gitea/models
Johnny Oskarsson a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
..
fixtures Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
migrations Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
access_test.go Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
access.go Upgrade xorm to v1.0.0 (#10646) 2020-03-22 11:12:55 -04:00
action_list.go refactor: reduce sql query in retrieveFeeds (#3547) 2018-02-21 18:55:34 +08:00
action_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
action.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
admin_test.go Fix tests code to prevent some runtime errors (#2381) 2017-08-28 12:17:45 +03:00
admin.go Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
attachment_test.go Reading pull attachments should depend on read UnitTypePullRequests (#10346) 2020-02-18 21:36:19 -03:00
attachment.go [Refactor] Move APIFormat functions into convert package (#12856) 2020-10-17 00:23:08 -04:00
avatar_test.go Direct avatar rendering (#13649) 2020-12-03 19:46:11 +01:00
avatar.go Fix frontpage avatars (#13853) 2020-12-09 01:12:15 +01:00
branches_test.go Add deleted_branch table fixture (#2832) 2017-11-04 15:31:59 +02:00
branches.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
commit_status_test.go Fix wrong hint when status checking is running on pull request view (#9886) 2020-01-22 11:46:04 +08:00
commit_status.go Show dropdown with all statuses for commit (#13977) 2020-12-20 11:13:12 +08:00
consistency.go Add migration to set IsArchived false if it is null (#11853) 2020-06-11 16:18:11 -04:00
context.go Upgrade xorm to v1.0.2 (#11900) 2020-06-15 16:46:01 -04:00
convert.go Whilst changing the character set to utf8mb4 we should set ROW_FORMAT=dynamic too (#12804) 2020-09-11 09:25:06 +01:00
error_oauth2.go gofmt (#1662) 2017-05-04 13:54:56 +08:00
error.go Add Allow-/Block-List for Migrate & Mirrors (#13610) 2020-11-28 19:37:58 -05:00
external_login_user.go Migrate reviews when migrating repository from github (#9463) 2020-01-23 19:28:15 +02:00
fixture_generation.go Move fixture generation to contrib and add test (#10277) 2020-02-15 10:59:43 +02:00
fixture_test.go Move fixture generation to contrib and add test (#10277) 2020-02-15 10:59:43 +02:00
gpg_key_test.go Allow addition of gpg keyring with multiple keys (#12487) 2020-08-21 13:45:50 +03:00
gpg_key.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
helper_directory.go Re-attempt to delete temporary upload if the file is locked by another process (#12447) 2020-08-11 21:05:34 +01:00
helper_environment.go Set setting.AppURL as GITEA_ROOT_URL environment variable during pushes (#12752) 2020-09-06 23:53:42 -04:00
helper.go Add reactions to issues/PR and comments (#2856) 2017-12-04 01:14:26 +02:00
issue_assignees_test.go Fix API Bug (fail on empty assignees) (#8873) 2019-11-10 16:07:21 +08:00
issue_assignees.go Remove Unused Functions (#10516) 2020-03-02 00:05:44 +02:00
issue_comment_list.go Fixed repo link in generated comment for cross repository dependency (#9863) 2020-01-21 10:18:52 +00:00
issue_comment_test.go Pull request review/approval and comment on code (#3748) 2018-08-06 06:43:21 +02:00
issue_comment.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
issue_dependency_test.go Refactor comment (#9330) 2019-12-15 16:57:34 -05:00
issue_dependency.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
issue_label_test.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
issue_label.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
issue_list_test.go Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
issue_list.go [BugFix] ReviewCount: GetApprovalCounts func sorted wrong (#11086) 2020-04-16 13:44:34 +03:00
issue_lock.go remove unused method and rename createcommentWithNoAction (#9367) 2019-12-16 11:54:24 +08:00
issue_milestone_test.go Add name filter to API for GetMilestoneList (#12336) 2020-07-28 12:30:40 +01:00
issue_milestone.go Add Created & Updated to Milestone (#12662) 2020-09-05 13:38:54 -04:00
issue_reaction_test.go Migrate reactions when migrating repository from github (#9599) 2020-01-15 12:14:07 +01:00
issue_reaction.go Include OriginalAuthor in Reaction constraint (#13505) 2020-11-10 22:37:11 +00:00
issue_stopwatch_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
issue_stopwatch.go Refactor: move Commit To APIFormat Code & Lot of StopWatch related things (#12729) 2020-09-18 20:09:26 +08:00
issue_test.go Add mentionable teams to tributeValues and change team mention rules to gh's style (#13198) 2020-12-21 16:39:28 +01:00
issue_tracked_time_test.go [API] Extend times API (#9200) 2019-12-27 20:30:58 +00:00
issue_tracked_time.go Fix tracked time issues (#11349) 2020-05-09 11:18:44 -03:00
issue_user_test.go Add "Update Branch" button to Pull Requests (#9784) 2020-01-17 08:03:40 +02:00
issue_user.go Mail assignee when issue/pull request is assigned (#8546) 2019-10-25 22:46:37 +08:00
issue_watch_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
issue_watch.go Add issue subscription check to API (#10967) 2020-04-21 14:48:53 +01:00
issue_xref_test.go Refactor comment (#9330) 2019-12-15 16:57:34 -05:00
issue_xref.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
issue.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
lfs_lock.go Move LFSLock APIFormat into convert package (#13808) 2020-12-03 16:05:48 +02:00
lfs.go LFS support to be stored on minio (#12518) 2020-09-08 23:45:10 +08:00
list_options.go Add cron running API (#12421) 2020-08-24 11:48:15 -04:00
log.go Refactor Logger (#13294) 2020-10-31 01:36:46 -04:00
login_source.go Custom icons for OAuth sources (#14161) 2020-12-28 03:35:55 +01:00
main_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
migrate.go [BugFix] remove nil inserts in models (#11096) 2020-04-17 20:42:57 +03:00
models_test.go gitea dump: include version & Check InstallLock (#12760) 2020-09-07 23:27:17 +01:00
models.go Add postgres schema to the search_path on database connection (#12634) 2020-09-11 10:30:19 +01:00
notification_test.go add request review from specific reviewers feature in pull request (#10756) 2020-04-06 19:33:34 +03:00
notification.go move notification APIFormat (#13783) 2020-12-02 09:24:35 +00:00
oauth2_application_test.go Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
oauth2_application.go Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
oauth2.go Custom icons for OAuth sources (#14161) 2020-12-28 03:35:55 +01:00
org_team_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
org_team.go Automatically remove Watches, Assignments, etc if user loses access due to being removed as collaborator or from a team (#10997) 2020-04-07 22:52:01 +01:00
org_test.go Ensure DeleteUser is not allowed to Delete Orgs and visa versa (#10134) 2020-02-04 16:27:18 +02:00
org.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
project_board.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_issue.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_test.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
pull_list.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
pull_sign.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
pull_test.go Display pull request head branch even the branch deleted or repository deleted (#10413) 2020-03-02 22:31:55 +00:00
pull.go [Enhancement] Allow admin to merge pr with protected file changes (#12078) 2020-10-13 14:50:57 -04:00
release.go Add the tag list page to the release page (#12096) 2020-11-02 18:10:22 -05:00
repo_activity.go Add top author stats to activity page (#9615) 2020-01-20 12:07:30 +02:00
repo_avatar.go Avatars and Repo avatars support storing in minio (#12516) 2020-10-14 21:07:51 +08:00
repo_branch.go Move newbranch to standalone package (#9627) 2020-01-14 11:38:04 +08:00
repo_collaboration_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
repo_collaboration.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
repo_generate_test.go Variable expansion in repository templates (#9163) 2019-11-30 01:54:47 -05:00
repo_generate.go Fix broken migration on webhook (#13911) 2020-12-09 17:20:13 +00:00
repo_indexer.go Index code and stats only for non-empty repositories (#10251) 2020-02-14 13:42:30 +01:00
repo_issue.go Add EnableTimetracking option to app settings (#3719) 2018-04-09 23:15:32 +08:00
repo_language_stats.go Increase size of the language column in language_stat (#12396) 2020-08-04 14:54:29 +01:00
repo_list_test.go [RFC] Make archival asynchronous (#11296) 2020-11-07 22:27:28 +02:00
repo_list.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
repo_mirror.go Move some repository methods from models to modules/repository (#9353) 2019-12-14 18:30:01 +01:00
repo_permission_test.go fix bug when update owner team then visit team's repo return 404 (#6119) 2019-02-22 11:14:45 -05:00
repo_permission.go ui: show 'owner' tag for real owner (#13689) 2020-11-28 17:52:29 +02:00
repo_redirect_test.go Move repoWorkPool outside rename/transfer repository (#9086) 2019-12-06 12:00:50 +08:00
repo_redirect.go Move repoWorkPool outside rename/transfer repository (#9086) 2019-12-06 12:00:50 +08:00
repo_sign.go Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
repo_test.go Add team support for review request (#12039) 2020-10-12 20:55:13 +01:00
repo_unit.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
repo_watch_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
repo_watch.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
repo.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
review_test.go Add team support for review request (#12039) 2020-10-12 20:55:13 +01:00
review.go Add review request api (#11355) 2020-10-20 14:18:25 -04:00
ssh_key_test.go Disable DSA ssh keys by default (#13056) 2020-10-09 09:52:57 +03:00
ssh_key.go Disable SSH key deletion of externally managed Keys (#13985) 2020-12-25 23:24:47 -05:00
star_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
star.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
task.go Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
test_fixtures.go upgrade to use testfixtures v3 (#11904) 2020-06-17 22:07:58 +03:00
token_test.go [API] Delete Token accept names too (#12366) 2020-08-28 11:09:33 +03:00
token.go [API] Delete Token accept names too (#12366) 2020-08-28 11:09:33 +03:00
topic_test.go API add/generalize pagination (#9452) 2020-01-24 14:00:29 -05:00
topic.go Change topic name size from 25 to 50 (#14150) 2020-12-26 23:28:47 +00:00
twofactor.go Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
u2f_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
u2f.go Display ui time with customize time location (#7792) 2019-08-15 22:46:21 +08:00
unit_tests.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
unit.go Kanban board (#8346) 2020-08-16 23:07:38 -04:00
update.go Remove Unused Functions (#10516) 2020-03-02 00:05:44 +02:00
upload.go Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) 2020-11-27 21:42:08 -05:00
user_avatar.go Direct avatar rendering (#13649) 2020-12-03 19:46:11 +01:00
user_follow_test.go Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
user_follow.go Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124) 2020-10-12 20:01:57 -04:00
user_heatmap_test.go rework heatmap permissions (#14080) 2020-12-22 03:53:37 +01:00
user_heatmap.go Team dashboards (#14159) 2020-12-27 21:58:03 +02:00
user_mail_test.go Admin page for managing user e-mail activation (#10557) 2020-03-02 15:25:36 -03:00
user_mail.go skip email validation on empty string (#13627) 2020-11-20 23:45:55 +02:00
user_openid_test.go Add golangci (#6418) 2019-06-12 15:41:28 -04:00
user_openid.go Use ID or Where to instead directly use Get when load object from database (#11925) 2020-06-17 20:50:11 +03:00
user_test.go Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) 2020-12-18 17:44:18 +00:00
user.go migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
userlist_test.go Team permission to create repository in organization (#8312) 2019-11-20 19:27:49 +08:00
userlist.go [Refactor] Move APIFormat functions into convert package (#12856) 2020-10-17 00:23:08 -04:00
webhook_test.go Move webhook type from int to string (#13664) 2020-12-08 11:41:14 +01:00
webhook.go Fix bug for webhook and feishu caused by API changed (#13937) 2020-12-11 17:04:04 +01:00
wiki_test.go Move wiki related funtions from models to services/wiki (#9355) 2020-01-07 18:27:36 +00:00
wiki.go Handle and propagate errors when checking if paths are Dirs, Files or Exist (#13186) 2020-11-27 21:42:08 -05:00