0981ec30c3
* Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix #13939 Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix regression from #16544 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add scopes settings Signed-off-by: Andrew Thornton <art27@cantab.net> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <art27@cantab.net> * add required claim options Signed-off-by: Andrew Thornton <art27@cantab.net> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <art27@cantab.net> * add label back in Signed-off-by: Andrew Thornton <art27@cantab.net> * adjust localisation Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
58 lines
1.7 KiB
Go
58 lines
1.7 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package oauth2
|
|
|
|
import (
|
|
"code.gitea.io/gitea/models/login"
|
|
"code.gitea.io/gitea/modules/json"
|
|
)
|
|
|
|
// ________ _____ __ .__ ________
|
|
// \_____ \ / _ \ __ ___/ |_| |__ \_____ \
|
|
// / | \ / /_\ \| | \ __\ | \ / ____/
|
|
// / | \/ | \ | /| | | Y \/ \
|
|
// \_______ /\____|__ /____/ |__| |___| /\_______ \
|
|
// \/ \/ \/ \/
|
|
|
|
// Source holds configuration for the OAuth2 login source.
|
|
type Source struct {
|
|
Provider string
|
|
ClientID string
|
|
ClientSecret string
|
|
OpenIDConnectAutoDiscoveryURL string
|
|
CustomURLMapping *CustomURLMapping
|
|
IconURL string
|
|
|
|
Scopes []string
|
|
RequiredClaimName string
|
|
RequiredClaimValue string
|
|
GroupClaimName string
|
|
AdminGroup string
|
|
RestrictedGroup string
|
|
SkipLocalTwoFA bool `json:",omitempty"`
|
|
|
|
// reference to the loginSource
|
|
loginSource *login.Source
|
|
}
|
|
|
|
// FromDB fills up an OAuth2Config from serialized format.
|
|
func (source *Source) FromDB(bs []byte) error {
|
|
return json.UnmarshalHandleDoubleEncode(bs, &source)
|
|
}
|
|
|
|
// ToDB exports an SMTPConfig to a serialized format.
|
|
func (source *Source) ToDB() ([]byte, error) {
|
|
return json.Marshal(source)
|
|
}
|
|
|
|
// SetLoginSource sets the related LoginSource
|
|
func (source *Source) SetLoginSource(loginSource *login.Source) {
|
|
source.loginSource = loginSource
|
|
}
|
|
|
|
func init() {
|
|
login.RegisterTypeConfig(login.OAuth2, &Source{})
|
|
}
|