0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-26 01:14:10 -05:00
forgejo/models/fixtures
Johnny Oskarsson a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
..
access.yml Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
access_token.yml Hash App token (#6724) 2019-05-04 11:45:34 -04:00
action.yml rework heatmap permissions (#14080) 2020-12-22 03:53:37 +01:00
attachment.yml Only serve attachments when linked to issue/release and if accessible by user (#9340) 2020-01-05 01:20:08 +02:00
collaboration.yml Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
comment.yml [API] Add "before" query to ListIssueComments and ListRepoIssue… (#9685) 2020-01-13 17:02:24 +01:00
commit_status.yml
deleted_branch.yml
deploy_key.yml
email_address.yml
follow.yml
gpg_key.yml
gpg_key_import.yml add .gpg url (match github behaviour) (#6610) 2019-04-14 12:43:56 -04:00
hook_task.yml API endpoint for testing webhook (#3550) 2018-04-29 14:21:33 +08:00
issue.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
issue_assignees.yml [UI] IssuePage multi repo select (#8741) 2019-12-01 22:50:36 -05:00
issue_label.yml Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
issue_user.yml Multiple assignees (#3705) 2018-05-09 19:29:04 +03:00
issue_watch.yml Refactor Issues Subscription (#8738) 2019-11-20 22:50:54 +08:00
label.yml Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
login_source.yml Add LDAP integration tests (#3897) 2018-05-11 15:55:32 +08:00
milestone.yml [API] ListIssues add filter for milestones (#10148) 2020-04-30 01:15:39 -03:00
notice.yml
notification.yml [API] Add notification endpoint (#9488) 2020-01-09 11:56:32 +00:00
oauth2_application.yml Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
oauth2_authorization_code.yml Integrate OAuth2 Provider (#5378) 2019-03-08 11:42:50 -05:00
oauth2_grant.yml Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
org_user.yml Restricted users (#6274) 2020-01-13 18:33:46 +01:00
project.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_board.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_issue.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
protected_branch.yml
public_key.yml test: command keys (#9357) 2019-12-15 08:11:31 +00:00
pull_request.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
reaction.yml [API] Add Reactions (#9220) 2019-12-07 17:04:19 -05:00
release.yml Delete tag API (#13358) 2020-10-30 20:56:34 -05:00
repo_indexer_status.yml
repo_redirect.yml
repo_topic.yml Add API endpoint for accessing repo topics (#7963) 2019-09-03 23:46:24 +08:00
repo_unit.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
repository.yml [RFC] Make archival asynchronous (#11296) 2020-11-07 22:27:28 +02:00
review.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
star.yml
stopwatch.yml [API] extend StopWatch (#9196) 2019-12-11 23:23:05 -05:00
team.yml Restricted users (#6274) 2020-01-13 18:33:46 +01:00
team_repo.yml Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
team_unit.yml Restrict permission check on repositories and fix some problems (#5314) 2018-11-28 19:26:14 +08:00
team_user.yml Restricted users (#6274) 2020-01-13 18:33:46 +01:00
topic.yml Add API endpoint for accessing repo topics (#7963) 2019-09-03 23:46:24 +08:00
tracked_time.yml [API] Extend times API (#9200) 2019-12-27 20:30:58 +00:00
two_factor.yml org/members: display 2FA members states + optimize sql requests (#7621) 2019-08-02 12:06:27 -04:00
u2f_registration.yml Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
user.yml [RFC] Make archival asynchronous (#11296) 2020-11-07 22:27:28 +02:00
user_open_id.yml
watch.yml Auto-subscribe user to repository when they commit/tag to it (#7657) 2019-11-10 09:22:19 +00:00
webhook.yml Implement webhook branch filter (#7791) 2019-09-09 08:48:21 +03:00