diff options
author | zeripath <art27@cantab.net> | 2021-12-14 08:37:11 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-12-14 16:37:11 +0800 |
commit | 0981ec30c3d5218939d44fc2f40725b0b4a03684 (patch) | |
tree | 5479fb309f9800310cf2268d493e1cd33abfeac6 /models | |
parent | b4782e24d2821bbb5647eff2eaf5c338e92324db (diff) | |
download | gitea-0981ec30c3d5218939d44fc2f40725b0b4a03684.tar.gz gitea-0981ec30c3d5218939d44fc2f40725b0b4a03684.zip |
Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
* Add setting to OAuth handlers to override local 2FA settings
This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.
Fix #13939
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix regression from #16544
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add scopes settings
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix trace logging in auth_openid
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add required claim options
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move UpdateExternalUser to externalaccount
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow OAuth2/OIDC to set Admin/Restricted status
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow use of the same group claim name for the prohibit login value
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fixup! Move UpdateExternalUser to externalaccount
* as per wxiaoguang
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add label back in
Signed-off-by: Andrew Thornton <art27@cantab.net>
* adjust localisation
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'models')
-rw-r--r-- | models/user/external_login_user.go | 38 |
1 files changed, 6 insertions, 32 deletions
diff --git a/models/user/external_login_user.go b/models/user/external_login_user.go index 354dee04a9..8cf7c652b1 100644 --- a/models/user/external_login_user.go +++ b/models/user/external_login_user.go @@ -10,9 +10,7 @@ import ( "time" "code.gitea.io/gitea/models/db" - "code.gitea.io/gitea/models/login" - "github.com/markbates/goth" "xorm.io/builder" ) @@ -139,42 +137,18 @@ func GetUserIDByExternalUserID(provider, userID string) (int64, error) { return id, nil } -// UpdateExternalUser updates external user's information -func UpdateExternalUser(user *User, gothUser goth.User) error { - loginSource, err := login.GetActiveOAuth2LoginSourceByName(gothUser.Provider) - if err != nil { - return err - } - externalLoginUser := &ExternalLoginUser{ - ExternalID: gothUser.UserID, - UserID: user.ID, - LoginSourceID: loginSource.ID, - RawData: gothUser.RawData, - Provider: gothUser.Provider, - Email: gothUser.Email, - Name: gothUser.Name, - FirstName: gothUser.FirstName, - LastName: gothUser.LastName, - NickName: gothUser.NickName, - Description: gothUser.Description, - AvatarURL: gothUser.AvatarURL, - Location: gothUser.Location, - AccessToken: gothUser.AccessToken, - AccessTokenSecret: gothUser.AccessTokenSecret, - RefreshToken: gothUser.RefreshToken, - ExpiresAt: gothUser.ExpiresAt, - } - - has, err := db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", gothUser.UserID, loginSource.ID). +// UpdateExternalUserByExternalID updates an external user's information +func UpdateExternalUserByExternalID(external *ExternalLoginUser) error { + has, err := db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", external.ExternalID, external.LoginSourceID). NoAutoCondition(). - Exist(externalLoginUser) + Exist(external) if err != nil { return err } else if !has { - return ErrExternalLoginUserNotExist{user.ID, loginSource.ID} + return ErrExternalLoginUserNotExist{external.UserID, external.LoginSourceID} } - _, err = db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", gothUser.UserID, loginSource.ID).AllCols().Update(externalLoginUser) + _, err = db.GetEngine(db.DefaultContext).Where("external_id=? AND login_source_id=?", external.ExternalID, external.LoginSourceID).AllCols().Update(external) return err } |