mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-15 05:58:16 +00:00
63ab92d797
This PR is an extended implementation of #25189 and builds upon the proposal by @hickford in #25653, utilizing some ideas proposed internally by @wxiaoguang. Mainly, this PR consists of a mechanism to pre-register OAuth2 applications on startup, which can be enabled or disabled by modifying the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2 applications registered this way are being marked as "locked" and neither be deleted nor edited over UI to prevent confusing/unexpected behavior. Instead, they're being removed if no longer enabled in config. ![grafik](https://github.com/go-gitea/gitea/assets/47871822/81a78b1c-4b68-40a7-9e99-c272ebb8f62e) The implemented mechanism can also be used to pre-register other OAuth2 applications in the future, if wanted. Co-authored-by: hickford <mirth.hickford@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> --------- Co-authored-by: M Hickford <mirth.hickford@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
88 lines
2.6 KiB
Go
88 lines
2.6 KiB
Go
// Copyright 2022 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package admin
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"code.gitea.io/gitea/models/auth"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
user_setting "code.gitea.io/gitea/routers/web/user/setting"
|
|
)
|
|
|
|
var (
|
|
tplSettingsApplications base.TplName = "admin/applications/list"
|
|
tplSettingsOauth2ApplicationEdit base.TplName = "admin/applications/oauth2_edit"
|
|
)
|
|
|
|
func newOAuth2CommonHandlers() *user_setting.OAuth2CommonHandlers {
|
|
return &user_setting.OAuth2CommonHandlers{
|
|
OwnerID: 0,
|
|
BasePathList: fmt.Sprintf("%s/admin/applications", setting.AppSubURL),
|
|
BasePathEditPrefix: fmt.Sprintf("%s/admin/applications/oauth2", setting.AppSubURL),
|
|
TplAppEdit: tplSettingsOauth2ApplicationEdit,
|
|
}
|
|
}
|
|
|
|
// Applications render org applications page (for org, at the moment, there are only OAuth2 applications)
|
|
func Applications(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("settings.applications")
|
|
ctx.Data["PageIsAdminApplications"] = true
|
|
|
|
apps, err := auth.GetOAuth2ApplicationsByUserID(ctx, 0)
|
|
if err != nil {
|
|
ctx.ServerError("GetOAuth2ApplicationsByUserID", err)
|
|
return
|
|
}
|
|
ctx.Data["Applications"] = apps
|
|
ctx.Data["BuiltinApplications"] = auth.BuiltinApplications()
|
|
ctx.HTML(http.StatusOK, tplSettingsApplications)
|
|
}
|
|
|
|
// ApplicationsPost response for adding an oauth2 application
|
|
func ApplicationsPost(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("settings.applications")
|
|
ctx.Data["PageIsAdminApplications"] = true
|
|
|
|
oa := newOAuth2CommonHandlers()
|
|
oa.AddApp(ctx)
|
|
}
|
|
|
|
// EditApplication displays the given application
|
|
func EditApplication(ctx *context.Context) {
|
|
ctx.Data["PageIsAdminApplications"] = true
|
|
|
|
oa := newOAuth2CommonHandlers()
|
|
oa.EditShow(ctx)
|
|
}
|
|
|
|
// EditApplicationPost response for editing oauth2 application
|
|
func EditApplicationPost(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("settings.applications")
|
|
ctx.Data["PageIsAdminApplications"] = true
|
|
|
|
oa := newOAuth2CommonHandlers()
|
|
oa.EditSave(ctx)
|
|
}
|
|
|
|
// ApplicationsRegenerateSecret handles the post request for regenerating the secret
|
|
func ApplicationsRegenerateSecret(ctx *context.Context) {
|
|
ctx.Data["Title"] = ctx.Tr("settings")
|
|
ctx.Data["PageIsAdminApplications"] = true
|
|
|
|
oa := newOAuth2CommonHandlers()
|
|
oa.RegenerateSecret(ctx)
|
|
}
|
|
|
|
// DeleteApplication deletes the given oauth2 application
|
|
func DeleteApplication(ctx *context.Context) {
|
|
oa := newOAuth2CommonHandlers()
|
|
oa.DeleteApp(ctx)
|
|
}
|
|
|
|
// TODO: revokes the grant with the given id
|