OAuth Provider, user.ID consistency

[davidnewhall]

This app currently uses the oauth providers "generic" definitions (for twitter, google and GitHub) from here. The problem I'm running into is that these provider definitions don't provide a consistent user.ID. That means I can never use my google account to access pastes my GitHub account created.

I added a discord provider, and omitted the sha1 encoding and prefix from the user.ID; opted to use email as user ID.

My suggestion, and the reason for this discussion, is to ask if we can/should re-implement our own definitions that allow logins from any source to match via email address. The tl;dr is to copy the code from the above-linked file, and modify the userMap slightly to create consistent user.ID from the user's email address.

I'll paste the Discord code into here soon, so the differences can be properly inspected.

[iliafrenkel]

I like the idea. My experience with OAuth is rather rudimentary, so any examples/pull requests will be very appreciated.

[davidnewhall]

This is the discord example that goes into web.go. I was trying to convert Twitter, but I'm not sure how. Google and GitHub are easy.

authSvc.AddCustomProvider("discord", auth.Client{
  Cid:     handler.options.DiscordCID,
  Csecret: handler.options.DiscordCSEC,
}, provider.CustomHandlerOpt{
  Endpoint: oauth2.Endpoint{
    AuthURL:  "https://discord.com/api/oauth2/authorize",
    TokenURL: "https://discord.com/api/v8/oauth2/token",
  },
  InfoURL: "https://discord.com/api/v8/users/@me",
  Scopes:  []string{"identify", "email"},
  MapUserFn: func(data provider.UserData, _ []byte) token.User {
    return token.User{
      ID:      data.Value("email"),
      Name:    data.Value("username"),
      Picture: "https://cdn.discordapp.com/avatars/" + data.Value("id") + "/" + data.Value("avatar") + ".png",
    }
  },
})

And here are the GitHub and google examples:

	authSvc.AddCustomProvider("google_custom", auth.Client{
		Cid:     handler.options.GoogleCID,
		Csecret: handler.options.GoogleCSEC,
	}, provider.CustomHandlerOpt{
		Endpoint: google.Endpoint,
		InfoURL:  "https://www.googleapis.com/oauth2/v3/userinfo",
		Scopes:   []string{"https://www.googleapis.com/auth/userinfo.profile"},
		MapUserFn: func(data provider.UserData, _ []byte) token.User {
			userInfo := token.User{
				ID:      data.Value("sub"),
				Name:    data.Value("name"),
				Picture: data.Value("picture"),
			}
			if userInfo.Name == "" {
				userInfo.Name = "noname_" + userInfo.ID[8:12]
			}

			return userInfo
		},
	})

	authSvc.AddCustomProvider("github_custom", auth.Client{
		Cid:     handler.options.GitHubCID,
		Csecret: handler.options.GitHubCSEC,
	}, provider.CustomHandlerOpt{
		Endpoint: github.Endpoint,
		InfoURL:  "https://api.github.com/user",
		MapUserFn: func(data provider.UserData, _ []byte) token.User {
			userInfo := token.User{
				ID:      data.Value("email"),
				Name:    data.Value("name"),
				Picture: data.Value("avatar_url"),
			}
			// github may have no user name, use login in this case
			if userInfo.Name == "" {
				userInfo.Name = data.Value("login")
			}

			if userInfo.Name == "" {
				userInfo.Name = "noname_" + userInfo.ID[8:12]
			}

			return userInfo
		},
	})