Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add setting to OAuth handlers to skip local 2FA authentication #16594

Merged
merged 5 commits into from
Sep 10, 2021

Conversation

zeripath
Copy link
Contributor

@zeripath zeripath commented Aug 1, 2021

This PR adds a setting to OAuth and OpenID login sources to allow the source to
skip local 2FA authentication.

Fix #13939

Signed-off-by: Andrew Thornton [email protected]

@zeripath zeripath added the type/enhancement An improvement of existing functionality label Aug 1, 2021
@zeripath zeripath added this to the 1.16.0 milestone Aug 1, 2021
routers/web/user/auth.go Outdated Show resolved Hide resolved
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Aug 1, 2021
@codecov-commenter
Copy link

codecov-commenter commented Aug 1, 2021

Codecov Report

Merging #16594 (11e6c82) into main (6c125e9) will increase coverage by 0.00%.
The diff coverage is 0.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##             main   #16594   +/-   ##
=======================================
  Coverage   45.19%   45.19%           
=======================================
  Files         762      762           
  Lines       86173    86179    +6     
=======================================
+ Hits        38942    38949    +7     
+ Misses      40935    40931    -4     
- Partials     6296     6299    +3     
Impacted Files Coverage Δ
cmd/admin.go 0.00% <0.00%> (ø)
modules/storage/storage.go 48.57% <0.00%> (-0.71%) ⬇️
routers/web/admin/auths.go 48.20% <0.00%> (-0.18%) ⬇️
routers/web/user/auth.go 12.21% <0.00%> (-0.04%) ⬇️
services/auth/source/oauth2/source.go 25.00% <ø> (ø)
services/forms/auth_form.go 100.00% <ø> (ø)
modules/queue/queue_channel.go 95.00% <0.00%> (-1.67%) ⬇️
modules/git/log_name_status.go 60.74% <0.00%> (-1.24%) ⬇️
modules/queue/queue_bytefifo.go 59.88% <0.00%> (+0.59%) ⬆️
modules/queue/workerpool.go 48.85% <0.00%> (+0.76%) ⬆️
... and 3 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5a73153...11e6c82. Read the comment docs.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Aug 1, 2021
This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.

Fix go-gitea#13939

Signed-off-by: Andrew Thornton <[email protected]>
@zeripath zeripath changed the title Add setting to OAuth handlers to override local 2FA settings Add setting to OAuth handlers to skip local 2FA authentication Sep 4, 2021
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Sep 10, 2021
@6543
Copy link
Member

6543 commented Sep 10, 2021

🚀

@6543 6543 merged commit 9ca0e79 into go-gitea:main Sep 10, 2021
@zeripath zeripath deleted the fix-13939-make-2fa-optional branch September 11, 2021 08:08
zeripath added a commit that referenced this pull request Sep 17, 2021
This PR extends #16594 to allow LDAP to be able to be set to skip local 2FA too. The technique used here would be extensible to PAM and SMTP sources.

Signed-off-by: Andrew Thornton <[email protected]>
@go-gitea go-gitea locked and limited conversation to collaborators Oct 19, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/authentication type/enhancement An improvement of existing functionality
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Skip 2FA with OpenID Connect
5 participants