aboutsummaryrefslogtreecommitdiffstats
path: root/models
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2021-12-14 08:37:11 +0000
committerGitHub <noreply@github.com>2021-12-14 16:37:11 +0800
commit0981ec30c3d5218939d44fc2f40725b0b4a03684 (patch)
tree5479fb309f9800310cf2268d493e1cd33abfeac6 /models
parentb4782e24d2821bbb5647eff2eaf5c338e92324db (diff)
downloadgitea-0981ec30c3d5218939d44fc2f40725b0b4a03684.tar.gz
gitea-0981ec30c3d5218939d44fc2f40725b0b4a03684.zip
Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
* Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix #13939 Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix regression from #16544 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add scopes settings Signed-off-by: Andrew Thornton <art27@cantab.net> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <art27@cantab.net> * add required claim options Signed-off-by: Andrew Thornton <art27@cantab.net> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <art27@cantab.net> * add label back in Signed-off-by: Andrew Thornton <art27@cantab.net> * adjust localisation Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'models')
-rw-r--r--models/user/external_login_user.go38
1 files changed, 6 insertions, 32 deletions
diff --git a/models/user/external_login_user.go b/models/user/external_login_user.go
index 354dee04a9..8cf7c652b1 100644
--- a/models/user/external_login_user.go
+++ b/models/user/external_login_user.go
@@ -10,9 +10,7 @@ import (
"time"
"code.gitea.io/gitea/models/db"
- "code.gitea.io/gitea/models/login"
- "github.com/markbates/goth"
"xorm.io/builder"
)
@@ -139,42 +137,18 @@ func GetUserIDByExternalUserID(provider, userID string) (int64, error) {
return id, nil
}
-// UpdateExternalUser updates external user's information
-func UpdateExternalUser(user *User, gothUser goth.User) error {
- loginSource, err := login.GetActiveOAuth2LoginSourceByName(gothUser.Provider)
- if err != nil {
- return err
- }
- externalLoginUser := &ExternalLoginUser{
- ExternalID: gothUser.UserID,
- UserID: user.ID,
- LoginSourceID: loginSource.ID,
- RawData: gothUser.RawData,
- Provider: gothUser.Provider,
- Email: gothUser.Email,
- Name: gothUser.Name,
- FirstName: gothUser.FirstName,
- LastName: gothUser.LastName,
- NickName: gothUser.NickName,
- Description: gothUser.Description,
- AvatarURL: gothUser.AvatarURL,
- Location: gothUser.Location,
- AccessToken: gothUser.AccessToken,
- AccessTokenSecret: gothUser.AccessTokenSecret,
- RefreshToken: gothUser.RefreshToken,
- ExpiresAt: gothUser.ExpiresAt,
- }
-
- has, err := db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", gothUser.UserID, loginSource.ID).
+// UpdateExternalUserByExternalID updates an external user's information
+func UpdateExternalUserByExternalID(external *ExternalLoginUser) error {
+ has, err := db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", external.ExternalID, external.LoginSourceID).
NoAutoCondition().
- Exist(externalLoginUser)
+ Exist(external)
if err != nil {
return err
} else if !has {
- return ErrExternalLoginUserNotExist{user.ID, loginSource.ID}
+ return ErrExternalLoginUserNotExist{external.UserID, external.LoginSourceID}
}
- _, err = db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", gothUser.UserID, loginSource.ID).AllCols().Update(externalLoginUser)
+ _, err = db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", external.ExternalID, external.LoginSourceID).AllCols().Update(external)
return err
}