Allow creation of OAuth2 applications for orgs (#18084)

Adds the settings pages to create OAuth2 apps also to the org settings and allows to create apps for orgs. Refactoring: the oauth2 related templates are shared for instance-wide/org/user, and the backend code uses `OAuth2CommonHandlers` to share code for instance-wide/org/user. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-07-22 18:28:37 +00:00 · 2022-10-09 14:07:41 +02:00
parent 97f3f1988b
commit a813c9d8f3
15 changed files with 439 additions and 235 deletions
--- a/routers/web/org/setting_oauth2.go
+++ b/routers/web/org/setting_oauth2.go
@@ -0,0 +1,93 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package org
+
+import (
+	"fmt"
+	"net/http"
+
+	"code.gitea.io/gitea/models/auth"
+	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/context"
+	"code.gitea.io/gitea/modules/setting"
+	user_setting "code.gitea.io/gitea/routers/web/user/setting"
+)
+
+const (
+	tplSettingsApplications         base.TplName = "org/settings/applications"
+	tplSettingsOAuthApplicationEdit base.TplName = "org/settings/applications_oauth2_edit"
+)
+
+func newOAuth2CommonHandlers(org *context.Organization) *user_setting.OAuth2CommonHandlers {
+	return &user_setting.OAuth2CommonHandlers{
+		OwnerID:            org.Organization.ID,
+		BasePathList:       fmt.Sprintf("%s/org/%s/settings/applications", setting.AppSubURL, org.Organization.Name),
+		BasePathEditPrefix: fmt.Sprintf("%s/org/%s/settings/applications/oauth2", setting.AppSubURL, org.Organization.Name),
+		TplAppEdit:         tplSettingsOAuthApplicationEdit,
+	}
+}
+
+// Applications render org applications page (for org, at the moment, there are only OAuth2 applications)
+func Applications(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("settings.applications")
+	ctx.Data["PageIsOrgSettings"] = true
+	ctx.Data["PageIsSettingsApplications"] = true
+
+	apps, err := auth.GetOAuth2ApplicationsByUserID(ctx, ctx.Org.Organization.ID)
+	if err != nil {
+		ctx.ServerError("GetOAuth2ApplicationsByUserID", err)
+		return
+	}
+	ctx.Data["Applications"] = apps
+
+	ctx.HTML(http.StatusOK, tplSettingsApplications)
+}
+
+// OAuthApplicationsPost response for adding an oauth2 application
+func OAuthApplicationsPost(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("settings.applications")
+	ctx.Data["PageIsOrgSettings"] = true
+	ctx.Data["PageIsSettingsApplications"] = true
+
+	oa := newOAuth2CommonHandlers(ctx.Org)
+	oa.AddApp(ctx)
+}
+
+// OAuth2ApplicationShow displays the given application
+func OAuth2ApplicationShow(ctx *context.Context) {
+	ctx.Data["PageIsOrgSettings"] = true
+	ctx.Data["PageIsSettingsApplications"] = true
+
+	oa := newOAuth2CommonHandlers(ctx.Org)
+	oa.EditShow(ctx)
+}
+
+// OAuth2ApplicationEdit response for editing oauth2 application
+func OAuth2ApplicationEdit(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("settings.applications")
+	ctx.Data["PageIsOrgSettings"] = true
+	ctx.Data["PageIsSettingsApplications"] = true
+
+	oa := newOAuth2CommonHandlers(ctx.Org)
+	oa.EditSave(ctx)
+}
+
+// OAuthApplicationsRegenerateSecret handles the post request for regenerating the secret
+func OAuthApplicationsRegenerateSecret(ctx *context.Context) {
+	ctx.Data["Title"] = ctx.Tr("settings")
+	ctx.Data["PageIsOrgSettings"] = true
+	ctx.Data["PageIsSettingsApplications"] = true
+
+	oa := newOAuth2CommonHandlers(ctx.Org)
+	oa.RegenerateSecret(ctx)
+}
+
+// DeleteOAuth2Application deletes the given oauth2 application
+func DeleteOAuth2Application(ctx *context.Context) {
+	oa := newOAuth2CommonHandlers(ctx.Org)
+	oa.DeleteApp(ctx)
+}
+
+// TODO: revokes the grant with the given id