Fix incorrect `/tokens` api (#32085)

Fixes #32078 - Add missing scopes output. - Disallow empty scope. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
author: KN4CK3R <admin@oldschoolhack.me> 2024-09-20 21:00:39 +0200
committer: GitHub <noreply@github.com> 2024-09-20 19:00:39 +0000
commit: 08adbc468f8875fd4763c3656b334203c11adc0a (patch)
tree: 510e0562aeee0b3d72852e85db119a89e338f6c0 /routers/api/v1
parent: aa9faf825074110d31fc2c75a31880c98a48feb2 (diff)
download: gitea-08adbc468f8875fd4763c3656b334203c11adc0a.tar.gz
gitea-08adbc468f8875fd4763c3656b334203c11adc0a.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/routers/api/v1/user/app.go b/routers/api/v1/user/app.go
index 5c28dd878d..9583bb548c 100644
--- a/routers/api/v1/user/app.go
+++ b/routers/api/v1/user/app.go
@@ -118,6 +118,10 @@ func CreateAccessToken(ctx *context.APIContext) {
 		ctx.Error(http.StatusBadRequest, "AccessTokenScope.Normalize", fmt.Errorf("invalid access token scope provided: %w", err))
 		return
 	}
+	if scope == "" {
+		ctx.Error(http.StatusBadRequest, "AccessTokenScope", "access token must have a scope")
+		return
+	}
 	t.Scope = scope
 
 	if err := auth_model.NewAccessToken(ctx, t); err != nil {
@@ -129,6 +133,7 @@ func CreateAccessToken(ctx *context.APIContext) {
 		Token:          t.Token,
 		ID:             t.ID,
 		TokenLastEight: t.TokenLastEight,
+		Scopes:         t.Scope.StringSlice(),
 	})
 }
author	KN4CK3R <admin@oldschoolhack.me>	2024-09-20 21:00:39 +0200
committer	GitHub <noreply@github.com>	2024-09-20 19:00:39 +0000
commit	08adbc468f8875fd4763c3656b334203c11adc0a (patch)
tree	510e0562aeee0b3d72852e85db119a89e338f6c0 /routers/api/v1
parent	aa9faf825074110d31fc2c75a31880c98a48feb2 (diff)
download	gitea-08adbc468f8875fd4763c3656b334203c11adc0a.tar.gz gitea-08adbc468f8875fd4763c3656b334203c11adc0a.zip