0
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-01 15:52:05 +01:00
gitea/models/fixtures
Johnny Oskarsson a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
..
access_token.yml
access.yml Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
action.yml rework heatmap permissions (#14080) 2020-12-22 03:53:37 +01:00
attachment.yml
collaboration.yml Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
comment.yml
commit_status.yml
deleted_branch.yml
deploy_key.yml
email_address.yml
follow.yml
gpg_key_import.yml
gpg_key.yml
hook_task.yml
issue_assignees.yml
issue_label.yml Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
issue_user.yml
issue_watch.yml
issue.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
label.yml Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
login_source.yml
milestone.yml [API] ListIssues add filter for milestones (#10148) 2020-04-30 01:15:39 -03:00
notice.yml
notification.yml
oauth2_application.yml
oauth2_authorization_code.yml
oauth2_grant.yml Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
org_user.yml
project_board.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_issue.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
protected_branch.yml
public_key.yml
pull_request.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
reaction.yml
release.yml Delete tag API (#13358) 2020-10-30 20:56:34 -05:00
repo_indexer_status.yml
repo_redirect.yml
repo_topic.yml
repo_unit.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
repository.yml [RFC] Make archival asynchronous (#11296) 2020-11-07 22:27:28 +02:00
review.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
star.yml
stopwatch.yml
team_repo.yml
team_unit.yml
team_user.yml
team.yml
topic.yml
tracked_time.yml
two_factor.yml
u2f_registration.yml
user_open_id.yml
user.yml [RFC] Make archival asynchronous (#11296) 2020-11-07 22:27:28 +02:00
watch.yml
webhook.yml