diff options
| author | zeripath <art27@cantab.net> | 2021-12-14 08:37:11 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-12-14 16:37:11 +0800 |
| commit | 0981ec30c3d5218939d44fc2f40725b0b4a03684 (patch) | |
| tree | 5479fb309f9800310cf2268d493e1cd33abfeac6 /options | |
| parent | b4782e24d2821bbb5647eff2eaf5c338e92324db (diff) | |
| download | gitea-0981ec30c3d5218939d44fc2f40725b0b4a03684.tar.gz gitea-0981ec30c3d5218939d44fc2f40725b0b4a03684.zip | |
Add Option to synchronize Admin & Restricted states from OIDC/OAuth2 along with Setting Scopes (#16766)
* Add setting to OAuth handlers to override local 2FA settings
This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.
Fix #13939
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix regression from #16544
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add scopes settings
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix trace logging in auth_openid
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add required claim options
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move UpdateExternalUser to externalaccount
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow OAuth2/OIDC to set Admin/Restricted status
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow use of the same group claim name for the prohibit login value
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fixup! Move UpdateExternalUser to externalaccount
* as per wxiaoguang
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add label back in
Signed-off-by: Andrew Thornton <art27@cantab.net>
* adjust localisation
Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'options')
| -rw-r--r-- | options/locale/locale_en-US.ini | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 2819223103..3f180ddbec 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -2521,6 +2521,11 @@ auths.oauth2_emailURL = Email URL auths.skip_local_two_fa = Skip local 2FA auths.skip_local_two_fa_helper = Leaving unset means local users with 2FA set will still have to pass 2FA to log on auths.oauth2_tenant = Tenant +auths.oauth2_scopes = Additional Scopes +auths.oauth2_required_claim_name = Required Claim Name +auths.oauth2_required_claim_name_helper = Set this name to restrict login from this source to users with a claim with this name +auths.oauth2_required_claim_value = Required Claim Value +auths.oauth2_required_claim_value_helper = Set this value to restrict login from this source to users with a claim with this name and value auths.enable_auto_register = Enable Auto Registration auths.sspi_auto_create_users = Automatically create users auths.sspi_auto_create_users_helper = Allow SSPI auth method to automatically create new accounts for users that login for the first time |