mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-27 08:42:14 +01:00
ca35dec18b
OAuth applications can already have multiple redirect URIs if created/edited over API. This change allows for setting multiple redirect URIs through the UI as a comma-separated list (e. g. `https://example.org/redirect,https://redirect.example.org`) <details> <summary>Screenshots</summary> ![Bildschirmfoto vom 2023-06-04 17-14-40](https://github.com/go-gitea/gitea/assets/47871822/2206dc32-e7e4-4953-9ecb-e098890b3f54) ![Bildschirmfoto vom 2023-06-04 17-14-50](https://github.com/go-gitea/gitea/assets/47871822/cd97c73c-9310-44ee-a83a-b927a1ef94da) </details> Closes #25068
153 lines
4.8 KiB
Go
153 lines
4.8 KiB
Go
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package setting
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"code.gitea.io/gitea/models/auth"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/util"
|
|
"code.gitea.io/gitea/modules/web"
|
|
"code.gitea.io/gitea/services/forms"
|
|
)
|
|
|
|
type OAuth2CommonHandlers struct {
|
|
OwnerID int64 // 0 for instance-wide, otherwise OrgID or UserID
|
|
BasePathList string // the base URL for the application list page, eg: "/user/setting/applications"
|
|
BasePathEditPrefix string // the base URL for the application edit page, will be appended with app id, eg: "/user/setting/applications/oauth2"
|
|
TplAppEdit base.TplName // the template for the application edit page
|
|
}
|
|
|
|
func (oa *OAuth2CommonHandlers) renderEditPage(ctx *context.Context) {
|
|
app := ctx.Data["App"].(*auth.OAuth2Application)
|
|
ctx.Data["FormActionPath"] = fmt.Sprintf("%s/%d", oa.BasePathEditPrefix, app.ID)
|
|
ctx.HTML(http.StatusOK, oa.TplAppEdit)
|
|
}
|
|
|
|
// AddApp adds an oauth2 application
|
|
func (oa *OAuth2CommonHandlers) AddApp(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.EditOAuth2ApplicationForm)
|
|
if ctx.HasError() {
|
|
ctx.Flash.Error(ctx.GetErrMsg())
|
|
// go to the application list page
|
|
ctx.Redirect(oa.BasePathList)
|
|
return
|
|
}
|
|
|
|
// TODO validate redirect URI
|
|
app, err := auth.CreateOAuth2Application(ctx, auth.CreateOAuth2ApplicationOptions{
|
|
Name: form.Name,
|
|
RedirectURIs: util.SplitTrimSpace(form.RedirectURIs, "\n"),
|
|
UserID: oa.OwnerID,
|
|
ConfidentialClient: form.ConfidentialClient,
|
|
})
|
|
if err != nil {
|
|
ctx.ServerError("CreateOAuth2Application", err)
|
|
return
|
|
}
|
|
|
|
// render the edit page with secret
|
|
ctx.Flash.Success(ctx.Tr("settings.create_oauth2_application_success"), true)
|
|
ctx.Data["App"] = app
|
|
ctx.Data["ClientSecret"], err = app.GenerateClientSecret()
|
|
if err != nil {
|
|
ctx.ServerError("GenerateClientSecret", err)
|
|
return
|
|
}
|
|
oa.renderEditPage(ctx)
|
|
}
|
|
|
|
// EditShow displays the given application
|
|
func (oa *OAuth2CommonHandlers) EditShow(ctx *context.Context) {
|
|
app, err := auth.GetOAuth2ApplicationByID(ctx, ctx.ParamsInt64("id"))
|
|
if err != nil {
|
|
if auth.IsErrOAuthApplicationNotFound(err) {
|
|
ctx.NotFound("Application not found", err)
|
|
return
|
|
}
|
|
ctx.ServerError("GetOAuth2ApplicationByID", err)
|
|
return
|
|
}
|
|
if app.UID != oa.OwnerID {
|
|
ctx.NotFound("Application not found", nil)
|
|
return
|
|
}
|
|
ctx.Data["App"] = app
|
|
oa.renderEditPage(ctx)
|
|
}
|
|
|
|
// EditSave saves the oauth2 application
|
|
func (oa *OAuth2CommonHandlers) EditSave(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.EditOAuth2ApplicationForm)
|
|
|
|
if ctx.HasError() {
|
|
oa.renderEditPage(ctx)
|
|
return
|
|
}
|
|
|
|
// TODO validate redirect URI
|
|
var err error
|
|
if ctx.Data["App"], err = auth.UpdateOAuth2Application(auth.UpdateOAuth2ApplicationOptions{
|
|
ID: ctx.ParamsInt64("id"),
|
|
Name: form.Name,
|
|
RedirectURIs: util.SplitTrimSpace(form.RedirectURIs, "\n"),
|
|
UserID: oa.OwnerID,
|
|
ConfidentialClient: form.ConfidentialClient,
|
|
}); err != nil {
|
|
ctx.ServerError("UpdateOAuth2Application", err)
|
|
return
|
|
}
|
|
ctx.Flash.Success(ctx.Tr("settings.update_oauth2_application_success"))
|
|
ctx.Redirect(oa.BasePathList)
|
|
}
|
|
|
|
// RegenerateSecret regenerates the secret
|
|
func (oa *OAuth2CommonHandlers) RegenerateSecret(ctx *context.Context) {
|
|
app, err := auth.GetOAuth2ApplicationByID(ctx, ctx.ParamsInt64("id"))
|
|
if err != nil {
|
|
if auth.IsErrOAuthApplicationNotFound(err) {
|
|
ctx.NotFound("Application not found", err)
|
|
return
|
|
}
|
|
ctx.ServerError("GetOAuth2ApplicationByID", err)
|
|
return
|
|
}
|
|
if app.UID != oa.OwnerID {
|
|
ctx.NotFound("Application not found", nil)
|
|
return
|
|
}
|
|
ctx.Data["App"] = app
|
|
ctx.Data["ClientSecret"], err = app.GenerateClientSecret()
|
|
if err != nil {
|
|
ctx.ServerError("GenerateClientSecret", err)
|
|
return
|
|
}
|
|
ctx.Flash.Success(ctx.Tr("settings.update_oauth2_application_success"), true)
|
|
oa.renderEditPage(ctx)
|
|
}
|
|
|
|
// DeleteApp deletes the given oauth2 application
|
|
func (oa *OAuth2CommonHandlers) DeleteApp(ctx *context.Context) {
|
|
if err := auth.DeleteOAuth2Application(ctx.ParamsInt64("id"), oa.OwnerID); err != nil {
|
|
ctx.ServerError("DeleteOAuth2Application", err)
|
|
return
|
|
}
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.remove_oauth2_application_success"))
|
|
ctx.JSON(http.StatusOK, map[string]interface{}{"redirect": oa.BasePathList})
|
|
}
|
|
|
|
// RevokeGrant revokes the grant
|
|
func (oa *OAuth2CommonHandlers) RevokeGrant(ctx *context.Context) {
|
|
if err := auth.RevokeOAuth2Grant(ctx, ctx.ParamsInt64("grantId"), oa.OwnerID); err != nil {
|
|
ctx.ServerError("RevokeOAuth2Grant", err)
|
|
return
|
|
}
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.revoke_oauth2_grant_success"))
|
|
ctx.JSON(http.StatusOK, map[string]interface{}{"redirect": oa.BasePathList})
|
|
}
|