0981ec30c3
* Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix #13939 Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix regression from #16544 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add scopes settings Signed-off-by: Andrew Thornton <art27@cantab.net> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <art27@cantab.net> * add required claim options Signed-off-by: Andrew Thornton <art27@cantab.net> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <art27@cantab.net> * add label back in Signed-off-by: Andrew Thornton <art27@cantab.net> * adjust localisation Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
30 lines
764 B
Go
30 lines
764 B
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package externalaccount
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"github.com/markbates/goth"
|
|
)
|
|
|
|
// Store represents a thing that stores things
|
|
type Store interface {
|
|
Get(interface{}) interface{}
|
|
Set(interface{}, interface{}) error
|
|
Release() error
|
|
}
|
|
|
|
// LinkAccountFromStore links the provided user with a stored external user
|
|
func LinkAccountFromStore(store Store, user *user_model.User) error {
|
|
gothUser := store.Get("linkAccountGothUser")
|
|
if gothUser == nil {
|
|
return fmt.Errorf("not in LinkAccount session")
|
|
}
|
|
|
|
return LinkAccountToUser(user, gothUser.(goth.User))
|
|
}
|