diff options
| author | morphelinho <morphelinho@users.noreply.github.com> | 2023-12-22 13:23:24 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-22 12:23:24 +0000 |
| commit | 19869d1c11462294c828bc126bf006103239e397 (patch) | |
| tree | 1fc9f5e0924809d73f125fbf8a19cd447386bbd9 /routers/web/web.go | |
| parent | 21229ed2c8ed00f57100adf9ebc5f4a08da9a66e (diff) | |
| download | gitea-19869d1c11462294c828bc126bf006103239e397.tar.gz gitea-19869d1c11462294c828bc126bf006103239e397.zip | |
Fix 405 method not allowed CORS / OIDC (#28583)
Follow #28184
Follow #28515
Fix problem with 405 method not allowed for CORS wrt OIDC
Diffstat (limited to 'routers/web/web.go')
| -rw-r--r-- | routers/web/web.go | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/routers/web/web.go b/routers/web/web.go index db0588056b..359b608c71 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -532,9 +532,11 @@ func registerRoutes(m *web.Route) { // TODO manage redirection m.Post("/authorize", web.Bind(forms.AuthorizationForm{}), auth.AuthorizeOAuth) }, ignSignInAndCsrf, reqSignIn) + m.Options("/login/oauth/userinfo", CorsHandler(), misc.DummyBadRequest) m.Get("/login/oauth/userinfo", ignSignInAndCsrf, auth.InfoOAuth) m.Options("/login/oauth/access_token", CorsHandler(), misc.DummyBadRequest) m.Post("/login/oauth/access_token", CorsHandler(), web.Bind(forms.AccessTokenForm{}), ignSignInAndCsrf, auth.AccessTokenOAuth) + m.Options("/login/oauth/keys", CorsHandler(), misc.DummyBadRequest) m.Get("/login/oauth/keys", ignSignInAndCsrf, auth.OIDCKeys) m.Options("/login/oauth/introspect", CorsHandler(), misc.DummyBadRequest) m.Post("/login/oauth/introspect", CorsHandler(), web.Bind(forms.IntrospectTokenForm{}), ignSignInAndCsrf, auth.IntrospectOAuth) |