feat: add token to the page for Chrome extension (#2804)

* feat: add token to the page for Chrome extension * Update token_oauth.go --------- Co-authored-by: Eric Luo <hsluoyz@qq.com>
2025-05-23 02:35:49 +08:00 · 2024-03-17 22:01:28 +08:00 · 2024-03-17 22:01:28 +08:00 · c8aa35c9c6
commit c8aa35c9c6
parent 6037f37b87
6 changed files with 59 additions and 0 deletions
--- a/controllers/account.go
+++ b/controllers/account.go
@ -307,6 +307,7 @@ func (c *ApiController) Logout() {
 		}

 		c.ClearUserSession()
+		c.ClearTokenSession()
 		owner, username := util.GetOwnerAndNameFromId(user)
 		_, err := object.DeleteSessionId(util.GetSessionId(owner, username, object.CasdoorApplication), c.Ctx.Input.CruSession.SessionID())
 		if err != nil {
@ -353,6 +354,7 @@ func (c *ApiController) Logout() {
 		}

 		c.ClearUserSession()
+		c.ClearTokenSession()
 		// TODO https://github.com/casdoor/casdoor/pull/1494#discussion_r1095675265
 		owner, username := util.GetOwnerAndNameFromId(user)

@ -433,6 +435,17 @@ func (c *ApiController) GetAccount() {
 		return
 	}

+	token := c.GetSessionToken()
+	if token == nil {
+		token, err = object.GetTokenForExtension(user, c.Ctx.Request.Host)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+		c.SetSessionToken(token)
+	}
+	u.AccessToken = token.AccessToken
+
 	resp := Response{
 		Status: "ok",
 		Sub:    user.Id,
--- a/controllers/base.go
+++ b/controllers/base.go
@ -122,6 +122,17 @@ func (c *ApiController) GetSessionUsername() string {
 	return user.(string)
 }

+func (c *ApiController) GetSessionToken() *object.Token {
+	tokenValue := c.GetSession("token")
+	var token *object.Token
+	var ok bool
+	if token, ok = tokenValue.(*object.Token); !ok {
+		token = nil
+	}
+
+	return token
+}
+
 func (c *ApiController) GetSessionApplication() *object.Application {
 	clientId := c.GetSession("aud")
 	if clientId == nil {
@ -141,6 +152,10 @@ func (c *ApiController) ClearUserSession() {
 	c.SetSessionData(nil)
 }

+func (c *ApiController) ClearTokenSession() {
+	c.SetSessionToken(nil)
+}
+
 func (c *ApiController) GetSessionOidc() (string, string) {
 	sessionData := c.GetSessionData()
 	if sessionData != nil &&
@ -167,6 +182,10 @@ func (c *ApiController) SetSessionUsername(user string) {
 	c.SetSession("username", user)
 }

+func (c *ApiController) SetSessionToken(token *object.Token) {
+	c.SetSession("token", token)
+}
+
 // GetSessionData ...
 func (c *ApiController) GetSessionData() *SessionData {
 	session := c.GetSession("SessionData")
--- a/object/init.go
+++ b/object/init.go
@ -45,6 +45,7 @@ func InitDb() {
 	}

 	initWebAuthn()
+	initToken()
 }

 func getBuiltInAccountItems() []*AccountItem {
@ -309,6 +310,10 @@ func initWebAuthn() {
 	gob.Register(webauthn.SessionData{})
 }

+func initToken() {
+	gob.Register(&Token{})
+}
+
 func initBuiltInUserModel() {
 	model, err := GetModel("built-in/user-model-built-in")
 	if err != nil {
--- a/object/token_oauth.go
+++ b/object/token_oauth.go
@ -726,3 +726,19 @@ func GetWechatMiniProgramToken(application *Application, code string, host strin
 	}
 	return token, nil, nil
 }
+
+func GetTokenForExtension(user *User, host string) (*Token, error) {
+	application, err := GetApplicationByUser(user)
+	if err != nil {
+		return nil, err
+	}
+	if application == nil {
+		return nil, fmt.Errorf("the application for user %s is not found", user.Id)
+	}
+
+	token, err := GetTokenByUser(application, user, "profile", "", host)
+	if err != nil {
+		return nil, err
+	}
+	return token, nil
+}
--- a/object/user.go
+++ b/object/user.go
@ -98,6 +98,7 @@ type User struct {
 	PreHash           string   `xorm:"varchar(100)" json:"preHash"`
 	AccessKey         string   `xorm:"varchar(100)" json:"accessKey"`
 	AccessSecret      string   `xorm:"varchar(100)" json:"accessSecret"`
+	AccessToken       string   `xorm:"mediumtext" json:"accessToken"`

 	CreatedIp      string `xorm:"varchar(100)" json:"createdIp"`
 	LastSigninTime string `xorm:"varchar(100)" json:"lastSigninTime"`
--- a/web/src/App.js
+++ b/web/src/App.js
@ -51,6 +51,7 @@ class App extends Component {
      classes: props,
      selectedMenuKey: 0,
      account: undefined,
+      accessToken: undefined,
      uri: null,
      themeAlgorithm: storageThemeAlgorithm,
      themeData: Conf.ThemeDefault,
@ -228,9 +229,11 @@ class App extends Component {
    AuthBackend.getAccount(query)
      .then((res) => {
        let account = null;
+        let accessToken = null;
        if (res.status === "ok") {
          account = res.data;
          account.organization = res.data2;
+          accessToken = res.data.accessToken;

          this.setLanguage(account);
          this.setTheme(Setting.getThemeData(account.organization), Conf.InitThemeAlgorithm);
@ -242,6 +245,7 @@ class App extends Component {

        this.setState({
          account: account,
+          accessToken: accessToken,
        });
      });
  }
@ -256,6 +260,7 @@ class App extends Component {
    return (
      <React.Fragment>
        {!this.state.account ? null : <div style={{display: "none"}} id="CasdoorApplicationName" value={this.state.account.signupApplication} />}
+        {!this.state.account ? null : <div style={{display: "none"}} id="CasdoorAccessToken" value={this.state.accessToken} />}
        <Footer id="footer" style={
          {
            textAlign: "center",