From 9dfe74562955839a26f9073637f48abb0fce3f9e Mon Sep 17 00:00:00 2001
From: Tao Chen <iamtaochen@outlook.com>
Date: Sun, 3 Nov 2024 18:04:28 +0800
Subject: [PATCH] fix google

---
 model/oauth.go   | 47 ++++++++++++++++++++++-------------------------
 service/oauth.go |  4 ++--
 2 files changed, 24 insertions(+), 27 deletions(-)

diff --git a/model/oauth.go b/model/oauth.go
index 8f2b84e..91b4181 100644
--- a/model/oauth.go
+++ b/model/oauth.go
@@ -2,9 +2,10 @@ package model
 
 import (
 	"strconv"
-	"fmt"
+	"strings"
 )
 
+const OIDC_DEFAULT_SCOPES = "openid,profile,email"
 
 const (
 	OauthTypeGithub  string = "github"
@@ -57,50 +58,45 @@ func (ou *OauthUser) ToUser(user *User, overideUsername bool) {
 	user.Avatar = ou.Picture
 }
 
-
 type OauthUserBase struct {
 	Name  string `json:"name"`
 	Email string `json:"email"`
 }
 
-
 type OidcUser struct {
 	OauthUserBase
 	Sub               string `json:"sub"`
 	VerifiedEmail     bool   `json:"email_verified"`
 	PreferredUsername string `json:"preferred_username"`
-	Picture		   	  string `json:"picture"`
+	Picture           string `json:"picture"`
 }
 
 func (ou *OidcUser) ToOauthUser() *OauthUser {
+	var username string
+	// 使用 PreferredUsername，如果不存在，降级到 Email 前缀
+	if ou.PreferredUsername != "" {
+		username = ou.PreferredUsername
+	} else {
+		username = strings.ToLower(strings.Split(ou.Email, "@")[0])
+	}
+
 	return &OauthUser{
-		OpenId: 		ou.Sub,
-		Name:   		ou.Name,
-		Username: 		ou.PreferredUsername,
-		Email:  		ou.Email,
-		VerifiedEmail: 	ou.VerifiedEmail,
-		Picture:		ou.Picture,
+		OpenId:        ou.Sub,
+		Name:          ou.Name,
+		Username:      username,
+		Email:         ou.Email,
+		VerifiedEmail: ou.VerifiedEmail,
+		Picture:       ou.Picture,
 	}
 }
 
 type GoogleUser struct {
-	OauthUserBase
-	FamilyName    string `json:"family_name"`
-	GivenName     string `json:"given_name"`
-	Id            string `json:"id"`
-	Picture       string `json:"picture"`
-	VerifiedEmail bool   `json:"verified_email"`
+	OidcUser
 }
 
+// GoogleUser 使用特定的 Username 规则来调用 ToOauthUser
 func (gu *GoogleUser) ToOauthUser() *OauthUser {
-	return &OauthUser{
-		OpenId: 		gu.Id,
-		Name:   		fmt.Sprintf("%s %s", gu.GivenName, gu.FamilyName),
-		Username: 		gu.GivenName,
-		Email:  		gu.Email,
-		VerifiedEmail: 	gu.VerifiedEmail,
-		Picture:		gu.Picture,
-	}	
+	return gu.OidcUser.ToOauthUser()
 }
 
 
@@ -113,10 +109,11 @@ type GithubUser struct {
 }
 
 func (gu *GithubUser) ToOauthUser() *OauthUser {
+	username := strings.ToLower(gu.Login)
 	return &OauthUser{
 		OpenId: 		strconv.Itoa(gu.Id),
 		Name:   		gu.Name,
-		Username: 		gu.Login,
+		Username: 		username,
 		Email:  		gu.Email,
 		VerifiedEmail: 	gu.VerifiedEmail,
 		Picture:		gu.AvatarUrl,
diff --git a/service/oauth.go b/service/oauth.go
index 6cfa083..331ca97 100644
--- a/service/oauth.go
+++ b/service/oauth.go
@@ -170,7 +170,7 @@ func (os *OauthService) GetOauthConfig(op string) (err error, oauthInfo *model.O
 		oauthConfig.Scopes = []string{"read:user", "user:email"}
 	case model.OauthTypeGoogle:
 		oauthConfig.Endpoint = google.Endpoint
-		oauthConfig.Scopes = []string{"https://www.googleapis.com/auth/userinfo.profile", "https://www.googleapis.com/auth/userinfo.email"}
+		oauthConfig.Scopes = os.constructScopes(model.OIDC_DEFAULT_SCOPES)
 	case model.OauthTypeOidc:
 		var endpoint OidcEndpoint
 		err, endpoint = os.FetchOidcEndpoint(oauthInfo.Issuer)
@@ -374,7 +374,7 @@ func (os *OauthService) getScopesByOp(op string) []string {
 func (os *OauthService) constructScopes(scopes string) []string {
     scopes = strings.TrimSpace(scopes)
     if scopes == "" {
-        scopes = "openid,profile,email"
+        scopes = model.OIDC_DEFAULT_SCOPES
     }
     return strings.Split(scopes, ",")
 }