tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-16 07:18:37 +00:00
Code Releases Activity

add skip secondary authorization option for public oauth2 clients (#31454)

Browse Source
This commit is contained in:
Denys Konovalov
2024-07-19 14:28:30 -04:00
committed by GitHub
parent e9aa39bda4
commit a8d0c879c3
15 changed files with 120 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
routers/web/auth/oauth.go
View File

@@ -469,9 +469,9 @@ func AuthorizeOAuth(ctx *context.Context) {
return
}
// Redirect if user already granted access and the application is confidential.
// I.e. always require authorization for public clients as recommended by RFC 6749 Section 10.2
if app.ConfidentialClient && grant != nil {
// Redirect if user already granted access and the application is confidential or trusted otherwise
// I.e. always require authorization for untrusted public clients as recommended by RFC 6749 Section 10.2
if (app.ConfidentialClient || app.SkipSecondaryAuthorization) && grant != nil {
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)