0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-25 08:54:17 -05:00
forgejo/models
Johnny Oskarsson a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
..
fixtures Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
migrations Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
access.go
access_test.go
action.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
action_list.go
action_test.go
admin.go Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
admin_test.go
attachment.go [Refactor] Move APIFormat functions into convert package (#12856) 2020-10-17 00:23:08 -04:00
attachment_test.go
avatar.go Fix frontpage avatars (#13853) 2020-12-09 01:12:15 +01:00
avatar_test.go Direct avatar rendering (#13649) 2020-12-03 19:46:11 +01:00
branches.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
branches_test.go
commit_status.go Show dropdown with all statuses for commit (#13977) 2020-12-20 11:13:12 +08:00
commit_status_test.go
consistency.go Add migration to set IsArchived false if it is null (#11853) 2020-06-11 16:18:11 -04:00
context.go Upgrade xorm to v1.0.2 (#11900) 2020-06-15 16:46:01 -04:00
convert.go Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804) 2020-09-11 09:25:06 +01:00
error.go Add Allow-/Block-List for Migrate & Mirrors (#13610) 2020-11-28 19:37:58 -05:00
error_oauth2.go
external_login_user.go
fixture_generation.go
fixture_test.go
gpg_key.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
gpg_key_test.go Allow addition of gpg keyring with multiple keys (#12487) 2020-08-21 13:45:50 +03:00
helper.go
helper_directory.go Re-attempt to delete temporary upload if the file is locked by another process (#12447) 2020-08-11 21:05:34 +01:00
helper_environment.go Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752) 2020-09-06 23:53:42 -04:00
issue.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
issue_assignees.go
issue_assignees_test.go
issue_comment.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
issue_comment_list.go
issue_comment_test.go
issue_dependency.go
issue_dependency_test.go
issue_label.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
issue_label_test.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
issue_list.go
issue_list_test.go
issue_lock.go
issue_milestone.go Add Created & Updated to Milestone (#12662) 2020-09-05 13:38:54 -04:00
issue_milestone_test.go Add name filter to API for GetMilestoneList (#12336) 2020-07-28 12:30:40 +01:00
issue_reaction.go Include OriginalAuthor in Reaction constraint (#13505) 2020-11-10 22:37:11 +00:00
issue_reaction_test.go
issue_stopwatch.go Refactor: move Commit To APIFormat Code & Lot of StopWatch related things (#12729) 2020-09-18 20:09:26 +08:00
issue_stopwatch_test.go
issue_test.go Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198) 2020-12-21 16:39:28 +01:00
issue_tracked_time.go
issue_tracked_time_test.go
issue_user.go
issue_user_test.go
issue_watch.go
issue_watch_test.go
issue_xref.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
issue_xref_test.go
lfs.go LFS support to be stored on minio (#12518) 2020-09-08 23:45:10 +08:00
lfs_lock.go Move LFSLock APIFormat into convert package (#13808) 2020-12-03 16:05:48 +02:00
list_options.go Add cron running API (#12421) 2020-08-24 11:48:15 -04:00
log.go Refactor Logger (#13294) 2020-10-31 01:36:46 -04:00
login_source.go Custom icons for OAuth sources (#14161) 2020-12-28 03:35:55 +01:00
main_test.go
migrate.go
models.go Add postgres schema to the search_path on database connection (#12634) 2020-09-11 10:30:19 +01:00
models_test.go gitea dump: include version & Check InstallLock (#12760) 2020-09-07 23:27:17 +01:00
notification.go move notification APIFormat (#13783) 2020-12-02 09:24:35 +00:00
notification_test.go
oauth2.go Custom icons for OAuth sources (#14161) 2020-12-28 03:35:55 +01:00
oauth2_application.go Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
oauth2_application_test.go Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
org.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
org_team.go
org_team_test.go
org_test.go
project.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_board.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_issue.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_test.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
pull.go [Enhancement] Allow admin to merge pr with protected file changes (#12078) 2020-10-13 14:50:57 -04:00
pull_list.go
pull_sign.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
pull_test.go
release.go Add the tag list page to the release page (#12096) 2020-11-02 18:10:22 -05:00
repo.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
repo_activity.go
repo_avatar.go Avatars and Repo avatars support storing in minio (#12516) 2020-10-14 21:07:51 +08:00
repo_branch.go
repo_collaboration.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
repo_collaboration_test.go
repo_generate.go Fix broken migration on webhook (#13911) 2020-12-09 17:20:13 +00:00
repo_generate_test.go
repo_indexer.go
repo_issue.go
repo_language_stats.go Increase size of the language column in language_stat (#12396) 2020-08-04 14:54:29 +01:00
repo_list.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
repo_list_test.go [RFC] Make archival asynchronous (#11296) 2020-11-07 22:27:28 +02:00
repo_mirror.go
repo_permission.go ui: show 'owner' tag for real owner (#13689) 2020-11-28 17:52:29 +02:00
repo_permission_test.go
repo_redirect.go
repo_redirect_test.go
repo_sign.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
repo_test.go Add team support for review request (#12039) 2020-10-12 20:55:13 +01:00
repo_unit.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
repo_watch.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
repo_watch_test.go
review.go Add review request api (#11355) 2020-10-20 14:18:25 -04:00
review_test.go Add team support for review request (#12039) 2020-10-12 20:55:13 +01:00
ssh_key.go Disable SSH key deletion of externally managed Keys (#13985) 2020-12-25 23:24:47 -05:00
ssh_key_test.go Disable DSA ssh keys by default (#13056) 2020-10-09 09:52:57 +03:00
star.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
star_test.go
task.go Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
test_fixtures.go upgrade to use testfixtures v3 (#11904) 2020-06-17 22:07:58 +03:00
token.go [API] Delete Token accept names too (#12366) 2020-08-28 11:09:33 +03:00
token_test.go [API] Delete Token accept names too (#12366) 2020-08-28 11:09:33 +03:00
topic.go Change topic name size from 25 to 50 (#14150) 2020-12-26 23:28:47 +00:00
topic_test.go
twofactor.go Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
u2f.go
u2f_test.go
unit.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
unit_tests.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
update.go
upload.go Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) 2020-11-27 21:42:08 -05:00
user.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
user_avatar.go Direct avatar rendering (#13649) 2020-12-03 19:46:11 +01:00
user_follow.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
user_follow_test.go
user_heatmap.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
user_heatmap_test.go rework heatmap permissions (#14080) 2020-12-22 03:53:37 +01:00
user_mail.go skip email validation on empty string (#13627) 2020-11-20 23:45:55 +02:00
user_mail_test.go
user_openid.go Use ID or Where to instead directly use Get when load object from database (#11925) 2020-06-17 20:50:11 +03:00
user_openid_test.go
user_test.go Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) 2020-12-18 17:44:18 +00:00
userlist.go [Refactor] Move APIFormat functions into convert package (#12856) 2020-10-17 00:23:08 -04:00
userlist_test.go
webhook.go Fix bug for webhook and feishu caused by API changed (#13937) 2020-12-11 17:04:04 +01:00
webhook_test.go Move webhook type from int to string (#13664) 2020-12-08 11:41:14 +01:00
wiki.go Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) 2020-11-27 21:42:08 -05:00
wiki_test.go