mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-16 06:46:16 +01:00
efecbbaca1
Fixes #27072 It looks like there are some cases where `ContextUser` is not set here --------- Co-authored-by: techknowlogick <matti@mdranta.net>
163 lines
4.9 KiB
Go
163 lines
4.9 KiB
Go
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package setting
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
|
|
"code.gitea.io/gitea/models/auth"
|
|
"code.gitea.io/gitea/modules/base"
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/util"
|
|
"code.gitea.io/gitea/modules/web"
|
|
shared_user "code.gitea.io/gitea/routers/web/shared/user"
|
|
"code.gitea.io/gitea/services/forms"
|
|
)
|
|
|
|
type OAuth2CommonHandlers struct {
|
|
OwnerID int64 // 0 for instance-wide, otherwise OrgID or UserID
|
|
BasePathList string // the base URL for the application list page, eg: "/user/setting/applications"
|
|
BasePathEditPrefix string // the base URL for the application edit page, will be appended with app id, eg: "/user/setting/applications/oauth2"
|
|
TplAppEdit base.TplName // the template for the application edit page
|
|
}
|
|
|
|
func (oa *OAuth2CommonHandlers) renderEditPage(ctx *context.Context) {
|
|
app := ctx.Data["App"].(*auth.OAuth2Application)
|
|
ctx.Data["FormActionPath"] = fmt.Sprintf("%s/%d", oa.BasePathEditPrefix, app.ID)
|
|
|
|
if ctx.ContextUser != nil && ctx.ContextUser.IsOrganization() {
|
|
if err := shared_user.LoadHeaderCount(ctx); err != nil {
|
|
ctx.ServerError("LoadHeaderCount", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
ctx.HTML(http.StatusOK, oa.TplAppEdit)
|
|
}
|
|
|
|
// AddApp adds an oauth2 application
|
|
func (oa *OAuth2CommonHandlers) AddApp(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.EditOAuth2ApplicationForm)
|
|
if ctx.HasError() {
|
|
ctx.Flash.Error(ctx.GetErrMsg())
|
|
// go to the application list page
|
|
ctx.Redirect(oa.BasePathList)
|
|
return
|
|
}
|
|
|
|
// TODO validate redirect URI
|
|
app, err := auth.CreateOAuth2Application(ctx, auth.CreateOAuth2ApplicationOptions{
|
|
Name: form.Name,
|
|
RedirectURIs: util.SplitTrimSpace(form.RedirectURIs, "\n"),
|
|
UserID: oa.OwnerID,
|
|
ConfidentialClient: form.ConfidentialClient,
|
|
})
|
|
if err != nil {
|
|
ctx.ServerError("CreateOAuth2Application", err)
|
|
return
|
|
}
|
|
|
|
// render the edit page with secret
|
|
ctx.Flash.Success(ctx.Tr("settings.create_oauth2_application_success"), true)
|
|
ctx.Data["App"] = app
|
|
ctx.Data["ClientSecret"], err = app.GenerateClientSecret()
|
|
if err != nil {
|
|
ctx.ServerError("GenerateClientSecret", err)
|
|
return
|
|
}
|
|
|
|
oa.renderEditPage(ctx)
|
|
}
|
|
|
|
// EditShow displays the given application
|
|
func (oa *OAuth2CommonHandlers) EditShow(ctx *context.Context) {
|
|
app, err := auth.GetOAuth2ApplicationByID(ctx, ctx.ParamsInt64("id"))
|
|
if err != nil {
|
|
if auth.IsErrOAuthApplicationNotFound(err) {
|
|
ctx.NotFound("Application not found", err)
|
|
return
|
|
}
|
|
ctx.ServerError("GetOAuth2ApplicationByID", err)
|
|
return
|
|
}
|
|
if app.UID != oa.OwnerID {
|
|
ctx.NotFound("Application not found", nil)
|
|
return
|
|
}
|
|
ctx.Data["App"] = app
|
|
oa.renderEditPage(ctx)
|
|
}
|
|
|
|
// EditSave saves the oauth2 application
|
|
func (oa *OAuth2CommonHandlers) EditSave(ctx *context.Context) {
|
|
form := web.GetForm(ctx).(*forms.EditOAuth2ApplicationForm)
|
|
|
|
if ctx.HasError() {
|
|
oa.renderEditPage(ctx)
|
|
return
|
|
}
|
|
|
|
// TODO validate redirect URI
|
|
var err error
|
|
if ctx.Data["App"], err = auth.UpdateOAuth2Application(auth.UpdateOAuth2ApplicationOptions{
|
|
ID: ctx.ParamsInt64("id"),
|
|
Name: form.Name,
|
|
RedirectURIs: util.SplitTrimSpace(form.RedirectURIs, "\n"),
|
|
UserID: oa.OwnerID,
|
|
ConfidentialClient: form.ConfidentialClient,
|
|
}); err != nil {
|
|
ctx.ServerError("UpdateOAuth2Application", err)
|
|
return
|
|
}
|
|
ctx.Flash.Success(ctx.Tr("settings.update_oauth2_application_success"))
|
|
ctx.Redirect(oa.BasePathList)
|
|
}
|
|
|
|
// RegenerateSecret regenerates the secret
|
|
func (oa *OAuth2CommonHandlers) RegenerateSecret(ctx *context.Context) {
|
|
app, err := auth.GetOAuth2ApplicationByID(ctx, ctx.ParamsInt64("id"))
|
|
if err != nil {
|
|
if auth.IsErrOAuthApplicationNotFound(err) {
|
|
ctx.NotFound("Application not found", err)
|
|
return
|
|
}
|
|
ctx.ServerError("GetOAuth2ApplicationByID", err)
|
|
return
|
|
}
|
|
if app.UID != oa.OwnerID {
|
|
ctx.NotFound("Application not found", nil)
|
|
return
|
|
}
|
|
ctx.Data["App"] = app
|
|
ctx.Data["ClientSecret"], err = app.GenerateClientSecret()
|
|
if err != nil {
|
|
ctx.ServerError("GenerateClientSecret", err)
|
|
return
|
|
}
|
|
ctx.Flash.Success(ctx.Tr("settings.update_oauth2_application_success"), true)
|
|
oa.renderEditPage(ctx)
|
|
}
|
|
|
|
// DeleteApp deletes the given oauth2 application
|
|
func (oa *OAuth2CommonHandlers) DeleteApp(ctx *context.Context) {
|
|
if err := auth.DeleteOAuth2Application(ctx.ParamsInt64("id"), oa.OwnerID); err != nil {
|
|
ctx.ServerError("DeleteOAuth2Application", err)
|
|
return
|
|
}
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.remove_oauth2_application_success"))
|
|
ctx.JSONRedirect(oa.BasePathList)
|
|
}
|
|
|
|
// RevokeGrant revokes the grant
|
|
func (oa *OAuth2CommonHandlers) RevokeGrant(ctx *context.Context) {
|
|
if err := auth.RevokeOAuth2Grant(ctx, ctx.ParamsInt64("grantId"), oa.OwnerID); err != nil {
|
|
ctx.ServerError("RevokeOAuth2Grant", err)
|
|
return
|
|
}
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.revoke_oauth2_grant_success"))
|
|
ctx.JSONRedirect(oa.BasePathList)
|
|
}
|