編寫oauth controller代碼:
package controllers
import (
"encoding/json"
"fmt"
"errors"
"alertmanager/models"
"alertmanager/utils/oauth"
"github.com/astaxie/beego"
"github.com/astaxie/beego/orm"
"github.com/astaxie/beego/session"
)
type OAuthController struct {
BaseController
}
var globalSessions *session.Manager
func init() {
sessionConfig := &session.ManagerConfig{
CookieName: "gosessionid",
EnableSetCookie: true,
Gclifetime: 3600,
Maxlifetime: 3600,
Secure: false,
CookieLifeTime: 3600,
ProviderConfig: "./tmp",
}
globalSessions, _ = session.NewManager("memory", sessionConfig)
go globalSessions.GC()
}
func (c *OAuthController ) OAuthUrl() {
data := map[string]interface{}{"oauthUrl": oauth.GetOauthUrl()}
c.HandleResult(&data)
}
func (c *OAuthController ) Login() {
code := c.GetString(":code")
token, err := oauth.GetAccessToken(code)
if err != nil {
c.HandleError(err)
}
user, err := oauth.GetUserInfo(token.AccessToken)
if err != nil {
c.HandleError(err)
}
c.SetSession("user", user)
data := map[string]interface{}{"user": user}
c.HandleResult(&data)
}
func (c *OAuthController ) Validate() {
user := c.GetSession("user")
if user == nil {
err := fmt.Errorf("%s", "not login")
c.HandleError(err)
} else {
data := map[string]interface{}{
"user": user,
}
c.HandleResult(&data)
}
}
func (c *OAuthController ) Logout() {
c.DelSession("user")
c.HandleResult(nil)
}
func (c *OAuthController ) NofityInsertUser() {
b := c.Ctx.Input.RequestBody
var user models.AlertUser
err := json.Unmarshal(b, &user)
if err != nil {
beego.Error(err)
c.HandleError(err)
return
}
// TODO
o := orm.NewOrm()
_, err = o.Insert(&user)
if err != nil {
beego.Error(err)
c.HandleError(err)
return
}
beego.Info(user)
c.HandleResult(nil)
}
func (c *OAuthController ) BackAdminLogin () {
code := c.GetString(":admin")
if code == "k8spaas" {
var user oauth.User
user.Name = "admin"
user.Role.Name = "admin"
c.SetSession("user", user)
data := map[string]interface{}{"user": user}
c.HandleResult(&data)
return
}
var err_back error = errors.New("error admin password.")
c.HandleError(err_back)
}
utils/oauth:
package oauth
import (
"encoding/json"
"fmt"
"net/url"
"github.com/astaxie/beego"
"github.com/parnurzeal/gorequest"
)
var (
serverUrl string
serverRedirectUrl string
authorizePath string
tokenPath string
userInfoPath string
userListPath string
responseType string
scope string
clientId string
clientSecret string
grantType string
redirectUri string
oauthUrl string
rawTokenUrl string
userInfoUrl string
userListUrl string
)
func init() {
serverUrl = beego.AppConfig.String("oauth.server.server_url")
serverRedirectUrl = beego.AppConfig.String("oauth.server.redirect_url")
authorizePath = beego.AppConfig.String("oauth.path.authorize")
tokenPath = beego.AppConfig.String("oauth.path.token")
userInfoPath = beego.AppConfig.String("oauth.path.user.info")
userListPath = beego.AppConfig.String("oauth.path.user.list")
responseType = beego.AppConfig.String("oauth.response_type")
scope = beego.AppConfig.String("oauth.scope")
clientId = beego.AppConfig.String("oauth.client_id")
clientSecret = beego.AppConfig.String("oauth.client_secret")
grantType = beego.AppConfig.String("oauth.grant_type")
redirectUri = beego.AppConfig.String("oauth.redirect_uri")
oauthUrl = serverRedirectUrl + authorizePath +
"?response_type=" + responseType +
"&scope=" + scope +
"&client_id=" + clientId +
"&redirect_uri=" + url.QueryEscape(redirectUri)
rawTokenUrl = serverUrl + tokenPath +
"?client_id=" + clientId +
"&client_secret=" + clientSecret +
"&grant_type=" + grantType +
"&redirect_uri=" + url.QueryEscape(redirectUri)
userInfoUrl = serverUrl + userInfoPath
userListUrl = serverUrl + userListPath
}
func GetOauthUrl() string {
return oauthUrl
}
func GetUserInfo(accessToken string) (User, error) {
beego.Info("oauth2.GetUserInfo begin.")
request := gorequest.New()
var user User
_, body, errs := request.Get(userInfoUrl).Set("Authorization", "Bearer "+accessToken).End()
if errs != nil {
beego.Error(errs[0])
return user, errs[0]
}
fmt.Println(body)
err := json.Unmarshal([]byte(body), &user)
return user, err
}
func GetAccessToken(code string) (OauthAccessToken, error) {
beego.Info("oauth2.GetAccessToken begin.")
tokenUrl := GetTokenUrl(code)
request := gorequest.New()
var token OauthAccessToken
_, body, errs := request.Post(tokenUrl).Set("Accept", "application/json").End()
if errs != nil {
beego.Error(errs[0])
return token, errs[0]
}
fmt.Println(body)
err := json.Unmarshal([]byte(body), &token)
return token, err
}
func GetTokenUrl(code string) string {
return rawTokenUrl + "&code=" + code
}
types:
package oauth
type OauthAccessToken struct {
AccessToken string `json:"access_token"`
TokenType string `json:"token_type"`
RefreshToken string `json:"refresh_token"`
ExpiresIn int `json:"expires_in"`
Scope string `json:"scope"`
}
type Role struct {
Name string `json:"name"`
}
type User struct {
Id int `json:"id"`
Name string `json:"name"`
Email string `json:"email"`
Phone string `json:"phone"`
Role Role `json:"role"`
}
配置文件:
sessionon = true
oauth.path.token = /oauth/token
oauth.path.authorize = /oauth/authorize
oauth.path.user.info = /user/info
oauth.path.user.list = /user/info/list
oauth.client_id= curl-client
oauth.client_secret= client-secret
oauth.grant_type= authorization_code
oauth.response_type= code
oauth.scope= read write
[dev]
oauth.server.server_url = http://oauth2.abc.sheincorp.cn
oauth.server.redirect_url = http://oauth2.abc.sheincorp.cn
oauth.redirect_uri = http://localhost:8082/#/OAuth
一定要設置sesstionon = true, 否則調用GetSession() SetSesstion() 方法會有異常。
異常如下:
Handler crashed with error runtime error: invalid memory address or nil pointer dereference