorize",
+  },
+  BattleNet: {
+    scope: "openid",
+    endpoint: "https://oauth.battlenet.com.cn/authorize",
+  },
+  Bitbucket: {
+    scope: "account",
+    endpoint: "https://bitbucket.org/site/oauth2/authorize",
+  },
+  Box: {
+    scope: "root_readwrite",
+    endpoint: "https://account.box.com/api/oauth2/authorize",
+  },
+  CloudFoundry: {
+    scope: "cloud_controller.read",
+    endpoint: "https://login.cloudfoundry.org/oauth/authorize",
+  },
+  Dailymotion: {
+    scope: "userinfo",
+    endpoint: "https://api.dailymotion.com/oauth/authorize",
+  },
+  Deezer: {
+    scope: "basic_access",
+    endpoint: "https://connect.deezer.com/oauth/auth.php",
+  },
+  DigitalOcean: {
+    scope: "read",
+    endpoint: "https://cloud.digitalocean.com/v1/oauth/authorize",
+  },
+  Discord: {
+    scope: "identify%20email",
+    endpoint: "https://discord.com/api/oauth2/authorize",
+  },
+  Dropbox: {
+    scope: "account_info.read",
+    endpoint: "https://www.dropbox.com/oauth2/authorize",
+  },
+  EveOnline: {
+    scope: "publicData",
+    endpoint: "https://login.eveonline.com/oauth/authorize",
+  },
+  Fitbit: {
+    scope: "activity%20heartrate%20location%20nutrition%20profile%20settings%20sleep%20social%20weight",
+    endpoint: "https://www.fitbit.com/oauth2/authorize",
+  },
+  Gitea: {
+    scope: "user:email",
+    endpoint: "https://gitea.com/login/oauth/authorize",
+  },
+  Heroku: {
+    scope: "global",
+    endpoint: "https://id.heroku.com/oauth/authorize",
+  },
+  InfluxCloud: {
+    scope: "read:org",
+    endpoint: "https://cloud2.influxdata.com/oauth/authorize",
+  },
+  Instagram: {
+    scope: "user_profile",
+    endpoint: "https://api.instagram.com/oauth/authorize",
+  },
+  Intercom: {
+    scope: "user.read",
+    endpoint: "https://app.intercom.com/oauth",
+  },
+  Kakao: {
+    scope: "account_email",
+    endpoint: "https://kauth.kakao.com/oauth/authorize",
+  },
+  Lastfm: {
+    scope: "user_read",
+    endpoint: "https://www.last.fm/api/auth",
+  },
+  Mailru: {
+    scope: "userinfo",
+    endpoint: "https://oauth.mail.ru/login",
+  },
+  Meetup: {
+    scope: "basic",
+    endpoint: "https://secure.meetup.com/oauth2/authorize",
+  },
+  MicrosoftOnline: {
+    scope: "openid%20profile%20email",
+    endpoint: "https://login.microsoftonline.com/common/oauth2/v2.0/authorize",
+  },
+  Naver: {
+    scope: "profile",
+    endpoint: "https://nid.naver.com/oauth2.0/authorize",
+  },
+  Nextcloud: {
+    scope: "openid%20profile%20email",
+    endpoint: "https://cloud.example.org/apps/oauth2/authorize",
+  },
+  OneDrive: {
+    scope: "offline_access%20onedrive.readonly",
+    endpoint: "https://login.live.com/oauth20_authorize.srf",
+  },
+  Oura: {
+    scope: "personal",
+    endpoint: "https://cloud.ouraring.com/oauth/authorize",
+  },
+  Patreon: {
+    scope: "identity",
+    endpoint: "https://www.patreon.com/oauth2/authorize",
+  },
+  Paypal: {
+    scope: "openid%20profile%20email",
+    endpoint: "https://www.sandbox.paypal.com/connect",
+  },
+  SalesForce: {
+    scope: "openid%20profile%20email",
+    endpoint: "https://login.salesforce.com/services/oauth2/authorize",
+  },
+  Shopify: {
+    scope: "read_products",
+    endpoint: "https://myshopify.com/admin/oauth/authorize",
+  },
+  Soundcloud: {
+    scope: "non-expiring",
+    endpoint: "https://api.soundcloud.com/connect",
+  },
+  Spotify: {
+    scope: "user-read-email",
+    endpoint: "https://accounts.spotify.com/authorize",
+  },
+  Strava: {
+    scope: "read",
+    endpoint: "https://www.strava.com/oauth/authorize",
+  },
+  Stripe: {
+    scope: "read_only",
+    endpoint: "https://connect.stripe.com/oauth/authorize",
+  },
+  TikTok: {
+    scope: "user.info.basic",
+    endpoint: "https://www.tiktok.com/auth/authorize/",
+  },
+  Tumblr: {
+    scope: "email",
+    endpoint: "https://www.tumblr.com/oauth2/authorize",
+  },
+  Twitch: {
+    scope: "user_read",
+    endpoint: "https://id.twitch.tv/oauth2/authorize",
+  },
+  Twitter: {
+    scope: "users.read",
+    endpoint: "https://twitter.com/i/oauth2/authorize",
+  },
+  Typetalk: {
+    scope: "my",
+    endpoint: "https://typetalk.com/oauth2/authorize",
+  },
+  Uber: {
+    scope: "profile",
+    endpoint: "https://login.uber.com/oauth/v2/authorize",
+  },
+  VK: {
+    scope: "email",
+    endpoint: "https://oauth.vk.com/authorize",
+  },
+  Wepay: {
+    scope: "manage_accounts%20view_user",
+    endpoint: "https://www.wepay.com/v2/oauth2/authorize",
+  },
+  Xero: {
+    scope: "openid%20profile%20email",
+    endpoint: "https://login.xero.com/identity/connect/authorize",
+  },
+  Yahoo: {
+    scope: "openid%20profile%20email",
+    endpoint: "https://api.login.yahoo.com/oauth2/request_auth",
+  },
+  Yammer: {
+    scope: "user",
+    endpoint: "https://www.yammer.com/oauth2/authorize",
+  },
+  Yandex: {
+    scope: "login:email",
+    endpoint: "https://oauth.yandex.com/authorize",
+  },
+  Zoom: {
+    scope: "user:read",
+    endpoint: "https://zoom.us/oauth/authorize",
+  },
 };

 export function getProviderUrl(provider) {
@ -184,12 +376,19 @@ export function getAuthUrl(application, provider, method) {

  const isShortState = provider.type === "WeChat" && navigator.userAgent.includes("MicroMessenger");
  const state = Util.getStateFromQueryParams(application.name, provider.name, method, isShortState);
+  const codeChallenge = "P3S-a7dr8bgM4bF6vOyiKkKETDl16rcAzao9F8UIL1Y"; // SHA256(Base64-URL-encode("casdoor-verifier"))

-  if (provider.type === "Google") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
-  } else if (provider.type === "GitHub") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
-  } else if (provider.type === "QQ") {
+  if (provider.type === "Google" || provider.type === "GitHub" || provider.type === "QQ" || provider.type === "Facebook" || provider.type === "DingTalk"
+    || provider.type === "Weibo" || provider.type === "Gitee" || provider.type === "LinkedIn" || provider.type === "GitLab" || provider.type === "AzureAD"
+    || provider.type === "Slack" || provider.type === "Line" || provider.type === "Amazon" || provider.type === "Auth0" || provider.type === "BattleNet"
+    || provider.type === "Bitbucket" || provider.type === "Box" || provider.type === "CloudFoundry" || provider.type === "Dailymotion"
+    || provider.type === "DigitalOcean" || provider.type === "Discord" || provider.type === "Dropbox" || provider.type === "EveOnline" || provider.type === "Gitea"
+    || provider.type === "Heroku" || provider.type === "InfluxCloud" || provider.type === "Instagram" || provider.type === "Intercom" || provider.type === "Kakao"
+    || provider.type === "MailRu" || provider.type === "Meetup" || provider.type === "MicrosoftOnline" || provider.type === "Naver" || provider.type === "Nextcloud"
+    || provider.type === "OneDrive" || provider.type === "Oura" || provider.type === "Patreon" || provider.type === "PayPal" || provider.type === "SalesForce"
+    || provider.type === "SoundCloud" || provider.type === "Spotify" || provider.type === "Strava" || provider.type === "Stripe" || provider.type === "Tumblr"
+    || provider.type === "Twitch" || provider.type === "Typetalk" || provider.type === "Uber" || provider.type === "VK" || provider.type === "Wepay"
+    || provider.type === "Xero" || provider.type === "Yahoo" || provider.type === "Yammer" || provider.type === "Yandex" || provider.type === "Zoom") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "WeChat") {
    if (navigator.userAgent.includes("MicroMessenger")) {
@ -197,16 +396,6 @@ export function getAuthUrl(application, provider, method) {
    } else {
      return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}#wechat_redirect`;
    }
-  } else if (provider.type === "Facebook") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
-  } else if (provider.type === "DingTalk") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}&prompt=consent`;
-  } else if (provider.type === "Weibo") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
-  } else if (provider.type === "Gitee") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
-  } else if (provider.type === "LinkedIn") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&response_type=code&state=${state}`;
  } else if (provider.type === "WeCom") {
    if (provider.subType === "Internal") {
      if (provider.method === "Silent") {
@ -232,8 +421,6 @@ export function getAuthUrl(application, provider, method) {
    }
  } else if (provider.type === "Lark") {
    return `${endpoint}?app_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}`;
-  } else if (provider.type === "GitLab") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Adfs") {
    return `${provider.domain}/adfs/oauth2/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&nonce=casdoor&scope=openid`;
  } else if (provider.type === "Baidu") {
@ -246,21 +433,23 @@ export function getAuthUrl(application, provider, method) {
    return `${endpoint}?appid=${provider.clientId}&redirect_uri=${redirectUri}?state=${state}`;
  } else if (provider.type === "Apple") {
    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&response_mode=form_post`;
-  } else if (provider.type === "AzureAD") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
-  } else if (provider.type === "Slack") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Steam") {
    return `${endpoint}?openid.claimed_id=http://specs.openid.net/auth/2.0/identifier_select&openid.identity=http://specs.openid.net/auth/2.0/identifier_select&openid.mode=checkid_setup&openid.ns=http://specs.openid.net/auth/2.0&openid.realm=${window.location.origin}&openid.return_to=${redirectUri}?state=${state}`;
  } else if (provider.type === "Okta") {
    return `${provider.domain}/v1/authorize?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
-  } else if (provider.type === "Douyin") {
+  } else if (provider.type === "Douyin" || provider.type === "TikTok") {
    return `${endpoint}?client_key=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
  } else if (provider.type === "Custom") {
    return `${provider.customAuthUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${provider.customScope}&response_type=code&state=${state}`;
  } else if (provider.type === "Bilibili") {
    return `${endpoint}#/?client_id=${provider.clientId}&return_url=${redirectUri}&state=${state}&response_type=code`;
-  } else if (provider.type === "Line") {
-    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}`;
+  } else if (provider.type === "Deezer") {
+    return `${endpoint}?app_id=${provider.clientId}&redirect_uri=${redirectUri}&perms=${scope}`;
+  } else if (provider.type === "Lastfm") {
+    return `${endpoint}?api_key=${provider.clientId}&cb=${redirectUri}`;
+  } else if (provider.type === "Shopify") {
+    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&scope=${scope}&state=${state}&grant_options[]=per-user`;
+  } else if (provider.type === "Twitter" || provider.type === "Fitbit") {
+    return `${endpoint}?client_id=${provider.clientId}&redirect_uri=${redirectUri}&state=${state}&response_type=code&scope=${scope}&code_challenge=${codeChallenge}&code_challenge_method=S256`;
  }
 }
--- a/web/src/auth/ProviderButton.js
+++ b/web/src/auth/ProviderButton.js
@ -39,7 +39,7 @@ import SteamLoginButton from "./SteamLoginButton";
 import BilibiliLoginButton from "./BilibiliLoginButton";
 import OktaLoginButton from "./OktaLoginButton";
 import DouyinLoginButton from "./DouyinLoginButton";
-import LineLoginButton from "./LineLoginButton";
+import LoginButton from "./LoginButton";
 import * as AuthBackend from "./AuthBackend";
 import {getEvent} from "./Util";
 import {Modal} from "antd";
@ -94,11 +94,9 @@ function getSigninButton(type) {
    return <OktaLoginButton text={text} align={"center"} />;
  } else if (type === "Douyin") {
    return <DouyinLoginButton text={text} align={"center"} />;
-  } else if (type === "Line") {
-    return <LineLoginButton text={text} align={"center"} />;
+  } else {
+    return <LoginButton key={type} type={type} />;
  }
-
-  return text;
 }

 function getSamlUrl(provider, location) {