forgejo/services/auth
Giteabot d2efd2bf73
Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)
Backport #24362 by @jolheiser

> The scoped token PR just checked all API routes but in fact, some web
routes like `LFS`, git `HTTP`, container, and attachments supports basic
auth. This PR added scoped token check for them.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-26 20:57:51 -04:00
..
source Fix accidental overwriting of LDAP team memberships (#24050) (#24065) 2023-04-12 07:22:02 -04:00
auth.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
auth_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
basic.go Require repo scope for PATs for private repos and basic authentication (#24362) (#24364) 2023-04-26 20:57:51 -04:00
group.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
httpsign.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
interface.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
middleware.go Map OIDC groups to Orgs/Teams (#21441) 2023-02-08 14:44:42 +08:00
oauth2.go Implement actions (#21937) 2023-01-31 09:45:19 +08:00
reverseproxy.go Add context cache as a request level cache (#22294) 2023-02-15 21:37:34 +08:00
session.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
signin.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
source.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
sspi_windows.go refactor auth interface to return error when verify failure (#22119) 2022-12-28 13:53:28 +08:00
sync.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00