diff --git a/.gitignore b/.gitignore index 739f2f4..24f6b94 100644 --- a/.gitignore +++ b/.gitignore @@ -17,6 +17,7 @@ # Output of the go coverage tool, specifically when used with LiteIDE *.out +tmp # Dependency directories (remove the comment below to include it) # vendor/ @@ -352,4 +353,4 @@ dist # Azure Toolkit for IntelliJ plugin # https://plugins.jetbrains.com/plugin/8053-azure-toolkit-for-intellij -# End of https://www.toptal.com/developers/gitignore/api/go,intellij,webstorm,node \ No newline at end of file +# End of https://www.toptal.com/developers/gitignore/api/go,intellij,webstorm,node diff --git a/README.md b/README.md index 0558b7d..746f094 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ $ go get github.com/zeiss/fiber-goth ## Providers -* GitHub +* GitHub (github.com, Enterprise, and Enterprise Cloud) * Microsoft Entra ID ## Examples diff --git a/examples/main.go b/examples/main.go index 4895992..082a60e 100644 --- a/examples/main.go +++ b/examples/main.go @@ -7,7 +7,6 @@ import ( "log" "os" "sort" - "strings" goth "github.com/zeiss/fiber-goth" gorm_adapter "github.com/zeiss/fiber-goth/adapters/gorm" @@ -91,7 +90,7 @@ func run(_ context.Context) error { ga := gorm_adapter.New(conn) - providers.RegisterProvider(github.New(os.Getenv("GITHUB_KEY"), os.Getenv("GITHUB_SECRET"), "http://localhost:3000/auth/github/callback", github.WithAllowedOrgs(strings.Split(os.Getenv("GITHUB_ALLOWED_ORGS"), ",")...))) + providers.RegisterProvider(github.New(os.Getenv("GITHUB_KEY"), os.Getenv("GITHUB_SECRET"), "http://localhost:3000/auth/github/callback")) providers.RegisterProvider(entraid.New(os.Getenv("ENTRAID_CLIENT_ID"), os.Getenv("ENTRAID_CLIENT_SECRET"), "http://localhost:3000/auth/entraid/callback", entraid.TenantType(os.Getenv("ENTRAID_TENANT_ID")))) m := map[string]string{ diff --git a/providers/github/github.go b/providers/github/github.go index 0bbe8ac..77d8286 100644 --- a/providers/github/github.go +++ b/providers/github/github.go @@ -3,6 +3,7 @@ package github import ( "context" "errors" + "fmt" "net/http" "strconv" "strings" @@ -29,13 +30,6 @@ const NoopEmail = "" var _ providers.Provider = (*githubProvider)(nil) -var ( - AuthURL = "https://github.com/login/oauth/authorize" - TokenURL = "https://github.com/login/oauth/access_token" - UserURL = "https://api.github.com/user" - EmailURL = "https://api.github.com/user/emails" -) - // DefaultScopes holds the default scopes used for GitHub. var DefaultScopes = []string{"user:email", "read:user"} @@ -45,9 +39,6 @@ type githubProvider struct { clientKey string secret string callbackURL string - userURL string - emailURL string - authURL string enterpriseURL string allowedOrgs []string providerType providers.ProviderType @@ -75,6 +66,13 @@ func WithAllowedOrgs(orgs ...string) Opt { } } +// WithEnterpriseURL sets the enterprise URL for the GitHub provider. +func WithEnterpriseURL(url string) Opt { + return func(p *githubProvider) { + p.enterpriseURL = url + } +} + // New creates a new GitHub provider. func New(clientKey, secret, callbackURL string, opts ...Opt) *githubProvider { p := &githubProvider{ @@ -83,9 +81,6 @@ func New(clientKey, secret, callbackURL string, opts ...Opt) *githubProvider { clientKey: clientKey, secret: secret, callbackURL: callbackURL, - userURL: UserURL, - emailURL: EmailURL, - authURL: AuthURL, enterpriseURL: "", providerType: providers.ProviderTypeOAuth2, client: providers.DefaultClient, @@ -165,6 +160,13 @@ func (g *githubProvider) CompleteAuth(ctx context.Context, adapter adapters.Adap gc := github.NewClient(g.config.Client(ctx, token)) + if utilx.NotEmpty(g.enterpriseURL) { + gc, err = gc.WithEnterpriseURLs(g.enterpriseURL, g.enterpriseURL) + if err != nil { + return adapters.GothUser{}, err + } + } + gu, _, err := gc.Users.Get(ctx, "") if err != nil { return adapters.GothUser{}, err @@ -239,6 +241,10 @@ func newConfig(p *githubProvider, scopes ...string) *oauth2.Config { Scopes: append(DefaultScopes, scopes...), } + if utilx.NotEmpty(p.enterpriseURL) { + c.Endpoint = githubEnterpriseConfig(p.enterpriseURL) + } + return c } @@ -266,3 +272,11 @@ func checkEmail(emails ...*github.UserEmail) (string, error) { return NoopEmail, ErrNoVerifiedPrimaryEmail } + +func githubEnterpriseConfig(url string) oauth2.Endpoint { + return oauth2.Endpoint{ + AuthURL: fmt.Sprintf("%s/login/oauth/authorize", strings.TrimSuffix(url, "/")), + TokenURL: fmt.Sprintf("%s/login/oauth/access_token", strings.TrimSuffix(url, "/")), + DeviceAuthURL: fmt.Sprintf("%s/login/device/code", strings.TrimSuffix(url, "/")), + } +} diff --git a/tmp/main b/tmp/main deleted file mode 100755 index 0980513..0000000 Binary files a/tmp/main and /dev/null differ