mirror of
1
Fork 0

Revert "Prevent automatic OAuth grants for public clients (#30790) (#30836)"

This reverts commit 248a5b8d7a.

This commit introduces a regression descrdibed at

https://github.com/go-gitea/gitea/pull/30790#issuecomment-2118812426

There is a commit to try and fix it, but it is similarly
untested. Let's not accumulate regressions and wait until it is either
field tested by humans in Gitea or a test is written.

https://github.com/go-gitea/gitea/pull/31015/files
This commit is contained in:
Earl Warren 2024-05-22 16:37:00 +02:00
parent 07ad7dd8f6
commit 6771312133
No known key found for this signature in database
GPG Key ID: 0579CB2928A78A00
1 changed files with 2 additions and 3 deletions

View File

@ -469,9 +469,8 @@ func AuthorizeOAuth(ctx *context.Context) {
return return
} }
// Redirect if user already granted access and the application is confidential. // Redirect if user already granted access
// I.e. always require authorization for public clients as recommended by RFC 6749 Section 10.2 if grant != nil {
if app.ConfidentialClient && grant != nil {
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod) code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
if err != nil { if err != nil {
handleServerError(ctx, form.State, form.RedirectURI) handleServerError(ctx, form.State, form.RedirectURI)