feat: support mapping avatar url from oauth2

eb33a604 · johnnyjoy · e4191640 · eb33a604 · eb33a604 · eb33a604
Commit eb33a604 authored Apr 24, 2025 by johnnyjoy
11 changed files
--- a/plugin/idp/idp.go
+++ b/plugin/idp/idp.go
@@ -4,4 +4,5 @@ type IdentityProviderUserInfo struct {
 	Identifier  string
 	DisplayName string
 	Email       string
+	AvatarURL   string
 }
--- a/plugin/idp/oauth2/oauth2.go
+++ b/plugin/idp/oauth2/oauth2.go
@@ -113,5 +113,10 @@ func (p *IdentityProvider) UserInfo(token string) (*idp.IdentityProviderUserInfo
 			userInfo.Email = v
 		}
 	}
+	if p.config.FieldMapping.AvatarUrl != "" {
+		if v, ok := claims[p.config.FieldMapping.AvatarUrl].(string); ok {
+			userInfo.AvatarURL = v
+		}
+	}
 	return userInfo, nil
 }
--- a/proto/api/v1/idp_service.proto
+++ b/proto/api/v1/idp_service.proto
@@ -69,6 +69,7 @@ message FieldMapping {
  string identifier = 1;
  string display_name = 2;
  string email = 3;
+  string avatar_url = 4;
 }
 message OAuth2Config {

--- a/proto/buf.gen.yaml
+++ b/proto/buf.gen.yaml
 version: v2
-clean: true
 managed:
  enabled: true
  disable:

--- a/proto/gen/api/v1/idp_service.pb.go
+++ b/proto/gen/api/v1/idp_service.pb.go
@@ -219,6 +219,7 @@ type FieldMapping struct {
 	Identifier    string                 `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"`
 	DisplayName   string                 `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
 	Email         string                 `protobuf:"bytes,3,opt,name=email,proto3" json:"email,omitempty"`
+	AvatarUrl     string                 `protobuf:"bytes,4,opt,name=avatar_url,json=avatarUrl,proto3" json:"avatar_url,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
@@ -274,6 +275,13 @@ func (x *FieldMapping) GetEmail() string {
 	return ""
 }
+func (x *FieldMapping) GetAvatarUrl() string {
+	if x != nil {
+		return x.AvatarUrl
+	}
+	return ""
+}
 type OAuth2Config struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	ClientId      string                 `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
@@ -653,13 +661,15 @@ const file_api_v1_idp_service_proto_rawDesc = "" +
 	"\x06OAUTH2\x10\x01\"e\n" +
 	"\x16IdentityProviderConfig\x12A\n" +
 	"\roauth2_config\x18\x01 \x01(\v2\x1a.memos.api.v1.OAuth2ConfigH\x00R\foauth2ConfigB\b\n" +
-	"\x06config\"g\n" +
+	"\x06config\"\x86\x01\n" +
 	"\fFieldMapping\x12\x1e\n" +
 	"\n" +
 	"identifier\x18\x01 \x01(\tR\n" +
 	"identifier\x12!\n" +
 	"\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12\x14\n" +
-	"\x05email\x18\x03 \x01(\tR\x05email\"\x85\x02\n" +
+	"\x05email\x18\x03 \x01(\tR\x05email\x12\x1d\n" +
+	"\n" +
+	"avatar_url\x18\x04 \x01(\tR\tavatarUrl\"\x85\x02\n" +
 	"\fOAuth2Config\x12\x1b\n" +
 	"\tclient_id\x18\x01 \x01(\tR\bclientId\x12#\n" +
 	"\rclient_secret\x18\x02 \x01(\tR\fclientSecret\x12\x19\n" +

--- a/proto/gen/apidocs.swagger.yaml
+++ b/proto/gen/apidocs.swagger.yaml
--- a/proto/gen/store/idp.pb.go
+++ b/proto/gen/store/idp.pb.go
@@ -214,6 +214,7 @@ type FieldMapping struct {
 	Identifier    string                 `protobuf:"bytes,1,opt,name=identifier,proto3" json:"identifier,omitempty"`
 	DisplayName   string                 `protobuf:"bytes,2,opt,name=display_name,json=displayName,proto3" json:"display_name,omitempty"`
 	Email         string                 `protobuf:"bytes,3,opt,name=email,proto3" json:"email,omitempty"`
+	AvatarUrl     string                 `protobuf:"bytes,4,opt,name=avatar_url,json=avatarUrl,proto3" json:"avatar_url,omitempty"`
 	unknownFields protoimpl.UnknownFields
 	sizeCache     protoimpl.SizeCache
 }
@@ -269,6 +270,13 @@ func (x *FieldMapping) GetEmail() string {
 	return ""
 }
+func (x *FieldMapping) GetAvatarUrl() string {
+	if x != nil {
+		return x.AvatarUrl
+	}
+	return ""
+}
 type OAuth2Config struct {
 	state         protoimpl.MessageState `protogen:"open.v1"`
 	ClientId      string                 `protobuf:"bytes,1,opt,name=client_id,json=clientId,proto3" json:"client_id,omitempty"`
@@ -378,13 +386,15 @@ const file_store_idp_proto_rawDesc = "" +
 	"\x06OAUTH2\x10\x01\"d\n" +
 	"\x16IdentityProviderConfig\x12@\n" +
 	"\roauth2_config\x18\x01 \x01(\v2\x19.memos.store.OAuth2ConfigH\x00R\foauth2ConfigB\b\n" +
-	"\x06config\"g\n" +
+	"\x06config\"\x86\x01\n" +
 	"\fFieldMapping\x12\x1e\n" +
 	"\n" +
 	"identifier\x18\x01 \x01(\tR\n" +
 	"identifier\x12!\n" +
 	"\fdisplay_name\x18\x02 \x01(\tR\vdisplayName\x12\x14\n" +
-	"\x05email\x18\x03 \x01(\tR\x05email\"\x84\x02\n" +
+	"\x05email\x18\x03 \x01(\tR\x05email\x12\x1d\n" +
+	"\n" +
+	"avatar_url\x18\x04 \x01(\tR\tavatarUrl\"\x84\x02\n" +
 	"\fOAuth2Config\x12\x1b\n" +
 	"\tclient_id\x18\x01 \x01(\tR\bclientId\x12#\n" +
 	"\rclient_secret\x18\x02 \x01(\tR\fclientSecret\x12\x19\n" +

--- a/proto/store/idp.proto
+++ b/proto/store/idp.proto
@@ -27,6 +27,7 @@ message FieldMapping {
  string identifier = 1;
  string display_name = 2;
  string email = 3;
+  string avatar_url = 4;
 }
 message OAuth2Config {

--- a/server/router/api/v1/auth_service.go
+++ b/server/router/api/v1/auth_service.go
@@ -129,9 +129,10 @@ func (s *APIV1Service) SignInWithSSO(ctx context.Context, request *v1pb.SignInWi
 		userCreate := &store.User{
 			Username: userInfo.Identifier,
 			// The new signup user should be normal user by default.
-			Role:     store.RoleUser,
+			Role:      store.RoleUser,
-			Nickname: userInfo.DisplayName,
+			Nickname:  userInfo.DisplayName,
-			Email:    userInfo.Email,
+			Email:     userInfo.Email,
+			AvatarURL: userInfo.AvatarURL,
 		}
 		password, err := util.RandomString(20)
 		if err != nil {

--- a/web/src/types/proto/api/v1/idp_service.ts
+++ b/web/src/types/proto/api/v1/idp_service.ts
@@ -64,6 +64,7 @@ export interface FieldMapping {
  identifier: string;
  displayName: string;
  email: string;
+  avatarUrl: string;
 }
 export interface OAuth2Config {
@@ -255,7 +256,7 @@ export const IdentityProviderConfig: MessageFns<IdentityProviderConfig> = {
 };
 function createBaseFieldMapping(): FieldMapping {
-  return { identifier: "", displayName: "", email: "" };
+  return { identifier: "", displayName: "", email: "", avatarUrl: "" };
 }
 export const FieldMapping: MessageFns<FieldMapping> = {
@@ -269,6 +270,9 @@ export const FieldMapping: MessageFns<FieldMapping> = {
    if (message.email !== "") {
      writer.uint32(26).string(message.email);
    }
+    if (message.avatarUrl !== "") {
+      writer.uint32(34).string(message.avatarUrl);
+    }
    return writer;
  },
@@ -303,6 +307,14 @@ export const FieldMapping: MessageFns<FieldMapping> = {
          message.email = reader.string();
          continue;
        }
+        case 4: {
+          if (tag !== 34) {
+            break;
+          }
+          message.avatarUrl = reader.string();
+          continue;
+        }
      }
      if ((tag & 7) === 4 || tag === 0) {
        break;
@@ -320,6 +332,7 @@ export const FieldMapping: MessageFns<FieldMapping> = {
    message.identifier = object.identifier ?? "";
    message.displayName = object.displayName ?? "";
    message.email = object.email ?? "";
+    message.avatarUrl = object.avatarUrl ?? "";
    return message;
  },
 };

--- a/web/src/types/proto/google/protobuf/descriptor.ts
+++ b/web/src/types/proto/google/protobuf/descriptor.ts