Commit 0a46f9d9 authored by Jordi Mallach's avatar Jordi Mallach 🔥

Add Phabricator OAuth2 support.

parent 261c9a9f
......@@ -372,9 +372,10 @@ func (a *App) trackConfig() {
})
a.SendDiagnostic(TRACK_CONFIG_OAUTH, map[string]interface{}{
"enable_gitlab": cfg.GitLabSettings.Enable,
"enable_google": cfg.GoogleSettings.Enable,
"enable_office365": cfg.Office365Settings.Enable,
"enable_gitlab": cfg.GitLabSettings.Enable,
"enable_phabricator": cfg.PhabricatorSettings.Enable,
"enable_google": cfg.GoogleSettings.Enable,
"enable_office365": cfg.Office365Settings.Enable,
})
a.SendDiagnostic(TRACK_CONFIG_SUPPORT, map[string]interface{}{
......
......@@ -705,9 +705,8 @@ func (a *App) AuthorizeOAuthUser(w http.ResponseWriter, r *http.Request, service
return nil, "", stateProps, model.NewAppError("AuthorizeOAuthUser", "api.user.authorize_oauth_user.missing.app_error", nil, "response_body="+string(bodyBytes), http.StatusInternalServerError)
}
p = url.Values{}
p.Set("access_token", ar.AccessToken)
req, _ = http.NewRequest("GET", sso.UserApiEndpoint, strings.NewReader(""))
endpointUrl := sso.UserApiEndpoint+"?access_token="+ar.AccessToken
req, _ = http.NewRequest("GET", endpointUrl, strings.NewReader(""))
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Accept", "application/json")
......
......@@ -12,6 +12,7 @@ import (
// Plugins
_ "github.com/mattermost/mattermost-server/model/gitlab"
_ "github.com/mattermost/mattermost-server/model/phabricator"
// Enterprise Imports
_ "github.com/mattermost/mattermost-server/imports"
......
......@@ -169,7 +169,7 @@ Examples:
Arguments:
from_auth:
The authentication service to migrate users accounts from.
Supported options: email, gitlab, ldap, saml.
Supported options: email, gitlab, phabricator, ldap, saml.
to_auth:
The authentication service to migrate users to.
......@@ -193,7 +193,7 @@ Examples:
Arguments:
from_auth:
The authentication service to migrate users accounts from.
Supported options: email, gitlab, ldap, saml.
Supported options: email, gitlab, phabricator, ldap, saml.
to_auth:
The authentication service to migrate users to.
......@@ -512,7 +512,7 @@ func migrateAuthToLdapCmdF(cmd *cobra.Command, args []string) error {
fromAuth := args[0]
matchField := args[2]
if len(fromAuth) == 0 || (fromAuth != "email" && fromAuth != "gitlab" && fromAuth != "saml") {
if len(fromAuth) == 0 || (fromAuth != "email" && fromAuth != "gitlab" && fromAuth != "phabricator" && fromAuth != "saml") {
return errors.New("Invalid from_auth argument")
}
......@@ -564,7 +564,7 @@ func migrateAuthToSamlCmdF(cmd *cobra.Command, args []string) error {
fromAuth := args[0]
if len(fromAuth) == 0 || (fromAuth != "email" && fromAuth != "gitlab" && fromAuth != "ldap") {
if len(fromAuth) == 0 || (fromAuth != "email" && fromAuth != "gitlab" && fromAuth != "phabricator" && fromAuth != "ldap") {
return errors.New("Invalid from_auth argument")
}
......
......@@ -220,6 +220,15 @@
"TokenEndpoint": "",
"UserApiEndpoint": ""
},
"PhabricatorSettings": {
"Enable": false,
"Secret": "",
"Id": "",
"Scope": "",
"AuthEndpoint": "",
"TokenEndpoint": "",
"UserApiEndpoint": ""
},
"GoogleSettings": {
"Enable": false,
"Secret": "",
......
......@@ -31,9 +31,10 @@ const (
PASSWORD_MAXIMUM_LENGTH = 64
PASSWORD_MINIMUM_LENGTH = 5
SERVICE_GITLAB = "gitlab"
SERVICE_GOOGLE = "google"
SERVICE_OFFICE365 = "office365"
SERVICE_GITLAB = "gitlab"
SERVICE_PHABRICATOR = "phabricator"
SERVICE_GOOGLE = "google"
SERVICE_OFFICE365 = "office365"
WEBSERVER_MODE_REGULAR = "regular"
WEBSERVER_MODE_GZIP = "gzip"
......@@ -1692,6 +1693,7 @@ type Config struct {
AnnouncementSettings AnnouncementSettings
ThemeSettings ThemeSettings
GitLabSettings SSOSettings
PhabricatorSettings SSOSettings
GoogleSettings SSOSettings
Office365Settings SSOSettings
LdapSettings LdapSettings
......@@ -1727,6 +1729,8 @@ func (o *Config) GetSSOService(service string) *SSOSettings {
switch service {
case SERVICE_GITLAB:
return &o.GitLabSettings
case SERVICE_PHABRICATOR:
return &o.PhabricatorSettings
case SERVICE_GOOGLE:
return &o.GoogleSettings
case SERVICE_OFFICE365:
......
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package model
const (
USER_AUTH_SERVICE_PHABRICATOR = "phabricator"
)
// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
// See License.txt for license information.
package oauthphabricator
import (
"encoding/json"
"io"
"strings"
"github.com/mattermost/mattermost-server/einterfaces"
"github.com/mattermost/mattermost-server/model"
)
type PhabricatorProvider struct {
}
type PhabricatorUser struct {
Id string `json:"phid"`
Username string `json:"userName"`
Email string `json:"primaryEmail"`
Name string `json:"realName"`
}
type PhabricatorConduitResult struct {
User PhabricatorUser `json:"result"`
}
func init() {
provider := &PhabricatorProvider{}
einterfaces.RegisterOauthProvider(model.USER_AUTH_SERVICE_PHABRICATOR, provider)
}
func userFromPhabricatorUser(phu *PhabricatorUser) *model.User {
user := &model.User{}
user.Username = model.CleanUsername(phu.Username)
splitName := strings.Split(phu.Name, " ")
if len(splitName) == 2 {
user.FirstName = splitName[0]
user.LastName = splitName[1]
} else if len(splitName) >= 2 {
user.FirstName = splitName[0]
user.LastName = strings.Join(splitName[1:], " ")
} else {
user.FirstName = phu.Name
}
strings.TrimSpace(user.Email)
user.Email = phu.Email
userId := phu.getAuthData()
user.AuthData = &userId
user.AuthService = model.USER_AUTH_SERVICE_PHABRICATOR
return user
}
func phabricatorUserFromJson(data io.Reader) *PhabricatorUser {
decoder := json.NewDecoder(data)
var phc PhabricatorConduitResult
err := decoder.Decode(&phc)
if err == nil {
return &phc.User
} else {
return nil
}
}
func (phu *PhabricatorUser) ToJson() string {
b, err := json.Marshal(phu)
if err != nil {
return ""
} else {
return string(b)
}
}
func (phu *PhabricatorUser) IsValid() bool {
if len(phu.Id) == 0 {
return false
}
if len(phu.Email) == 0 {
return false
}
return true
}
func (phu *PhabricatorUser) getAuthData() string {
return strings.Replace(phu.Id, "PHID-USER-", "PHID--", 1)
}
func (m *PhabricatorProvider) GetIdentifier() string {
return model.USER_AUTH_SERVICE_PHABRICATOR
}
func (m *PhabricatorProvider) GetUserFromJson(data io.Reader) *model.User {
phu := phabricatorUserFromJson(data)
if phu.IsValid() {
return userFromPhabricatorUser(phu)
}
return &model.User{}
}
func (m *PhabricatorProvider) GetAuthDataFromJson(data io.Reader) string {
phu := phabricatorUserFromJson(data)
if phu.IsValid() {
return phu.getAuthData()
}
return ""
}
......@@ -33,6 +33,7 @@ func (o *SwitchRequest) EmailToOAuth() bool {
return o.CurrentService == USER_AUTH_SERVICE_EMAIL &&
(o.NewService == USER_AUTH_SERVICE_SAML ||
o.NewService == USER_AUTH_SERVICE_GITLAB ||
o.NewService == USER_AUTH_SERVICE_PHABRICATOR ||
o.NewService == SERVICE_GOOGLE ||
o.NewService == SERVICE_OFFICE365)
}
......@@ -40,6 +41,7 @@ func (o *SwitchRequest) EmailToOAuth() bool {
func (o *SwitchRequest) OAuthToEmail() bool {
return (o.CurrentService == USER_AUTH_SERVICE_SAML ||
o.CurrentService == USER_AUTH_SERVICE_GITLAB ||
o.CurrentService == USER_AUTH_SERVICE_PHABRICATOR ||
o.CurrentService == SERVICE_GOOGLE ||
o.CurrentService == SERVICE_OFFICE365) && o.NewService == USER_AUTH_SERVICE_EMAIL
}
......
......@@ -471,7 +471,7 @@ func (u *User) IsSSOUser() bool {
}
func (u *User) IsOAuthUser() bool {
return u.AuthService == USER_AUTH_SERVICE_GITLAB
return u.AuthService == USER_AUTH_SERVICE_GITLAB || u.AuthService == USER_AUTH_SERVICE_PHABRICATOR
}
func (u *User) IsLDAPUser() bool {
......
......@@ -406,6 +406,7 @@ func GenerateClientConfig(c *model.Config, diagnosticId string, license *model.L
props["EmailLoginButtonTextColor"] = *c.EmailSettings.LoginButtonTextColor
props["EnableSignUpWithGitLab"] = strconv.FormatBool(c.GitLabSettings.Enable)
props["EnableSignUpWithPhabricator"] = strconv.FormatBool(c.PhabricatorSettings.Enable)
props["ShowEmailAddress"] = strconv.FormatBool(c.PrivacySettings.ShowEmailAddress)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment