feat(policy): add Google Drive Oauth client

2026-01-26 09:34:57 +08:00 · 2023-05-24 14:39:54 +08:00
parent 4c18e5acd1
commit 37926e3133
22 changed files with 524 additions and 79 deletions
--- a/service/admin/policy.go
+++ b/service/admin/policy.go
@@ -5,6 +5,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/googledrive"
 	"net/http"
 	"net/url"
 	"os"
@@ -104,27 +105,41 @@ func (service *PolicyService) Get() serializer.Response {
 }

 // GetOAuth 获取 OneDrive OAuth 地址
-func (service *PolicyService) GetOAuth(c *gin.Context) serializer.Response {
+func (service *PolicyService) GetOAuth(c *gin.Context, policyType string) serializer.Response {
 	policy, err := model.GetPolicyByID(service.ID)
-	if err != nil || policy.Type != "onedrive" {
+	if err != nil || policy.Type != policyType {
 		return serializer.Err(serializer.CodePolicyNotExist, "", nil)
 	}

-	client, err := onedrive.NewClient(&policy)
-	if err != nil {
-		return serializer.Err(serializer.CodeInternalSetting, "Failed to initialize OneDrive client", err)
-	}
-
 	util.SetSession(c, map[string]interface{}{
-		"onedrive_oauth_policy": policy.ID,
+		policyType + "_oauth_policy": policy.ID,
 	})

-	cache.Deletes([]string{policy.BucketName}, "onedrive_")
+	var redirect string
+	switch policy.Type {
+	case "onedrive":
+		client, err := onedrive.NewClient(&policy)
+		if err != nil {
+			return serializer.Err(serializer.CodeInternalSetting, "Failed to initialize OneDrive client", err)
+		}

-	return serializer.Response{Data: client.OAuthURL(context.Background(), []string{
-		"offline_access",
-		"files.readwrite.all",
-	})}
+		redirect = client.OAuthURL(context.Background(), []string{
+			"offline_access",
+			"files.readwrite.all",
+		})
+	case "googledrive":
+		client, err := googledrive.NewClient(&policy)
+		if err != nil {
+			return serializer.Err(serializer.CodeInternalSetting, "Failed to initialize Google Drive client", err)
+		}
+
+		redirect = client.OAuthURL(context.Background(), googledrive.RequiredScope)
+	}
+
+	// Delete token cache
+	cache.Deletes([]string{policy.BucketName}, policyType+"_")
+
+	return serializer.Response{Data: redirect}
 }

 // AddSCF 创建回调云函数
--- a/service/callback/oauth.go
+++ b/service/callback/oauth.go
@@ -6,22 +6,70 @@ import (

 	model "github.com/cloudreve/Cloudreve/v3/models"
 	"github.com/cloudreve/Cloudreve/v3/pkg/cache"
+	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/googledrive"
 	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/onedrive"
 	"github.com/cloudreve/Cloudreve/v3/pkg/serializer"
 	"github.com/cloudreve/Cloudreve/v3/pkg/util"
 	"github.com/gin-gonic/gin"
+	"github.com/samber/lo"
 	"strings"
 )

-// OneDriveOauthService OneDrive 授权回调服务
-type OneDriveOauthService struct {
+// OauthService OAuth 存储策略授权回调服务
+type OauthService struct {
 	Code     string `form:"code"`
 	Error    string `form:"error"`
 	ErrorMsg string `form:"error_description"`
+	Scope    string `form:"scope"`
 }

-// Auth 更新认证信息
-func (service *OneDriveOauthService) Auth(c *gin.Context) serializer.Response {
+// GDriveAuth Google Drive 更新认证信息
+func (service *OauthService) GDriveAuth(c *gin.Context) serializer.Response {
+	if service.Error != "" {
+		return serializer.ParamErr(service.Error, nil)
+	}
+
+	// validate required scope
+	if missing, found := lo.Find[string](googledrive.RequiredScope, func(item string) bool {
+		return !strings.Contains(service.Scope, item)
+	}); found {
+		return serializer.ParamErr(fmt.Sprintf("Missing required scope: %s", missing), nil)
+	}
+
+	policyID, ok := util.GetSession(c, "googledrive_oauth_policy").(uint)
+	if !ok {
+		return serializer.Err(serializer.CodeNotFound, "", nil)
+	}
+
+	util.DeleteSession(c, "googledrive_oauth_policy")
+
+	policy, err := model.GetPolicyByID(policyID)
+	if err != nil {
+		return serializer.Err(serializer.CodePolicyNotExist, "", nil)
+	}
+
+	client, err := googledrive.NewClient(&policy)
+	if err != nil {
+		return serializer.Err(serializer.CodeInternalSetting, "Failed to initialize Google Drive client", err)
+	}
+
+	credential, err := client.ObtainToken(c, service.Code, "")
+	if err != nil {
+		return serializer.Err(serializer.CodeInternalSetting, "Failed to fetch AccessToken", err)
+	}
+
+	// 更新存储策略的 RefreshToken
+	client.Policy.AccessKey = credential.RefreshToken
+	if err := client.Policy.SaveAndClearCache(); err != nil {
+		return serializer.DBErr("Failed to update RefreshToken", err)
+	}
+
+	cache.Deletes([]string{client.Policy.AccessKey}, googledrive.TokenCachePrefix)
+	return serializer.Response{}
+}
+
+// OdAuth OneDrive 更新认证信息
+func (service *OauthService) OdAuth(c *gin.Context) serializer.Response {
 	if service.Error != "" {
 		return serializer.ParamErr(service.ErrorMsg, nil)
 	}
--- a/service/node/fabric.go
+++ b/service/node/fabric.go
@@ -5,7 +5,9 @@ import (
 	model "github.com/cloudreve/Cloudreve/v3/models"
 	"github.com/cloudreve/Cloudreve/v3/pkg/cluster"
 	"github.com/cloudreve/Cloudreve/v3/pkg/conf"
+	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/googledrive"
 	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/driver/onedrive"
+	"github.com/cloudreve/Cloudreve/v3/pkg/filesystem/oauth"
 	"github.com/cloudreve/Cloudreve/v3/pkg/mq"
 	"github.com/cloudreve/Cloudreve/v3/pkg/serializer"
 	"github.com/gin-gonic/gin"
@@ -15,7 +17,7 @@ type SlaveNotificationService struct {
 	Subject string `uri:"subject" binding:"required"`
 }

-type OneDriveCredentialService struct {
+type OauthCredentialService struct {
 	PolicyID uint `uri:"id" binding:"required"`
 }

@@ -43,21 +45,32 @@ func (s *SlaveNotificationService) HandleSlaveNotificationPush(c *gin.Context) s
 	return serializer.Response{}
 }

-// Get 获取主机OneDrive策略的AccessToken
-func (s *OneDriveCredentialService) Get(c *gin.Context) serializer.Response {
+// Get 获取主机Oauth策略的AccessToken
+func (s *OauthCredentialService) Get(c *gin.Context) serializer.Response {
 	policy, err := model.GetPolicyByID(s.PolicyID)
 	if err != nil {
 		return serializer.Err(serializer.CodePolicyNotExist, "", err)
 	}

-	client, err := onedrive.NewClient(&policy)
-	if err != nil {
-		return serializer.Err(serializer.CodeInternalSetting, "Cannot initialize OneDrive client", err)
+	var client oauth.TokenProvider
+	switch policy.Type {
+	case "onedrive":
+		client, err = onedrive.NewClient(&policy)
+		if err != nil {
+			return serializer.Err(serializer.CodeInternalSetting, "Cannot initialize OneDrive client", err)
+		}
+	case "googledrive":
+		client, err = googledrive.NewClient(&policy)
+		if err != nil {
+			return serializer.Err(serializer.CodeInternalSetting, "Cannot initialize Google Drive client", err)
+		}
+	default:
+		return serializer.Err(serializer.CodePolicyNotExist, "", nil)
 	}

 	if err := client.UpdateCredential(c, conf.SystemConfig.Mode == "slave"); err != nil {
 		return serializer.Err(serializer.CodeInternalSetting, "Cannot refresh OneDrive credential", err)
 	}

-	return serializer.Response{Data: client.Credential.AccessToken}
+	return serializer.Response{Data: client.AccessToken()}
 }