Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-06-01 14:56:00 +02:00
Code Issues Activity
gitea/services
History
Lunny Xiao 4e5f43896e
fix(auth): ignore stale OIDC external login links to organizations (#37875) 
## Summary

This fixes an OIDC sign-in edge case where a stale `external_login_user`
record can still point to an organization or a deleted user.

In that situation, Gitea may keep resolving the external login to the
wrong account during sign-in. For affected instances, this matches the
behavior reported in #36439 and #37812, where a user signing in with
OIDC/Entra ID could appear as an organization, or hit a 404 after that
organization was removed.

## What changed

- validate the user resolved from `external_login_user` during
OAuth2/OIDC login
- ignore stale links when the linked user no longer exists
- ignore stale links when the linked user is not an individual user
- remove the stale external login row so the sign-in flow can relink the
external account to the correct user

## Related

- Fixes #37812
- Related to #36439

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Claude (Opus 4.8) <noreply@anthropic.com>
2026-05-30 20:37:09 +00:00
..
actions
feat(actions)!: improve support for reusable workflows (#37478)
2026-05-30 08:31:14 +02:00
agit
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
asymkey
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
attachment
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
auth
fix(auth): ignore stale OIDC external login links to organizations (#37875)
2026-05-30 20:37:09 +00:00
automerge
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
automergequeue
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
context
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
contexttest
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
convert
chore: Move gitea sdk from code.gitea.io/sdk/gitea -> gitea.dev/sdk (#37855)
2026-05-27 16:23:44 -07:00
cron
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
doctor
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
externalaccount
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
feed
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
forms
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
git
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
gitdiff
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
indexer
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
issue
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
2026-05-29 01:12:11 +00:00
lfs
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
mailer
chore(deps): update chroma, regexp2 v2, replace dimiro1/reply (#37858)
2026-05-27 23:39:57 +02:00
markup
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
migrations
enhance: Migrate remaining gopkg.in/yaml.v3 usages to go.yaml.in/yaml/v4 (#37866)
2026-05-29 01:12:11 +00:00
mirror
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
notify
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
oauth2_provider
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
org
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
packages
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
projects
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
pull
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
release
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
repository
feat(repo): split repository creation limit into user and org scopes (#37872)
2026-05-28 19:29:32 +02:00
secrets
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
task
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
uinotification
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
user
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
versioned_migration
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
webhook
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00
webtheme
fix(frontend): resolve Vite assets by manifest source path (#37836)
2026-05-28 06:14:52 +00:00
wiki
chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873)
2026-05-26 15:49:31 -07:00