Backport #28184 Fix #25473 Although there was `m.Post("/login/oauth/access_token", CorsHandler()...`, it never really worked, because it still lacks the "OPTIONS" handler. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>tags/v1.21.1
r.Methods("GET", pattern, h...) | r.Methods("GET", pattern, h...) | ||||
} | } | ||||
func (r *Route) Options(pattern string, h ...any) { | |||||
r.Methods("OPTIONS", pattern, h...) | |||||
} | |||||
// GetOptions delegate get and options method | // GetOptions delegate get and options method | ||||
func (r *Route) GetOptions(pattern string, h ...any) { | func (r *Route) GetOptions(pattern string, h ...any) { | ||||
r.Methods("GET,OPTIONS", pattern, h...) | r.Methods("GET,OPTIONS", pattern, h...) |
w.WriteHeader(http.StatusOK) | w.WriteHeader(http.StatusOK) | ||||
} | } | ||||
func DummyBadRequest(w http.ResponseWriter, req *http.Request) { | |||||
w.WriteHeader(http.StatusBadRequest) | |||||
} | |||||
func RobotsTxt(w http.ResponseWriter, req *http.Request) { | func RobotsTxt(w http.ResponseWriter, req *http.Request) { | ||||
robotsTxt := util.FilePathJoinAbs(setting.CustomPath, "public/robots.txt") | robotsTxt := util.FilePathJoinAbs(setting.CustomPath, "public/robots.txt") | ||||
if ok, _ := util.IsExist(robotsTxt); !ok { | if ok, _ := util.IsExist(robotsTxt); !ok { |
m.Post("/authorize", web.Bind(forms.AuthorizationForm{}), auth.AuthorizeOAuth) | m.Post("/authorize", web.Bind(forms.AuthorizationForm{}), auth.AuthorizeOAuth) | ||||
}, ignSignInAndCsrf, reqSignIn) | }, ignSignInAndCsrf, reqSignIn) | ||||
m.Get("/login/oauth/userinfo", ignSignInAndCsrf, auth.InfoOAuth) | m.Get("/login/oauth/userinfo", ignSignInAndCsrf, auth.InfoOAuth) | ||||
m.Options("/login/oauth/access_token", CorsHandler(), misc.DummyBadRequest) | |||||
m.Post("/login/oauth/access_token", CorsHandler(), web.Bind(forms.AccessTokenForm{}), ignSignInAndCsrf, auth.AccessTokenOAuth) | m.Post("/login/oauth/access_token", CorsHandler(), web.Bind(forms.AccessTokenForm{}), ignSignInAndCsrf, auth.AccessTokenOAuth) | ||||
m.Get("/login/oauth/keys", ignSignInAndCsrf, auth.OIDCKeys) | m.Get("/login/oauth/keys", ignSignInAndCsrf, auth.OIDCKeys) | ||||
m.Options("/login/oauth/introspect", CorsHandler(), misc.DummyBadRequest) | |||||
m.Post("/login/oauth/introspect", CorsHandler(), web.Bind(forms.IntrospectTokenForm{}), ignSignInAndCsrf, auth.IntrospectOAuth) | m.Post("/login/oauth/introspect", CorsHandler(), web.Bind(forms.IntrospectTokenForm{}), ignSignInAndCsrf, auth.IntrospectOAuth) | ||||
m.Group("/user/settings", func() { | m.Group("/user/settings", func() { |