summaryrefslogtreecommitdiffstats
path: root/services/auth/oauth2.go
diff options
context:
space:
mode:
Diffstat (limited to 'services/auth/oauth2.go')
-rw-r--r--services/auth/oauth2.go12
1 files changed, 11 insertions, 1 deletions
diff --git a/services/auth/oauth2.go b/services/auth/oauth2.go
index 93806c7072..f7f870dade 100644
--- a/services/auth/oauth2.go
+++ b/services/auth/oauth2.go
@@ -113,7 +113,7 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
return nil
}
- if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) {
+ if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isAuthenticatedTokenRequest(req) {
return nil
}
@@ -134,3 +134,13 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
log.Trace("OAuth2 Authorization: Logged in user %-v", user)
return user
}
+
+func isAuthenticatedTokenRequest(req *http.Request) bool {
+ switch req.URL.Path {
+ case "/login/oauth/userinfo":
+ fallthrough
+ case "/login/oauth/introspect":
+ return true
+ }
+ return false
+}