summaryrefslogtreecommitdiffstats
path: root/modules/auth/oauth2/oauth2.go
Commit message (Collapse)AuthorAgeFilesLines
* OAuth2 auto-register (#5123)Martin Michaelis2021-04-141-3/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactored handleOAuth2SignIn in routers/user/auth.go The function handleOAuth2SignIn was called twice but some code path could only be reached by one of the invocations. Moved the unnecessary code path out of handleOAuth2SignIn. * Refactored user creation There was common code to create a user and display the correct error message. And after the creation the only user should be an admin and if enabled a confirmation email should be sent. This common code is now abstracted into two functions and a helper function to call both. * Added auto-register for OAuth2 users If enabled new OAuth2 users will be registered with their OAuth2 details. The UserID, Name and Email fields from the gothUser are used. Therefore the OpenID Connect provider needs additional scopes to return the coresponding claims. * Added error for missing fields in OAuth2 response * Linking and auto linking on oauth2 registration * Set default username source to nickname * Add automatic oauth2 scopes for github and google * Add hint to change the openid connect scopes if fields are missing * Extend info about auto linking security risk Co-authored-by: Viktor Kuzmin <kvaster@gmail.com> Signed-off-by: Martin Michaelis <code@mgjm.de>
* Fix creating OAuth2 auth source from CLI (#14116)Daniil Pankratov2020-12-241-0/+5
| | | | | | | | Fix creation OAuth2 auth source from CLI. Fix #8356 Co-authored-by: Daniil Pankratov <daniil.pankratov@t-systems.com>
* #12897 - add mastodon provider (#13293)Divyam Bhasin2020-10-251-0/+9
| | | | | | | | | | | | | | | | | | | | | | | * added mastodon provider to oauth code * changed go.mod and vendor/modules.txt to add updated goth * vendored mastodon and new goth * committing result of go mod tidy && go mod vendor * added pic and mastodon to oauth models * handled instance url * applied lafriks suggestion * Update web_src/js/index.js Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <matti@mdranta.net>
* Escape provider name in oauth2 provider redirect (#12648)zeripath2020-08-301-1/+2
| | | | | Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Use google/uuid to instead satori/go.uuid (#11943)Lunny Xiao2020-06-181-2/+2
| | | Co-authored-by: Lauris BH <lauris@nix.lv>
* Add option to increase provided OAuth2 token maximum size (#11180)zeripath2020-04-231-3/+2
| | | | | | | | | | | | | | | | | | | Some OAuth2 providers return quite large structured tokens >32767 bytes. Gitea currently has a fixed maximum of 32767 bytes for these and unfortunately due to the convoluted nature of the dependent libraries the error returned is rather opaque. Here we manage the error a little better - detecting the rather opaque github.com/gorilla/securecookie.errEncodedValueTooLong and converting it to a more readable error. Further we provide a configurable option to increase the maximum size of the provided OAuth2 tokens. Fix #9907 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* OAuth2: add Yandex provider (#8335) (#10564)Lauris BH2020-03-051-0/+4
| | | | | | | | | | | | | | | | | | | | | | * OAuth2: add Yandex provider (#8335) * remove changes from locale ru-RU * fmt modules/auth/oauth2/oauth2.go Co-Authored-By: 6543 <6543@obermui.de> * fix fmt * Update templates/admin/auth/new.tmpl * fix fmt Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* nextcloud oauth (#10562)techknowlogick2020-03-021-0/+23
| | | Fix #7078
* Upgrade xorm to v0.8.0 (#8536)Lunny Xiao2019-10-171-1/+1
|
* migrate gplus to google oauth2 provider (#7885)techknowlogick2019-09-141-3/+3
| | | | | | | | | | * migrate gplus to google oauth2 provider. this still provides support for old gplus connections. * Update models/oauth2.go Co-Authored-By: Antoine GIRARD <sapk@users.noreply.github.com> * make vendor
* oauth2 with remote Gitea - Fix #8093 (#8149)techknowlogick2019-09-121-0/+23
|
* Add golangci (#6418)kolaente2019-06-121-2/+1
|
* Discord Oauth2 support (#4476)techknowlogick2019-01-131-0/+3
| | | | | | | | | | | | | | * add discord auth * add vendor for discord * fix syntax error * make fmt * update version of goth in use * update markbates/goth
* Add scope to Gitlab oauth request (#4330)techknowlogick2018-06-301-1/+1
| | | Fix #3449
* Store OAuth2 session data in database (#3660)Lauris BH2018-04-291-9/+10
| | | | | | * Store OAuth2 session data in database * Rename table to `oauth2_session` and do not skip xormstorage initialization error
* Additional OAuth2 providers (#1010)Willem van Dreumel2017-05-011-8/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add google+ * sort signin oauth2 providers based on the name so order is always the same * update auth tip for google+ * add gitlab provider * add bitbucket provider (and some go fmt) * add twitter provider * add facebook provider * add dropbox provider * add openid connect provider incl. new format of tips section in "Add New Source" * lower the amount of disk storage for each session to prevent issues while building cross platform (and disk overflow) * imports according to goimport and code style * make it possible to set custom urls to gitlab and github provider (only these could have a different host) * split up oauth2 into multiple files * small typo in comment * fix indention * fix indentation * fix new line before external import * fix layout of signin part * update "broken" dependency
* fix: gofmt errors. (#1106)Bo-Yi Wu2017-03-031-5/+7
|
* Oauth2 consumer (#679)Willem van Dreumel2017-02-221-0/+105
* initial stuff for oauth2 login, fails on: * login button on the signIn page to start the OAuth2 flow and a callback for each provider Only GitHub is implemented for now * show login button only when the OAuth2 consumer is configured (and activated) * create macaron group for oauth2 urls * prevent net/http in modules (other then oauth2) * use a new data sessions oauth2 folder for storing the oauth2 session data * add missing 2FA when this is enabled on the user * add password option for OAuth2 user , for use with git over http and login to the GUI * add tip for registering a GitHub OAuth application * at startup of Gitea register all configured providers and also on adding/deleting of new providers * custom handling of errors in oauth2 request init + show better tip * add ExternalLoginUser model and migration script to add it to database * link a external account to an existing account (still need to handle wrong login and signup) and remove if user is removed * remove the linked external account from the user his settings * if user is unknown we allow him to register a new account or link it to some existing account * sign up with button on signin page (als change OAuth2Provider structure so we can store basic stuff about providers) * from gorilla/sessions docs: "Important Note: If you aren't using gorilla/mux, you need to wrap your handlers with context.ClearHandler as or else you will leak memory!" (we're using gorilla/sessions for storing oauth2 sessions) * use updated goth lib that now supports getting the OAuth2 user if the AccessToken is still valid instead of re-authenticating (prevent flooding the OAuth2 provider)
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-02 20:54:56 +0000