gitea

mirror of https://github.com/go-gitea/gitea synced 2024-06-18 09:15:49 +00:00

History

Denys Konovalov 7d855efb1f Allow for PKCE flow without client secret + add docs (#25033 ) The PKCE flow according to [RFC 7636](https://datatracker.ietf.org/doc/html/rfc7636) allows for secure authorization without the requirement to provide a client secret for the OAuth app. It is implemented in Gitea since #5378 (v1.8.0), however without being able to omit client secret. Since #21316 Gitea supports setting client type at OAuth app registration. As public clients are already forced to use PKCE since #21316, in this PR the client secret check is being skipped if a public client is detected. As Gitea seems to implement PKCE authorization correctly according to the spec, this would allow for PKCE flow without providing a client secret. Also add some docs for it, please check language as I'm not a native English speaker. Closes #17107 Closes #25047		2023-06-03 05:59:28 +02:00
..
e2e	Rewrite logger system (#24726 )	2023-05-21 22:35:11 +00:00
fuzz	Move fuzz tests into tests/fuzz (#22376 )	2023-01-09 15:30:14 +08:00
gitea-lfs-meta	Test views of LFS files (#22196 )	2022-12-23 07:41:56 +08:00
gitea-repositories-meta	Remove git sample files and ignore them (#24271 )	2023-04-22 20:29:29 +08:00
integration	Allow for PKCE flow without client secret + add docs (#25033 )	2023-06-03 05:59:28 +02:00
mssql.ini.tmpl	Implement actions artifacts (#22738 )	2023-05-19 21:37:57 +08:00
mysql.ini.tmpl	Implement actions artifacts (#22738 )	2023-05-19 21:37:57 +08:00
mysql8.ini.tmpl	Implement actions artifacts (#22738 )	2023-05-19 21:37:57 +08:00
pgsql.ini.tmpl	Implement actions artifacts (#22738 )	2023-05-19 21:37:57 +08:00
sqlite.ini.tmpl	Implement actions artifacts (#22738 )	2023-05-19 21:37:57 +08:00
test_utils.go	Rewrite logger system (#24726 )	2023-05-21 22:35:11 +00:00