Store OAuth2 session data in database (#3660)

* Store OAuth2 session data in database

* Rename table to `oauth2_session` and do not skip xormstorage initialization error

Author: lafriks

models/oauth2.go

@@ -97,14 +97,17 @@ func GetActiveOAuth2Providers() ([]string, map[string]OAuth2Provider, error) {
 }
 
 // InitOAuth2 initialize the OAuth2 lib and register all active OAuth2 providers in the library
-func InitOAuth2() {
-	oauth2.Init()
+func InitOAuth2() error {
+	if err := oauth2.Init(x); err != nil {
+		return err
+	}
 	loginSources, _ := GetActiveOAuth2ProviderLoginSources()
 
 	for _, source := range loginSources {
 		oAuth2Config := source.OAuth2()
 		oauth2.RegisterProvider(source.Name, oAuth2Config.Provider, oAuth2Config.ClientID, oAuth2Config.ClientSecret, oAuth2Config.OpenIDConnectAutoDiscoveryURL, oAuth2Config.CustomURLMapping)
 	}
+	return nil
 }
 
 // wrapOpenIDConnectInitializeError is used to wrap the error but this cannot be done in modules/auth/oauth2

modules/auth/oauth2/oauth2.go

@@ -7,13 +7,12 @@ package oauth2
 import (
 	"math"
 	"net/http"
-	"os"
-	"path/filepath"
 
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 
-	"github.com/gorilla/sessions"
+	"github.com/go-xorm/xorm"
+	"github.com/lafriks/xormstore"
 	"github.com/markbates/goth"
 	"github.com/markbates/goth/gothic"
 	"github.com/markbates/goth/providers/bitbucket"
@@ -41,13 +40,14 @@ type CustomURLMapping struct {
 }
 
 // Init initialize the setup of the OAuth2 library
-func Init() {
-	sessionDir := filepath.Join(setting.AppDataPath, "sessions", "oauth2")
-	if err := os.MkdirAll(sessionDir, 0700); err != nil {
-		log.Fatal(4, "Fail to create dir %s: %v", sessionDir, err)
-	}
+func Init(x *xorm.Engine) error {
+	store, err := xormstore.NewOptions(x, xormstore.Options{
+		TableName: "oauth2_session",
+	}, []byte(sessionUsersStoreKey))
 
-	store := sessions.NewFilesystemStore(sessionDir, []byte(sessionUsersStoreKey))
+	if err != nil {
+		return err
+	}
 	// according to the Goth lib:
 	// set the maxLength of the cookies stored on the disk to a larger number to prevent issues with:
 	// securecookie: the value is too long
@@ -65,6 +65,7 @@ func Init() {
 		return req.Header.Get(providerHeaderKey), nil
 	}
 
+	return nil
 }
 
 // Auth OAuth2 auth service

routers/init.go

@@ -60,7 +60,9 @@ func GlobalInit() {
 			log.Fatal(4, "Failed to initialize ORM engine: %v", err)
 		}
 		models.HasEngine = true
-		models.InitOAuth2()
+		if err := models.InitOAuth2(); err != nil {
+			log.Fatal(4, "Failed to initialize OAuth2 support: %v", err)
+		}
 
 		models.LoadRepoConfig()
 		models.NewRepoContext()