0
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-11-27 19:27:53 +01:00
gitea/routers/web
M Hickford 34f509eb7a
Parse OAuth Authorization header when request omits client secret (#21351)
This fixes error "unauthorized_client: invalid client secret" when
client includes secret in Authorization header rather than request body.
OAuth spec permits both.

Sanity validation that client id and client secret in request are
consistent with Authorization header.

Improve error descriptions. Error codes remain the same.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-10-07 10:53:49 +08:00
..
admin Redirect if user does not exist (#20981) 2022-08-29 15:44:39 +02:00
auth Parse OAuth Authorization header when request omits client secret (#21351) 2022-10-07 10:53:49 +08:00
dev
events
explore
feed Use absolute links in feeds (#21229) 2022-09-21 16:51:42 -04:00
healthcheck
misc
org
repo Tag list should include draft releases with existing tags (#21263) 2022-10-03 20:05:53 +08:00
user Add pages to view watched repos and subscribed issues/PRs (#17156) 2022-09-29 22:09:14 +03:00
auth_windows.go
auth.go
base.go
goget.go
home.go
metrics.go
nodeinfo.go
swagger_json.go
web.go Add pages to view watched repos and subscribed issues/PRs (#17156) 2022-09-29 22:09:14 +03:00
webfinger.go