custom oauth

haiwen · Feb 19, 2025 · ac47e22 · ac47e22
1 parent b8a1e0d
commit ac47e22
Show file tree

Hide file tree

Showing 5 changed files with 50 additions and 3 deletions.
diff --git a/seahub/auth/views.py b/seahub/auth/views.py
@@ -197,6 +197,7 @@ def login(request, template_name='registration/login.html',
                  getattr(settings, 'ENABLE_KRB5_LOGIN', False) or \
                  getattr(settings, 'ENABLE_ADFS_LOGIN', False) or \
                  getattr(settings, 'ENABLE_OAUTH', False) or \
+                 getattr(settings, 'ENABLE_CUSTOM_OAUTH', False) or \
                  getattr(settings, 'ENABLE_CAS', False) or \
                  getattr(settings, 'ENABLE_REMOTE_USER_AUTHENTICATION', False)
 
@@ -296,7 +297,7 @@ def logout(request, next_page=None,
     # Local logout for ouath user.
     via_oauth = request.COOKIES.get('via_oauth', '')
     oauth_logout_url = getattr(settings, 'OAUTH_LOGOUT_URL', '')
-    if getattr(settings, 'ENABLE_OAUTH', False) and via_oauth and oauth_logout_url:
+    if (getattr(settings, 'ENABLE_OAUTH', False) or getattr(settings, 'ENABLE_CUSTOM_OAUTH', False)) and via_oauth and oauth_logout_url:
         response = HttpResponseRedirect(oauth_logout_url)
         response.delete_cookie('via_oauth')
         response.delete_cookie('seahub_auth')

diff --git a/seahub/oauth/urls.py b/seahub/oauth/urls.py
@@ -1,9 +1,20 @@
 # Copyright (c) 2012-2016 Seafile Ltd.
 
 from django.urls import path
-from seahub.oauth.views import oauth_login, oauth_callback
+from seahub.oauth.views import oauth_login, oauth_callback, \
+    custom_oauth_login_view, custom_oauth_callback_view
+
+import seahub.settings as settings
+ENABLE_CUSTOM_OAUTH = getattr(settings, 'ENABLE_CUSTOM_OAUTH', False)
+
 
 urlpatterns = [
     path('login/', oauth_login, name='oauth_login'),
     path('callback/', oauth_callback, name='oauth_callback'),
 ]
+
+if ENABLE_CUSTOM_OAUTH:
+    urlpatterns = [
+        path('login/', custom_oauth_login_view, name='oauth_login'),
+        path('callback/', custom_oauth_callback_view, name='oauth_callback'),
+   ]
diff --git a/seahub/oauth/views.py b/seahub/oauth/views.py
@@ -58,6 +58,17 @@
         OAUTH_PROVIDER = getattr(settings, 'OAUTH_PROVIDER_DOMAIN', '')
     OAUTH_ATTRIBUTE_MAP = getattr(settings, 'OAUTH_ATTRIBUTE_MAP', {})
 
+ENABLE_CUSTOM_OAUTH = getattr(settings, 'ENABLE_CUSTOM_OAUTH', False)
+if ENABLE_CUSTOM_OAUTH:
+    try:
+        current_path = os.path.dirname(os.path.abspath(__file__))
+        conf_dir = os.path.join(current_path, '../../../../conf')
+        sys.path.append(conf_dir)
+        from seahub_custom_functions import custom_oauth_login, custom_oauth_callback
+        ENABLE_CUSTOM_OAUTH = True
+    except ImportError:
+        ENABLE_CUSTOM_OAUTH = False
+
 
 def oauth_check(func):
     """ Decorator for check if OAuth valid.
@@ -258,3 +269,22 @@ def oauth_callback(request):
     response.set_cookie('seahub_auth', email + '@' + api_token.key)
     response.set_cookie('via_oauth', 'true')
     return response
+
+
+def custom_oauth_login_view(request):
+    if not ENABLE_CUSTOM_OAUTH:
+        return render_error(request, _('Feature is not enabled.'))
+
+    if request.user.is_authenticated:
+        # already authenticated
+        redirect_url = request.GET.get(auth.REDIRECT_FIELD_NAME, settings.LOGIN_REDIRECT_URL)
+        return HttpResponseRedirect(redirect_url)
+
+    return custom_oauth_login(request)
+
+
+def custom_oauth_callback_view(request):
+    if not ENABLE_CUSTOM_OAUTH:
+        return render_error(request, _('Feature is not enabled.'))
+
+    return custom_oauth_callback(request)
diff --git a/seahub/settings.py b/seahub/settings.py
@@ -319,6 +319,8 @@
 ENABLE_OAUTH = False
 ENABLE_WATERMARK = False
 
+ENABLE_CUSTOM_OAUTH = False
+
 ENABLE_SHOW_CONTACT_EMAIL_WHEN_SEARCH_USER = False
 ENABLE_SHOW_LOGIN_ID_WHEN_SEARCH_USER = False
 
@@ -1167,7 +1169,7 @@ def load_local_settings(module):
     MIDDLEWARE.append('seahub.auth.middleware.SeafileRemoteUserMiddleware')
     AUTHENTICATION_BACKENDS += ('seahub.auth.backends.SeafileRemoteUserBackend',)
 
-if ENABLE_OAUTH or ENABLE_WORK_WEIXIN or ENABLE_WEIXIN or ENABLE_DINGTALK:
+if ENABLE_OAUTH or ENABLE_CUSTOM_OAUTH or ENABLE_WORK_WEIXIN or ENABLE_WEIXIN or ENABLE_DINGTALK:
     AUTHENTICATION_BACKENDS += ('seahub.oauth.backends.OauthRemoteUserBackend',)
 
 if ENABLE_CAS:

diff --git a/seahub/views/sso.py b/seahub/views/sso.py
@@ -57,6 +57,9 @@ def sso(request):
     if getattr(settings, 'ENABLE_OAUTH', False):
         return HttpResponseRedirect(reverse('oauth_login') + next_param)
 
+    if getattr(settings, 'ENABLE_CUSTOM_OAUTH', False):
+        return HttpResponseRedirect(reverse('oauth_login') + next_param)
+
     if getattr(settings, 'ENABLE_CAS', False):
         return HttpResponseRedirect(reverse('cas_ng_login') + next_param)