Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scopes for application tokens #4300

Closed
aunger opened this issue Jun 22, 2018 · 9 comments · Fixed by #20908
Closed

Scopes for application tokens #4300

aunger opened this issue Jun 22, 2018 · 9 comments · Fixed by #20908
Labels
issue/confirmed Issue has been reviewed and confirmed to be present or accepted to be implemented type/feature Completely new functionality. Can only be merged if feature freeze is not active.

Comments

@aunger
Copy link
Contributor

aunger commented Jun 22, 2018

Allow authentication tokens to be limited in scope. Maybe something like GitHub:

https://developer.github.com/apps/building-oauth-apps/understanding-scopes-for-oauth-apps/

screenshot_2018-06-22-06-41-29
@lunny lunny added the type/feature Completely new functionality. Can only be merged if feature freeze is not active. label Jun 23, 2018
@stale
Copy link

stale bot commented Jan 22, 2019

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

@stale stale bot added the issue/stale label Jan 22, 2019
@lunny lunny added issue/confirmed Issue has been reviewed and confirmed to be present or accepted to be implemented and removed issue/stale labels Feb 6, 2019
@randomchance
Copy link

This would be pretty nice to have, especially for build authorizations.

@Changaco Changaco mentioned this issue Feb 17, 2020
Open
@mpfaff
Copy link

mpfaff commented May 3, 2020

Are there any plans for this? I don't feel comfortable at all with giving every app full access to my Gitea account.

@mcansky
Copy link

mcansky commented May 7, 2020

what can we do to help for this ?

@lunny
Copy link
Member

lunny commented May 7, 2020

Send a PR. :)

@snyk-bot snyk-bot mentioned this issue Jul 10, 2020
Open
@Jean-Baptiste-Lasselle
Copy link

Send a PR. :)

All scopes support in one PR? you made me sincerely laugh ^^ , nevertheless, it would really be awesome to have the concept of Oauth Apps onto gitea,making it it a real social platform

@jolheiser jolheiser mentioned this issue Nov 20, 2020
Closed
4 tasks
@Coding-Kiwi
Copy link

Coding-Kiwi commented Jan 4, 2021
edited
Loading

If I understand correctly, if I currently authorize an app it can use that oauth access_token to make a request to /users/{username}/tokens to generate an unlimited, non-expiring access token which then renders the whole oauth expiry/refresh logic useless.

EDIT: nope, the /users/{username}/tokens requires basic auth. Scopes would be awesome nontheless

@techknowlogick techknowlogick mentioned this issue Mar 19, 2021
Closed
@a1012112796 a1012112796 mentioned this issue May 31, 2021
Open
@ncorder ncorder mentioned this issue Nov 4, 2021
Open
@qwerty287 qwerty287 mentioned this issue Mar 20, 2022
Closed
@Morriz
Copy link

Morriz commented Apr 26, 2022

bump...any updates? Or other pointers as to where the oidc jwt claims can be got via api? That way we can do our own management on users, teams and groups/role mappings.

@6543 6543 mentioned this issue May 10, 2022
Closed
@harryzcy harryzcy mentioned this issue Aug 22, 2022
Merged
4 tasks
@techknowlogick techknowlogick mentioned this issue Oct 8, 2022
Closed
@cayolblake
Copy link

  • bump

It's a sad show stopper for many use cases preventing the usage of Gitea altogether.

@lunny lunny mentioned this issue Mar 26, 2023
Merged
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
issue/confirmed Issue has been reviewed and confirmed to be present or accepted to be implemented type/feature Completely new functionality. Can only be merged if feature freeze is not active.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support scoped access tokens harryzcy/gitea
9 participants
@lunny @mcansky @Morriz @randomchance @aunger @Coding-Kiwi @mpfaff @Jean-Baptiste-Lasselle @cayolblake