1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51

package auth

import (
	"fmt"
	"strings"
	"sync"

	"github.com/pkg/errors"
	"github.com/samber/lo"

	"{{{ .Package }}}/app/util"
)

var initMu sync.Mutex

func (s *Service) load(logger util.Logger) error {
	initMu.Lock()
	defer initMu.Unlock()

	if s.providers != nil {
		return errors.New("called [load] twice")
	}
	if s.baseURL == "" {
		s.baseURL = util.GetEnv(util.AppKey + "_oauth_redirect")
	}
	if s.baseURL == "" {
		s.baseURL = fmt.Sprintf("http://localhost:%d", s.port)
	}
	s.baseURL = strings.TrimSuffix(s.baseURL, "/")

	initAvailable()

	s.providers = lo.FilterMap(AvailableProviderKeys, func(k string, _ int) (*Provider, bool) {
		envKey := util.GetEnv(k + "_key")
		if envKey == "" {
			return nil, false
		}
		envSecret := util.GetEnv(k + "_secret")
		envScopes := util.StringSplitAndTrim(util.GetEnv(k+"_scopes"), ",")
		return &Provider{ID: k, Title: AvailableProviderNames[k], Key: envKey, Secret: envSecret, Scopes: envScopes}, true
	})

	if len(s.providers) == 0 {
		logger.Debug("authentication disabled, no providers configured in environment")
	} else {
		const msg = "authentication enabled for [%s], using [%s] as a base URL"
		logger.Infof(msg, util.StringArrayOxfordComma(s.providers.Titles(), "and"), s.baseURL)
	}

	return nil
}