diff options
| author | Giteabot <teabot@gitea.io> | 2023-12-22 20:55:43 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-22 20:55:43 +0800 |
| commit | 4dd39eb54aed03e2939b4fda6ab683756d878f04 (patch) | |
| tree | e890c653fa742ae0e662058d8e71a37f3d55bf8f | |
| parent | acc8100d47bab3b13311bcf4c330b19e2153d4ca (diff) | |
| download | gitea-4dd39eb54aed03e2939b4fda6ab683756d878f04.tar.gz gitea-4dd39eb54aed03e2939b4fda6ab683756d878f04.zip | |
Fix 405 method not allowed CORS / OIDC (#28583) (#28586)
Backport #28583 by @morphelinho
Follow #28184
Follow #28515
Fix problem with 405 method not allowed for CORS wrt OIDC
Co-authored-by: morphelinho <morphelinho@users.noreply.github.com>
| -rw-r--r-- | routers/web/web.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/routers/web/web.go b/routers/web/web.go index 943ede9335..d67f9cf90c 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -531,9 +531,11 @@ func registerRoutes(m *web.Route) { // TODO manage redirection m.Post("/authorize", web.Bind(forms.AuthorizationForm{}), auth.AuthorizeOAuth) }, ignSignInAndCsrf, reqSignIn) + m.Options("/login/oauth/userinfo", CorsHandler(), misc.DummyBadRequest) m.Get("/login/oauth/userinfo", ignSignInAndCsrf, auth.InfoOAuth) m.Options("/login/oauth/access_token", CorsHandler(), misc.DummyBadRequest) m.Post("/login/oauth/access_token", CorsHandler(), web.Bind(forms.AccessTokenForm{}), ignSignInAndCsrf, auth.AccessTokenOAuth) + m.Options("/login/oauth/keys", CorsHandler(), misc.DummyBadRequest) m.Get("/login/oauth/keys", ignSignInAndCsrf, auth.OIDCKeys) m.Options("/login/oauth/introspect", CorsHandler(), misc.DummyBadRequest) m.Post("/login/oauth/introspect", CorsHandler(), web.Bind(forms.IntrospectTokenForm{}), ignSignInAndCsrf, auth.IntrospectOAuth) |