1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-22 12:54:53 -05:00
forgejo/services/auth/source/oauth2
Gusted 7f8f9b878f
fix: Revert "allow synchronizing user status from OAuth2 login providers (#31572)"
This commit has a fundamental flaw, in order to syncronize if external
users are still active the commit checks if the refresh token is
accepted by the OAuth provider, if that is not the case it sees that as
the user is disabled and sets the is active field to `false` to signal
that. Because it might be possible (this commit makes this a highly
likelyhood) that the OAuth provider still recognizes this user the
commit introduces code to allow users to re-active themselves via the
oauth flow if they were disabled because of this. However this code
makes no distinction in why the user was disabled and always re-actives
the user.

Thus the reactivation via the OAuth flow allows users to bypass the
manually activation setting (`[service].REGISTER_MANUAL_CONFIRM`) or if
the admin for other reasons disabled the user.

This reverts commit 21fdd28f08.
2024-12-12 05:59:06 +01:00
..
assert_interface_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
init.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
jwtsigningkey.go bug: correctly generate oauth2 jwt signing key 2024-11-16 15:17:19 +01:00
jwtsigningkey_test.go bug: correctly generate oauth2 jwt signing key 2024-11-16 15:17:19 +01:00
providers.go Fix tautological conditions (#30735) 2024-05-05 08:59:40 +01:00
providers_base.go Migrate margin and padding helpers to tailwind (#30043) 2024-03-30 07:17:29 +01:00
providers_custom.go Modify OAuth login ui and fix display name, iconurl related logic (#25030) 2023-06-08 16:35:29 +00:00
providers_openid.go Migrate margin and padding helpers to tailwind (#30043) 2024-03-30 07:17:29 +01:00
providers_simple.go Modify OAuth login ui and fix display name, iconurl related logic (#25030) 2023-06-08 16:35:29 +00:00
source.go fix: Revert "allow synchronizing user status from OAuth2 login providers (#31572)" 2024-12-12 05:59:06 +01:00
source_authenticate.go Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
source_callout.go feat: implement PKCE when acting as oauth2 client (for user login) 2024-04-29 11:20:26 +02:00
source_name.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
source_register.go Handle OpenID discovery URL errors a little nicer when creating/editing sources (#23397) 2023-03-10 01:14:43 -05:00
store.go [CHORE] Move to new sessioner library 2024-08-25 03:47:08 +02:00
token.go Bump github.com/golang-jwt/jwt to v5 (#25975) 2023-07-19 09:57:10 +00:00
urlmapping.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00