-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Integrate OAuth2 Provider #5378
Conversation
Signed-off-by: Jonas Franz <[email protected]>
Signed-off-by: Jonas Franz <[email protected]>
Reorder imports Add missing lint comments Other minor changes Signed-off-by: Jonas Franz <[email protected]>
Add documentation for lifetime Signed-off-by: Jonas Franz <[email protected]>
…re/oauth2 Signed-off-by: Jonas Franz <[email protected]> # Conflicts: # Gopkg.lock
Signed-off-by: Jonas Franz <[email protected]>
Signed-off-by: Jonas Franz <[email protected]>
@filipnavara @lafriks I've reworked the access token system.
An additional access token middleware must be added to the api but is not implemented yet. |
Signed-off-by: Jonas Franz <[email protected]>
make LG-TM work |
Thanks @jonasfranz!!! |
🎉 |
Awesome! \o/ |
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
As from go-gitea/gitea#5378 gitea is an oauth2 provider.
// AuthorizeOAuth manages authorize requests | ||
func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) { | ||
errs := binding.Errors{} | ||
errs = form.Validate(ctx.Context, errs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looking at this code for rewriting to an other router lib, I think this is not working as expected (anymore ?).
Since we call Validate with a empty errs list.
// Validate validates the fields
func (f *AuthorizationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
return validate(errs, ctx.Data, f, ctx.Locale)
}
That will be return immediately without any check.
func validate(errs binding.Errors, data map[string]interface{}, f Form, l macaron.Locale) binding.Errors {
if errs.Len() == 0 {
return errs
}
...
But I am maybe mislead and I really don't know how the forms Validate functions should really work.
I'm currently integrating an OAuth2 Provider in Gitea. I'm using RFC 6749 as model. Currently only the Authorization Code Flow gets implemented due to security concerns for the other flows. I also plan to implement the PKCE Extension to support mobile and "serverless" clients.
Scopes is not a part of this PR and will be integrated until scopes are implemented in general.
I'm open for contributions and feedback. The current code is not final and is absolutely subject to change.
Resolves #27.
TODO:
Well known routeswill be implemented in another PR