func init() {
// Apparently Doorkeeper doesn't follow the RFC exactly on how secrets are
// passed. Don't worry, it's far from alone in this behavior, and joins a
// bunch of well-known services in being "broken". A lot of libraries will
// detect this behavior, but not this one, it's being passive-aggressive and
// forcing you to register auth providers you want to use that don't follow
// the convention. At least they're letting you register, I had to fork this
// library to get G5 Auth in there before. Anywho, this will break if you try
// and use a custom auth server, but I'll cross that bridge when I get to it.
oauth2.RegisterBrokenAuthHeaderProvider("https://auth.g5search.com/")
oauth2.RegisterBrokenAuthHeaderProvider("https://dev-auth.g5search.com/")
}
// New returns a Remote implementation that integrates with a GitHub Cloud or
// GitHub Enterprise version control hosting provider.
func New(opts Opts) (remote.Remote, error) {
url, err := url.Parse(opts.URL)
if err != nil {
return nil, err
}
host, _, err := net.SplitHostPort(url.Host)
if err == nil {
url.Host = host
}
remote := &client{
API: defaultAPI,
URL: defaultURL,
Context: opts.Context,
Client: opts.Client,
Secret: opts.Secret,
Scopes: opts.Scopes,
PrivateMode: opts.PrivateMode,
SkipVerify: opts.SkipVerify,
MergeRef: opts.MergeRef,
Machine: url.Host,
Username: opts.Username,
Password: opts.Password,
}
if opts.URL != defaultURL {
remote.URL = strings.TrimSuffix(opts.URL, "/")
remote.API = remote.URL + "/api/v3/"
}
// Hack to enable oauth2 access in older GHE
oauth2.RegisterBrokenAuthHeaderProvider(remote.URL)
return remote, nil
}
// Authorize the session with Wepay and return the access token to be stored for future use.
func (s *Session) Authorize(provider goth.Provider, params goth.Params) (string, error) {
p := provider.(*Provider)
oauth2.RegisterBrokenAuthHeaderProvider(tokenURL)
token, err := p.config.Exchange(oauth2.NoContext, params.Get("code"))
if err != nil {
return "", err
}
s.AccessToken = token.AccessToken
s.RefreshToken = token.RefreshToken
s.ExpiresAt = token.Expiry
return token.AccessToken, err
}
// Endpoint returns the endpoint for the given region. This doesn't
// validate the region name so you must use one that is valid from Battle.net.
func Endpoint(region string) oauth2.Endpoint {
region = strings.ToLower(region)
domain := fmt.Sprintf("https://%s.battle.net/", region)
if region == "cn" {
domain = "https://www.battlenet.com.cn/"
}
// Register the broken provider
brokenLock.Lock()
defer brokenLock.Unlock()
if _, ok := brokenMap[domain]; !ok {
brokenMap[domain] = struct{}{}
oauth2.RegisterBrokenAuthHeaderProvider(domain)
}
// Build the endpoint
return oauth2.Endpoint{
AuthURL: domain + "oauth/authorize",
TokenURL: domain + "oauth/token",
}
}
func init() {
// These are not registered in the oauth library by default
oauth2.RegisterBrokenAuthHeaderProvider("https://api.dropboxapi.com")
oauth2.RegisterBrokenAuthHeaderProvider("https://api-dbdev.dev.corp.dropbox.com")
}
func init() {
oauth2.RegisterBrokenAuthHeaderProvider("https://slack.com/")
slick.RegisterPlugin(&OAuthPlugin{})
gob.Register(&slack.User{})
}
