105 lines
2.3 KiB
Go
105 lines
2.3 KiB
Go
package provider
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/supabase/auth/internal/conf"
|
|
"golang.org/x/oauth2"
|
|
)
|
|
|
|
const (
|
|
defaultBitbucketAuthBase = "bitbucket.org"
|
|
defaultBitbucketAPIBase = "api.bitbucket.org"
|
|
)
|
|
|
|
type bitbucketProvider struct {
|
|
*oauth2.Config
|
|
APIPath string
|
|
}
|
|
|
|
type bitbucketUser struct {
|
|
Name string `json:"display_name"`
|
|
ID string `json:"uuid"`
|
|
Avatar struct {
|
|
Href string `json:"href"`
|
|
} `json:"avatar"`
|
|
}
|
|
|
|
type bitbucketEmail struct {
|
|
Email string `json:"email"`
|
|
Primary bool `json:"is_primary"`
|
|
Verified bool `json:"is_confirmed"`
|
|
}
|
|
|
|
type bitbucketEmails struct {
|
|
Values []bitbucketEmail `json:"values"`
|
|
}
|
|
|
|
// NewBitbucketProvider creates a Bitbucket account provider.
|
|
func NewBitbucketProvider(ext conf.OAuthProviderConfiguration) (OAuthProvider, error) {
|
|
if err := ext.ValidateOAuth(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
authHost := chooseHost(ext.URL, defaultBitbucketAuthBase)
|
|
apiPath := chooseHost(ext.URL, defaultBitbucketAPIBase) + "/2.0"
|
|
|
|
return &bitbucketProvider{
|
|
Config: &oauth2.Config{
|
|
ClientID: ext.ClientID[0],
|
|
ClientSecret: ext.Secret,
|
|
Endpoint: oauth2.Endpoint{
|
|
AuthURL: authHost + "/site/oauth2/authorize",
|
|
TokenURL: authHost + "/site/oauth2/access_token",
|
|
},
|
|
RedirectURL: ext.RedirectURI,
|
|
Scopes: []string{"account", "email"},
|
|
},
|
|
APIPath: apiPath,
|
|
}, nil
|
|
}
|
|
|
|
func (g bitbucketProvider) GetOAuthToken(code string) (*oauth2.Token, error) {
|
|
return g.Exchange(context.Background(), code)
|
|
}
|
|
|
|
func (g bitbucketProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error) {
|
|
var u bitbucketUser
|
|
if err := makeRequest(ctx, tok, g.Config, g.APIPath+"/user", &u); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
data := &UserProvidedData{}
|
|
|
|
var emails bitbucketEmails
|
|
if err := makeRequest(ctx, tok, g.Config, g.APIPath+"/user/emails", &emails); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if len(emails.Values) > 0 {
|
|
for _, e := range emails.Values {
|
|
if e.Email != "" {
|
|
data.Emails = append(data.Emails, Email{
|
|
Email: e.Email,
|
|
Verified: e.Verified,
|
|
Primary: e.Primary,
|
|
})
|
|
}
|
|
}
|
|
}
|
|
|
|
data.Metadata = &Claims{
|
|
Issuer: g.APIPath,
|
|
Subject: u.ID,
|
|
Name: u.Name,
|
|
Picture: u.Avatar.Href,
|
|
|
|
// To be deprecated
|
|
AvatarURL: u.Avatar.Href,
|
|
FullName: u.Name,
|
|
ProviderId: u.ID,
|
|
}
|
|
|
|
return data, nil
|
|
}
|