飞书SSO、Authing、小米登录插件 (#40)

* Add new login provider "feishu_sso" * Add FeishuSSO plugin * 添加新登录插件：飞书SSO * 添加新登录插件：飞书SSO(增加通过args读取ssoid) * 添加注释：FeishuSSO Plugin * 添加注释：FeishuSSO Plugin * 增加：小米账号登录插件 * 修改：小米账号登录插件相关描述 * 移除：飞书SSO登录插件 * 增加：小米登录插件 * 新增：Authing登录插件 * Fix bugs * Fix bugs * 新增：飞书SSO登录插件 * 修改：小米账号登录插件使用说明 * 删除：小米登录插件 * 新增：内置小米登录 * 修改：Authing登录插件获取args * 修改：飞书SSO、authing插件文件名，文件夹名和Provier方法 * 修改：小米Provider响应体结构 * 修改：飞书SSO、authing插件使用描述
1 year ago · c05414aa87
parent a2d71e59db
commit c05414aa87
4 changed files with 292 additions and 108 deletions
--- a/internal/provider/plugins/example/example_authing/example_authing.go
+++ b/internal/provider/plugins/example/example_authing/example_authing.go
@ -0,0 +1,104 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	plugin "github.com/hashicorp/go-plugin"
+	"github.com/synctv-org/synctv/internal/provider"
+	"github.com/synctv-org/synctv/internal/provider/plugins"
+	"golang.org/x/oauth2"
+	"net/http"
+	"os"
+)
+
+// Linux/Mac/Windows:
+// CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ./internal/provider/plugins/example/example_authing/example_authing.go
+// CGO_ENABLED=0 GOOS=dawin GOARCH=amd64 go build ./internal/provider/plugins/example/example_authing/example_authing.go
+// CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build ./internal/provider/plugins/example/example_authing/example_authing.go
+//
+// mv gitee {data-dir}/plugins/oauth2/authing
+//
+// Authing：https://console.authing.cn/
+//
+// config.yaml:
+//
+// oauth2_plugins:
+//   - plugin_file: plugins/oauth2/authing
+//     args: ["认证配置-认证地址（只需要你自定义的那个部分）"]
+type AuthingProvider struct {
+	config oauth2.Config
+}
+
+func newAuthingProvider(AuthUrl string) provider.ProviderInterface {
+	return &AuthingProvider{
+		config: oauth2.Config{
+			Scopes: []string{"profile"},
+			Endpoint: oauth2.Endpoint{
+				AuthURL:  fmt.Sprintf("https://%s.authing.cn/oauth/auth", AuthUrl),  // 授权码（authorization_code）获取接口
+				TokenURL: fmt.Sprintf("https://%s.authing.cn/oauth/token", AuthUrl), // Token端点
+			},
+		},
+	}
+}
+
+func (p *AuthingProvider) Init(c provider.Oauth2Option) {
+	p.config.ClientID = c.ClientID
+	p.config.ClientSecret = c.ClientSecret
+	p.config.RedirectURL = c.RedirectURL
+}
+
+func (p *AuthingProvider) Provider() provider.OAuth2Provider {
+	return "authing" //插件名
+}
+
+func (p *AuthingProvider) NewAuthURL(state string) string {
+	return p.config.AuthCodeURL(state, oauth2.AccessTypeOnline)
+}
+
+func (p *AuthingProvider) GetToken(ctx context.Context, code string) (*oauth2.Token, error) {
+	return p.config.Exchange(ctx, code)
+}
+
+func (p *AuthingProvider) RefreshToken(ctx context.Context, tk string) (*oauth2.Token, error) {
+	return p.config.TokenSource(ctx, &oauth2.Token{RefreshToken: tk}).Token()
+}
+
+func (p *AuthingProvider) GetUserInfo(ctx context.Context, tk *oauth2.Token) (*provider.UserInfo, error) {
+	client := p.config.Client(ctx, tk)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, "https://core.authing.cn/oauth/me", nil) // 身份端点
+	if err != nil {
+		return nil, err
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	ui := AuthingUserInfo{}
+	err = json.NewDecoder(resp.Body).Decode(&ui)
+	if err != nil {
+		return nil, err
+	}
+	return &provider.UserInfo{
+		Username:       ui.Name,
+		ProviderUserID: ui.UnionId,
+	}, nil
+}
+
+type AuthingUserInfo struct {
+	UnionId string `json:"sub"`  // Authing用户ID
+	Name    string `json:"name"` // Authing用户名
+}
+
+func main() {
+	args := os.Args
+	var pluginMap = map[string]plugin.Plugin{
+		"Provider": &plugins.ProviderPlugin{Impl: newAuthingProvider(args[1])},
+	}
+	plugin.Serve(&plugin.ServeConfig{
+		HandshakeConfig: plugins.HandshakeConfig,
+		Plugins:         pluginMap,
+		GRPCServer:      plugin.DefaultGRPCServer,
+	})
+}
--- a/internal/provider/plugins/example/example_feishu-sso/example_feishu-sso.go
+++ b/internal/provider/plugins/example/example_feishu-sso/example_feishu-sso.go
@ -0,0 +1,107 @@
+package main
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"os"
+
+	plugin "github.com/hashicorp/go-plugin"
+	"github.com/synctv-org/synctv/internal/provider"
+	"github.com/synctv-org/synctv/internal/provider/plugins"
+	"golang.org/x/oauth2"
+	"net/http"
+)
+
+// Linux/Mac/Windows:
+// CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build ./internal/provider/plugins/example/example_feishu-sso/example_feishu-sso.go
+// CGO_ENABLED=0 GOOS=dawin GOARCH=amd64 go build ./internal/provider/plugins/example/example_feishu-sso/example_feishu-sso.go
+// CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build ./internal/provider/plugins/example/example_feishu-sso/example_feishu-sso.go
+//
+// mv gitee {data-dir}/plugins/oauth2/feishu-sso
+//
+// 飞书集成平台单点应用：https://anycross.feishu.cn/console/identity/sso-app-manager/
+//
+// config.yaml:
+//
+// oauth2_plugins:
+//   - plugin_file: plugins/oauth2/feishu-sso
+//     args: ["单点应用Issuer最后一串纯数字"]
+type FeishuSSOProvider struct {
+	config oauth2.Config
+	ssoid  string
+}
+
+func newFeishuSSOProvider(ssoid string) provider.ProviderInterface {
+	return &FeishuSSOProvider{
+		config: oauth2.Config{
+			Scopes: []string{"profile"},
+			Endpoint: oauth2.Endpoint{
+				AuthURL:  fmt.Sprintf("https://anycross.feishu.cn/sso/%s/oauth2/auth", ssoid),  // 授权码（authorization_code）获取接口
+				TokenURL: fmt.Sprintf("https://anycross.feishu.cn/sso/%s/oauth2/token", ssoid), // 获取访问令牌（access_token）
+			},
+		},
+		ssoid: ssoid,
+	}
+}
+
+func (p *FeishuSSOProvider) Init(c provider.Oauth2Option) {
+	p.config.ClientID = c.ClientID
+	p.config.ClientSecret = c.ClientSecret
+	p.config.RedirectURL = c.RedirectURL
+}
+
+func (p *FeishuSSOProvider) Provider() provider.OAuth2Provider {
+	return "feishu-sso" //插件名
+}
+
+func (p *FeishuSSOProvider) NewAuthURL(state string) string {
+	return p.config.AuthCodeURL(state, oauth2.AccessTypeOnline)
+}
+
+func (p *FeishuSSOProvider) GetToken(ctx context.Context, code string) (*oauth2.Token, error) {
+	return p.config.Exchange(ctx, code)
+}
+
+func (p *FeishuSSOProvider) RefreshToken(ctx context.Context, tk string) (*oauth2.Token, error) {
+	return p.config.TokenSource(ctx, &oauth2.Token{RefreshToken: tk}).Token()
+}
+
+func (p *FeishuSSOProvider) GetUserInfo(ctx context.Context, tk *oauth2.Token) (*provider.UserInfo, error) {
+	client := p.config.Client(ctx, tk)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf("https://anycross.feishu.cn/sso/%s/oauth2/userinfo", p.ssoid), nil) // 身份端点
+	if err != nil {
+		return nil, err
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	ui := FeishuSSOUserInfo{}
+	err = json.NewDecoder(resp.Body).Decode(&ui)
+	if err != nil {
+		return nil, err
+	}
+	return &provider.UserInfo{
+		Username:       ui.Name,
+		ProviderUserID: ui.ID,
+	}, nil
+}
+
+type FeishuSSOUserInfo struct {
+	ID   string `json:"sub"`  // 组织内SSO应用账号ID
+	Name string `json:"name"` // 飞书账号昵称
+}
+
+func main() {
+	args := os.Args
+	var pluginMap = map[string]plugin.Plugin{
+		"Provider": &plugins.ProviderPlugin{Impl: newFeishuSSOProvider(args[1])},
+	}
+	plugin.Serve(&plugin.ServeConfig{
+		HandshakeConfig: plugins.HandshakeConfig,
+		Plugins:         pluginMap,
+		GRPCServer:      plugin.DefaultGRPCServer,
+	})
+}
--- a/internal/provider/plugins/example/example_feishuSSO/example_feishuSSO.go
+++ b/internal/provider/plugins/example/example_feishuSSO/example_feishuSSO.go
@ -1,108 +0,0 @@
-package main
-
-import (
-	"context"
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"os"
-
-	plugin "github.com/hashicorp/go-plugin"
-	"github.com/synctv-org/synctv/internal/provider"
-	"github.com/synctv-org/synctv/internal/provider/plugins"
-	"golang.org/x/oauth2"
-)
-
-// Mac/Linux:
-// go build -o feishuSSO ./internal/provider/plugins/example/example_feishuSSO/example_feishuSSO.go
-//
-// Windows:
-// go build -o feishuSSO.exe ./internal/provider/plugins/example/example_feishuSSO/example_feishuSSO.go
-//
-// mv gitee {data-dir}/plugins/oauth2/feishuSSO
-//
-// 飞书SSO登录插件设置信息：飞书集成平台-身份集成-应用单点登录-你创建的SSO服务
-//
-// config.yaml:
-//
-// oauth2_plugins:
-//   - plugin_file: plugins/oauth2/feishuSSO
-//     args: ["OAuth2.0协议端点中的一串数字"]
-type FeishuProvider struct {
-	config oauth2.Config
-	ssoid  string // Your SSO Application ID in Feishu Anycross
-}
-
-func newFeishuProvider(ssoid string) provider.ProviderInterface {
-	return &FeishuProvider{
-		config: oauth2.Config{
-			Scopes: []string{"profile"},
-			Endpoint: oauth2.Endpoint{
-				AuthURL:  fmt.Sprintf("https://anycross.feishu.cn/sso/%s/oauth2/auth", ssoid),  // 认证端点
-				TokenURL: fmt.Sprintf("https://anycross.feishu.cn/sso/%s/oauth2/token", ssoid), //Token 端点
-			},
-		},
-		ssoid: ssoid,
-	}
-}
-
-func (p *FeishuProvider) Init(c provider.Oauth2Option) {
-	p.config.ClientID = c.ClientID
-	p.config.ClientSecret = c.ClientSecret
-	p.config.RedirectURL = c.RedirectURL
-}
-
-func (p *FeishuProvider) Provider() provider.OAuth2Provider {
-	return "feishuSSO" //插件名
-}
-
-func (p *FeishuProvider) NewAuthURL(state string) string {
-	return p.config.AuthCodeURL(state, oauth2.AccessTypeOnline)
-}
-
-func (p *FeishuProvider) GetToken(ctx context.Context, code string) (*oauth2.Token, error) {
-	return p.config.Exchange(ctx, code)
-}
-
-func (p *FeishuProvider) RefreshToken(ctx context.Context, tk string) (*oauth2.Token, error) {
-	return p.config.TokenSource(ctx, &oauth2.Token{RefreshToken: tk}).Token()
-}
-
-func (p *FeishuProvider) GetUserInfo(ctx context.Context, tk *oauth2.Token) (*provider.UserInfo, error) {
-	client := p.config.Client(ctx, tk)
-	req, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf("https://anycross.feishu.cn/sso/%s/oauth2/userinfo", p.ssoid), nil) // 身份端点
-	if err != nil {
-		return nil, err
-	}
-	resp, err := client.Do(req)
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-	ui := feishuUserInfo{}
-	err = json.NewDecoder(resp.Body).Decode(&ui)
-	if err != nil {
-		return nil, err
-	}
-	return &provider.UserInfo{
-		Username:       ui.Name,
-		ProviderUserID: ui.UserID,
-	}, nil
-}
-
-type feishuUserInfo struct {
-	UserID string `json:"user_id"` // 飞书UserID （企业内唯一ID）
-	Name   string `json:"name"`    // 飞书姓名（会作为SyncTV登录用户名）
-}
-
-func main() {
-	args := os.Args
-	var pluginMap = map[string]plugin.Plugin{
-		"Provider": &plugins.ProviderPlugin{Impl: newFeishuProvider(args[1])},
-	}
-	plugin.Serve(&plugin.ServeConfig{
-		HandshakeConfig: plugins.HandshakeConfig,
-		Plugins:         pluginMap,
-		GRPCServer:      plugin.DefaultGRPCServer,
-	})
-}
--- a/internal/provider/providers/xiaomi.go
+++ b/internal/provider/providers/xiaomi.go
@ -0,0 +1,81 @@
+package providers
+
+import (
+	"context"
+	"fmt"
+	json "github.com/json-iterator/go"
+	"github.com/synctv-org/synctv/internal/provider"
+	"golang.org/x/oauth2"
+	"net/http"
+)
+
+type XiaomiProvider struct {
+	config oauth2.Config
+}
+
+func newXiaomiProvider() provider.ProviderInterface {
+	return &XiaomiProvider{
+		config: oauth2.Config{
+			Scopes: []string{"profile"},
+			Endpoint: oauth2.Endpoint{
+				AuthURL:  "https://account.xiaomi.com/oauth2/authorize",
+				TokenURL: "https://account.xiaomi.com/oauth2/token",
+			},
+		},
+	}
+}
+
+func (p *XiaomiProvider) Init(c provider.Oauth2Option) {
+	p.config.ClientID = c.ClientID
+	p.config.ClientSecret = c.ClientSecret
+	p.config.RedirectURL = c.RedirectURL
+}
+
+func (p *XiaomiProvider) Provider() provider.OAuth2Provider {
+	return "xiaomi"
+}
+
+func (p *XiaomiProvider) NewAuthURL(state string) string {
+	return p.config.AuthCodeURL(state, oauth2.AccessTypeOnline)
+}
+
+func (p *XiaomiProvider) GetToken(ctx context.Context, code string) (*oauth2.Token, error) {
+	return p.config.Exchange(ctx, code)
+}
+
+func (p *XiaomiProvider) RefreshToken(ctx context.Context, tk string) (*oauth2.Token, error) {
+	return p.config.TokenSource(ctx, &oauth2.Token{RefreshToken: tk}).Token()
+}
+
+func (p *XiaomiProvider) GetUserInfo(ctx context.Context, tk *oauth2.Token) (*provider.UserInfo, error) {
+	client := p.config.Client(ctx, tk)
+	req, err := http.NewRequestWithContext(ctx, http.MethodGet, fmt.Sprintf("https://open.account.xiaomi.com/user/profile?clientId=%s&token=%s", p.config.ClientID, tk.AccessToken), nil)
+	if err != nil {
+		return nil, err
+	}
+	resp, err := client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer resp.Body.Close()
+	ui := xiaomiUserInfo{}
+	err = json.NewDecoder(resp.Body).Decode(&ui)
+	if err != nil {
+		return nil, err
+	}
+	return &provider.UserInfo{
+		Username:       ui.Data.Name,
+		ProviderUserID: ui.Data.UnionId,
+	}, nil
+}
+
+type xiaomiUserInfo struct {
+	Data struct {
+		UnionId string `json:"unionId"`
+		Name    string `json:"miliaoNick"`
+	} `json:"data"`
+}
+
+func init() {
+	RegisterProvider(newXiaomiProvider())
+}