diff --git a/routers/routes/web.go b/routers/routes/web.go index a8d64b4c44700..22d61e6fb80f5 100644 --- a/routers/routes/web.go +++ b/routers/routes/web.go @@ -395,6 +395,7 @@ func RegisterRoutes(m *web.Route) { m.Any("/user/events", events.Events) m.Group("/login/oauth", func() { + m.Get("/userinfo", user.InfoOAuth) m.Get("/authorize", bindIgnErr(forms.AuthorizationForm{}), user.AuthorizeOAuth) m.Post("/grant", bindIgnErr(forms.GrantApplicationForm{}), user.GrantApplicationOAuth) // TODO manage redirection diff --git a/routers/user/oauth_userinfo.go b/routers/user/oauth_userinfo.go new file mode 100644 index 0000000000000..ee7a4e276e4ea --- /dev/null +++ b/routers/user/oauth_userinfo.go @@ -0,0 +1,34 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package user + +import ( + "fmt" + "net/http" + + "code.gitea.io/gitea/modules/context" +) + +// userInfoResponse represents a successful userinfo response +type userInfoResponse struct { + Sub string `json:"sub"` + Name string `json:"name"` + Username string `json:"preferred_username"` + Email string `json:"email"` + Picture string `json:"picture"` +} + +// InfoOAuth responds with OAuth formatted userinfo +func InfoOAuth(ctx *context.Context) { + user := ctx.User + response := &userInfoResponse{ + Sub: fmt.Sprint(user.ID), + Name: user.FullName, + Username: user.Name, + Email: user.Email, + Picture: user.AvatarLink(), + } + ctx.JSON(http.StatusOK, response) +} diff --git a/templates/user/auth/oidc_wellknown.tmpl b/templates/user/auth/oidc_wellknown.tmpl index 290ed4a71df40..fcde060a8d19f 100644 --- a/templates/user/auth/oidc_wellknown.tmpl +++ b/templates/user/auth/oidc_wellknown.tmpl @@ -2,6 +2,7 @@ "issuer": "{{AppUrl | JSEscape | Safe}}", "authorization_endpoint": "{{AppUrl | JSEscape | Safe}}login/oauth/authorize", "token_endpoint": "{{AppUrl | JSEscape | Safe}}login/oauth/access_token", + "userinfo_endpoint": "{{AppUrl | JSEscape | Safe}}login/oauth/userinfo", "response_types_supported": [ "code", "id_token"