aboutsummaryrefslogtreecommitdiffstats
path: root/modules/setting
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2020-04-22 23:47:23 +0100
committerGitHub <noreply@github.com>2020-04-23 00:47:23 +0200
commite74c4e1be988f2815146338cbce8210e515a937e (patch)
treef2b8ad4b2b117f648ffbba23a1aba207ae43a9cf /modules/setting
parentb51fd30522af31eaf22ab15a826f9ee18fd53969 (diff)
downloadgitea-e74c4e1be988f2815146338cbce8210e515a937e.tar.gz
gitea-e74c4e1be988f2815146338cbce8210e515a937e.zip
Add option to increase provided OAuth2 token maximum size (#11180)
Some OAuth2 providers return quite large structured tokens >32767 bytes. Gitea currently has a fixed maximum of 32767 bytes for these and unfortunately due to the convoluted nature of the dependent libraries the error returned is rather opaque. Here we manage the error a little better - detecting the rather opaque github.com/gorilla/securecookie.errEncodedValueTooLong and converting it to a more readable error. Further we provide a configurable option to increase the maximum size of the provided OAuth2 tokens. Fix #9907 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'modules/setting')
-rw-r--r--modules/setting/setting.go3
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index a18b47a7e9..069a3556da 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -10,6 +10,7 @@ import (
"fmt"
"io"
"io/ioutil"
+ "math"
"net"
"net/url"
"os"
@@ -323,11 +324,13 @@ var (
InvalidateRefreshTokens bool
JWTSecretBytes []byte `ini:"-"`
JWTSecretBase64 string `ini:"JWT_SECRET"`
+ MaxTokenLength int
}{
Enable: true,
AccessTokenExpirationTime: 3600,
RefreshTokenExpirationTime: 730,
InvalidateRefreshTokens: false,
+ MaxTokenLength: math.MaxInt16,
}
U2F = struct {