You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

164 lines
4.8 KiB

  1. // Package twitter implements the OAuth protocol for authenticating users through Twitter.
  2. // This package can be used as a reference implementation of an OAuth provider for Goth.
  3. package twitter
  4. import (
  5. "bytes"
  6. "encoding/json"
  7. "errors"
  8. "io/ioutil"
  9. "net/http"
  10. "fmt"
  11. "github.com/markbates/goth"
  12. "github.com/mrjones/oauth"
  13. "golang.org/x/oauth2"
  14. )
  15. var (
  16. requestURL = "https://api.twitter.com/oauth/request_token"
  17. authorizeURL = "https://api.twitter.com/oauth/authorize"
  18. authenticateURL = "https://api.twitter.com/oauth/authenticate"
  19. tokenURL = "https://api.twitter.com/oauth/access_token"
  20. endpointProfile = "https://api.twitter.com/1.1/account/verify_credentials.json"
  21. )
  22. // New creates a new Twitter provider, and sets up important connection details.
  23. // You should always call `twitter.New` to get a new Provider. Never try to create
  24. // one manually.
  25. //
  26. // If you'd like to use authenticate instead of authorize, use NewAuthenticate instead.
  27. func New(clientKey, secret, callbackURL string) *Provider {
  28. p := &Provider{
  29. ClientKey: clientKey,
  30. Secret: secret,
  31. CallbackURL: callbackURL,
  32. providerName: "twitter",
  33. }
  34. p.consumer = newConsumer(p, authorizeURL)
  35. return p
  36. }
  37. // NewAuthenticate is the almost same as New.
  38. // NewAuthenticate uses the authenticate URL instead of the authorize URL.
  39. func NewAuthenticate(clientKey, secret, callbackURL string) *Provider {
  40. p := &Provider{
  41. ClientKey: clientKey,
  42. Secret: secret,
  43. CallbackURL: callbackURL,
  44. providerName: "twitter",
  45. }
  46. p.consumer = newConsumer(p, authenticateURL)
  47. return p
  48. }
  49. // Provider is the implementation of `goth.Provider` for accessing Twitter.
  50. type Provider struct {
  51. ClientKey string
  52. Secret string
  53. CallbackURL string
  54. HTTPClient *http.Client
  55. debug bool
  56. consumer *oauth.Consumer
  57. providerName string
  58. }
  59. // Name is the name used to retrieve this provider later.
  60. func (p *Provider) Name() string {
  61. return p.providerName
  62. }
  63. // SetName is to update the name of the provider (needed in case of multiple providers of 1 type)
  64. func (p *Provider) SetName(name string) {
  65. p.providerName = name
  66. }
  67. func (p *Provider) Client() *http.Client {
  68. return goth.HTTPClientWithFallBack(p.HTTPClient)
  69. }
  70. // Debug sets the logging of the OAuth client to verbose.
  71. func (p *Provider) Debug(debug bool) {
  72. p.debug = debug
  73. }
  74. // BeginAuth asks Twitter for an authentication end-point and a request token for a session.
  75. // Twitter does not support the "state" variable.
  76. func (p *Provider) BeginAuth(state string) (goth.Session, error) {
  77. requestToken, url, err := p.consumer.GetRequestTokenAndUrl(p.CallbackURL)
  78. session := &Session{
  79. AuthURL: url,
  80. RequestToken: requestToken,
  81. }
  82. return session, err
  83. }
  84. // FetchUser will go to Twitter and access basic information about the user.
  85. func (p *Provider) FetchUser(session goth.Session) (goth.User, error) {
  86. sess := session.(*Session)
  87. user := goth.User{
  88. Provider: p.Name(),
  89. }
  90. if sess.AccessToken == nil {
  91. // data is not yet retrieved since accessToken is still empty
  92. return user, fmt.Errorf("%s cannot get user information without accessToken", p.providerName)
  93. }
  94. response, err := p.consumer.Get(
  95. endpointProfile,
  96. map[string]string{"include_entities": "false", "skip_status": "true", "include_email": "true"},
  97. sess.AccessToken)
  98. if err != nil {
  99. return user, err
  100. }
  101. defer response.Body.Close()
  102. if response.StatusCode != http.StatusOK {
  103. return user, fmt.Errorf("%s responded with a %d trying to fetch user information", p.providerName, response.StatusCode)
  104. }
  105. bits, err := ioutil.ReadAll(response.Body)
  106. err = json.NewDecoder(bytes.NewReader(bits)).Decode(&user.RawData)
  107. if err != nil {
  108. return user, err
  109. }
  110. user.Name = user.RawData["name"].(string)
  111. user.NickName = user.RawData["screen_name"].(string)
  112. if user.RawData["email"] != nil {
  113. user.Email = user.RawData["email"].(string)
  114. }
  115. user.Description = user.RawData["description"].(string)
  116. user.AvatarURL = user.RawData["profile_image_url"].(string)
  117. user.UserID = user.RawData["id_str"].(string)
  118. user.Location = user.RawData["location"].(string)
  119. user.AccessToken = sess.AccessToken.Token
  120. user.AccessTokenSecret = sess.AccessToken.Secret
  121. return user, err
  122. }
  123. func newConsumer(provider *Provider, authURL string) *oauth.Consumer {
  124. c := oauth.NewConsumer(
  125. provider.ClientKey,
  126. provider.Secret,
  127. oauth.ServiceProvider{
  128. RequestTokenUrl: requestURL,
  129. AuthorizeTokenUrl: authURL,
  130. AccessTokenUrl: tokenURL,
  131. })
  132. c.Debug(provider.debug)
  133. return c
  134. }
  135. //RefreshToken refresh token is not provided by twitter
  136. func (p *Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {
  137. return nil, errors.New("Refresh token is not provided by twitter")
  138. }
  139. //RefreshTokenAvailable refresh token is not provided by twitter
  140. func (p *Provider) RefreshTokenAvailable() bool {
  141. return false
  142. }