tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00
Code Releases Activity

Show OAuth2 errors to end users (#25261)

Browse Source 
Partially fix #23936


![image](https://github.com/go-gitea/gitea/assets/2114189/8aa7f3ad-a5f0-42ce-a478-289a03bd08a3)


![image](https://github.com/go-gitea/gitea/assets/2114189/bb901e7d-485a-47a5-b68d-9ebe7013a6b2)


![image](https://github.com/go-gitea/gitea/assets/2114189/9a1ce0f3-f011-4baf-8e2f-cc6304bc9703)
This commit is contained in:
wxiaoguang
2023-06-15 09:12:50 +08:00
committed by GitHub
parent 39a15623f6
commit 73ae71824d
6 changed files with 48 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
routers/web/auth/oauth.go
View File

@@ -4,7 +4,7 @@
package auth
import (
stdContext "context"
go_context "context"
"encoding/base64"
"errors"
"fmt"
@@ -12,6 +12,7 @@ import (
"io"
"net/http"
"net/url"
"sort"
"strings"
"code.gitea.io/gitea/models/auth"
@@ -39,6 +40,7 @@ import (
"github.com/golang-jwt/jwt/v4"
"github.com/markbates/goth"
"github.com/markbates/goth/gothic"
go_oauth2 "golang.org/x/oauth2"
)
const (
@@ -143,7 +145,7 @@ type AccessTokenResponse struct {
IDToken string `json:"id_token,omitempty"`
}
func newAccessTokenResponse(ctx stdContext.Context, grant *auth.OAuth2Grant, serverKey, clientKey oauth2.JWTSigningKey) (*AccessTokenResponse, *AccessTokenError) {
func newAccessTokenResponse(ctx go_context.Context, grant *auth.OAuth2Grant, serverKey, clientKey oauth2.JWTSigningKey) (*AccessTokenResponse, *AccessTokenError) {
if setting.OAuth2.InvalidateRefreshTokens {
if err := grant.IncreaseCounter(ctx); err != nil {
return nil, &AccessTokenError{
@@ -886,6 +888,17 @@ func SignInOAuth(ctx *context.Context) {
func SignInOAuthCallback(ctx *context.Context) {
provider := ctx.Params(":provider")
if ctx.Req.FormValue("error") != "" {
var errorKeyValues []string
for k, vv := range ctx.Req.Form {
for _, v := range vv {
errorKeyValues = append(errorKeyValues, fmt.Sprintf("%s = %s", html.EscapeString(k), html.EscapeString(v)))
}
}
sort.Strings(errorKeyValues)
ctx.Flash.Error(strings.Join(errorKeyValues, "<br>"), true)
}
// first look if the provider is still active
authSource, err := auth.GetActiveOAuth2SourceByName(provider)
if err != nil {
@@ -894,7 +907,7 @@ func SignInOAuthCallback(ctx *context.Context) {
}
if authSource == nil {
ctx.ServerError("SignIn", errors.New("No valid provider found, check configured callback url in provider"))
ctx.ServerError("SignIn", errors.New("no valid provider found, check configured callback url in provider"))
return
}
@@ -920,6 +933,9 @@ func SignInOAuthCallback(ctx *context.Context) {
ctx.Redirect(setting.AppSubURL + "/user/login")
return
}
if err, ok := err.(*go_oauth2.RetrieveError); ok {
ctx.Flash.Error("OAuth2 RetrieveError: "+err.Error(), true)
}
ctx.ServerError("UserSignIn", err)
return
}