From 9d855bd6a1da51a656bede3a855b2cecc6a22f28 Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Wed, 3 Nov 2021 00:33:54 +0000
Subject: Simplify Gothic to use our session store instead of creating a
 different store (#17507)

* Simplify Gothic to use our session store instead of creating a different store

We have been using xormstore to provide a separate session store for our OAuth2 logins
however, this relies on using gorilla context and some doubling of our session storing.
We can however, simplify and simply use our own chi-based session store. Thus removing
a cookie and some of the weirdness with missing contexts.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per review

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per review

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle MaxTokenLength

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
---
 routers/web/user/auth.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'routers/web/user')

diff --git a/routers/web/user/auth.go b/routers/web/user/auth.go
index 99885e5ce3..21d48e9834 100644
--- a/routers/web/user/auth.go
+++ b/routers/web/user/auth.go
@@ -789,7 +789,7 @@ func handleOAuth2SignIn(ctx *context.Context, source *login.Source, u *models.Us
 func oAuth2UserLoginCallback(loginSource *login.Source, request *http.Request, response http.ResponseWriter) (*models.User, goth.User, error) {
 	gothUser, err := loginSource.Cfg.(*oauth2.Source).Callback(request, response)
 	if err != nil {
-		if err.Error() == "securecookie: the value is too long" {
+		if err.Error() == "securecookie: the value is too long" || strings.Contains(err.Error(), "Data too long") {
 			log.Error("OAuth2 Provider %s returned too long a token. Current max: %d. Either increase the [OAuth2] MAX_TOKEN_LENGTH or reduce the information returned from the OAuth2 provider", loginSource.Name, setting.OAuth2.MaxTokenLength)
 			err = fmt.Errorf("OAuth2 Provider %s returned too long a token. Current max: %d. Either increase the [OAuth2] MAX_TOKEN_LENGTH or reduce the information returned from the OAuth2 provider", loginSource.Name, setting.OAuth2.MaxTokenLength)
 		}
-- 
cgit v1.2.3