From 68c2b070da59bd2cf9c5cd91901a4e3bf6084061 Mon Sep 17 00:00:00 2001 From: Joram Wilander Date: Tue, 7 Jun 2016 17:43:06 -0400 Subject: Auto join teams if coming from team sign-up page to login for GitLab (#3284) --- api/oauth.go | 64 ++++++++++++++++++++++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 23 deletions(-) (limited to 'api/oauth.go') diff --git a/api/oauth.go b/api/oauth.go index 30efbdce3..072699321 100644 --- a/api/oauth.go +++ b/api/oauth.go @@ -204,7 +204,10 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) { } break case model.OAUTH_ACTION_LOGIN: - LoginByOAuth(c, w, r, service, body) + user := LoginByOAuth(c, w, r, service, body) + if len(teamId) > 0 { + c.Err = JoinUserToTeamById(teamId, user) + } if c.Err == nil { http.Redirect(w, r, GetProtocol(r)+"://"+r.Host, http.StatusTemporaryRedirect) } @@ -424,8 +427,17 @@ func loginWithOAuth(c *Context, w http.ResponseWriter, r *http.Request) { service := params["service"] loginHint := r.URL.Query().Get("login_hint") + teamId, err := getTeamIdFromQuery(r.URL.Query()) + if err != nil { + c.Err = err + return + } + stateProps := map[string]string{} stateProps["action"] = model.OAUTH_ACTION_LOGIN + if len(teamId) != 0 { + stateProps["team_id"] = teamId + } if authUrl, err := GetAuthorizationCode(c, service, stateProps, loginHint); err != nil { c.Err = err @@ -435,46 +447,52 @@ func loginWithOAuth(c *Context, w http.ResponseWriter, r *http.Request) { } } -func signupWithOAuth(c *Context, w http.ResponseWriter, r *http.Request) { - params := mux.Vars(r) - service := params["service"] - - if !utils.Cfg.TeamSettings.EnableUserCreation { - c.Err = model.NewLocAppError("signupWithOAuth", "web.singup_with_oauth.disabled.app_error", nil, "") - c.Err.StatusCode = http.StatusNotImplemented - return - } - - hash := r.URL.Query().Get("h") - - teamId := "" - inviteId := r.URL.Query().Get("id") +func getTeamIdFromQuery(query url.Values) (string, *model.AppError) { + hash := query.Get("h") + inviteId := query.Get("id") if len(hash) > 0 { - data := r.URL.Query().Get("d") + data := query.Get("d") props := model.MapFromJson(strings.NewReader(data)) if !model.ComparePassword(hash, fmt.Sprintf("%v:%v", data, utils.Cfg.EmailSettings.InviteSalt)) { - c.Err = model.NewLocAppError("signupWithOAuth", "web.singup_with_oauth.invalid_link.app_error", nil, "") - return + return "", model.NewLocAppError("getTeamIdFromQuery", "web.singup_with_oauth.invalid_link.app_error", nil, "") } t, err := strconv.ParseInt(props["time"], 10, 64) if err != nil || model.GetMillis()-t > 1000*60*60*48 { // 48 hours - c.Err = model.NewLocAppError("signupWithOAuth", "web.singup_with_oauth.expired_link.app_error", nil, "") - return + return "", model.NewLocAppError("getTeamIdFromQuery", "web.singup_with_oauth.expired_link.app_error", nil, "") } - teamId = props["id"] - } else if len(inviteId) != 0 { + return props["id"], nil + } else if len(inviteId) > 0 { if result := <-Srv.Store.Team().GetByInviteId(inviteId); result.Err != nil { // soft fail, so we still create user but don't auto-join team l4g.Error("%v", result.Err) } else { - teamId = result.Data.(*model.Team).Id + return result.Data.(*model.Team).Id, nil } } + return "", nil +} + +func signupWithOAuth(c *Context, w http.ResponseWriter, r *http.Request) { + params := mux.Vars(r) + service := params["service"] + + if !utils.Cfg.TeamSettings.EnableUserCreation { + c.Err = model.NewLocAppError("signupWithOAuth", "web.singup_with_oauth.disabled.app_error", nil, "") + c.Err.StatusCode = http.StatusNotImplemented + return + } + + teamId, err := getTeamIdFromQuery(r.URL.Query()) + if err != nil { + c.Err = err + return + } + stateProps := map[string]string{} stateProps["action"] = model.OAUTH_ACTION_SIGNUP if len(teamId) != 0 { -- cgit v1.2.3-1-g7c22