github-forks
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Projects Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
release/v1.23
main
release/v1.22
release/v1.21
release/v1.20
release/v1.19
release/v1.18
release/v1.17
release/v1.16
release/v1.15
release/v1.14
release/v1.13
release/v1.12
release/v1.11
release/v1.10
release/v1.9
release/v1.8
v1.23.1
v1.23.0
v1.23.0-rc0
v1.22.6
v1.22.5
v1.22.4
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.22.0-rc1
v1.21.11
v1.22.0-rc0
v1.21.10
v1.21.9
v1.21.8
v1.21.7
v1.21.6
v1.21.5
v1.21.4
v1.21.3
v1.21.2
v1.20.6
v1.21.1
v1.21.0
v1.21.0-rc2
v1.21.0-rc1
v1.20.5
v1.22.0-dev
v1.21.0-rc0
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.19.4
v1.21.0-dev
v1.20.0-rc2
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.19.0-rc1
v1.20.0-dev
v1.19.0-rc0
v1.18.5
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.4
v1.18.0-rc1
v1.19.0-dev
v1.18.0-rc0
v1.17.3
v1.17.2
v1.17.1
v1.17.0
v1.17.0-rc2
v1.16.9
v1.17.0-rc1
v1.18.0-dev
v1.16.8
v1.16.7
v1.16.6
v1.16.5
v1.16.4
v1.16.3
v1.16.2
v1.16.1
v1.16.0
v1.15.11
v1.17.0-dev
v1.16.0-rc1
v1.15.10
v1.15.9
v1.15.8
v1.15.7
v1.15.6
v1.15.5
v1.15.4
v1.15.3
v1.15.2
v1.15.1
v1.14.7
v1.15.0
v1.15.0-rc3
v1.14.6
v1.15.0-rc2
v1.14.5
v1.16.0-dev
v1.15.0-rc1
v1.14.4
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.7
v1.14.0-rc2
v1.13.6
v1.13.5
v1.14.0-rc1
v1.15.0-dev
v1.13.4
v1.13.3
v1.13.2
v1.13.1
v1.13.0
v1.12.6
v1.13.0-rc2
v1.14.0-dev
v1.13.0-rc1
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.11.8
v1.12.0
v1.11.7
v1.12.0-rc2
v1.11.6
v1.12.0-rc1
v1.13.0-dev
v1.11.5
v1.11.4
v1.11.3
v1.10.6
v1.12.0-dev
v1.11.2
v1.10.5
v1.11.1
v1.10.4
v1.11.0
v1.11.0-rc2
v1.10.3
v1.11.0-rc1
v1.10.2
v1.10.1
v1.10.0
v1.9.6
v1.9.5
v1.10.0-rc2
v1.11.0-dev
v1.10.0-rc1
v1.9.4
v1.9.3
v1.9.2
v1.9.0
v1.9.0-rc2
v1.10.0-dev
v1.9.0-rc1
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.8.0-rc3
v1.7.6
v1.8.0-rc2
v1.7.5
v1.8.0-rc1
v1.9.0-dev
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.7.0-rc3
v1.6.4
v1.7.0-rc2
v1.6.3
v1.7.0-rc1
v1.7.0-dev
v1.6.2
v1.6.1
v1.6.0
v1.6.0-rc2
v1.5.3
v1.6.0-rc1
v1.6.0-dev
v1.5.2
v1.5.1
v1.5.0
v1.5.0-rc2
v1.5.0-rc1
v1.5.0-dev
v1.4.3
v1.4.1
v1.4.0
v1.4.0-rc3
v1.4.0-rc2
v1.3.3
v1.4.0-rc1
v1.3.2
v1.3.1
v1.3.0
v1.3.0-rc2
v1.3.0-rc1
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.2.0-rc2
v1.1.4
v1.2.0-rc1
v1.1.3
v1.1.1
v1.1.0
v1.0.2
v0.9.99
v1.0.0
v1.0.1
v1.1.2
v1.2.0-rc3
v1.20.0-rc0
v1.20.0-rc1
v1.23.0-dev
v1.24.0-dev
v1.4.2
v1.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '191a74d622'
${ noResults }
gitea/modules
History
M Hickford 191a74d622
Record OAuth client type at registration (#21316) 
The OAuth spec [defines two types of
client](https://datatracker.ietf.org/doc/html/rfc6749#section-2.1),
confidential and public. Previously Gitea assumed all clients to be
confidential.

> OAuth defines two client types, based on their ability to authenticate
securely with the authorization server (i.e., ability to
>   maintain the confidentiality of their client credentials):
>
>   confidential
> Clients capable of maintaining the confidentiality of their
credentials (e.g., client implemented on a secure server with
> restricted access to the client credentials), or capable of secure
client authentication using other means.
>
>   **public
> Clients incapable of maintaining the confidentiality of their
credentials (e.g., clients executing on the device used by the resource
owner, such as an installed native application or a web browser-based
application), and incapable of secure client authentication via any
other means.**
>
> The client type designation is based on the authorization server's
definition of secure authentication and its acceptable exposure levels
of client credentials. The authorization server SHOULD NOT make
assumptions about the client type.

 https://datatracker.ietf.org/doc/html/rfc8252#section-8.4

> Authorization servers MUST record the client type in the client
registration details in order to identify and process requests
accordingly.

Require PKCE for public clients:
https://datatracker.ietf.org/doc/html/rfc8252#section-8.1

> Authorization servers SHOULD reject authorization requests from native
apps that don't use PKCE by returning an error message

Fixes #21299

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 		2 years ago
..
activitypub Refactor AssertExistsAndLoadBean to use generics (#20797) 2 years ago
analyze Simplify `IsVendor` (#19626) 3 years ago
auth Remove legacy `+build:` constraint (#19582) 3 years ago
avatar Go 1.19 format (#20758) 2 years ago
base Add generic set type (#21408) 2 years ago
cache Update go-chi/cache to utilize Ping() (#19719) 3 years ago
charset Move go-licenses to generate and separate generate into a frontend and backend component (#21061) 2 years ago
container Add generic set type (#21408) 2 years ago
context Redirect to new repository owner (#21398) 2 years ago
convert Record OAuth client type at registration (#21316) 2 years ago
csv Go 1.19 format (#20758) 2 years ago
doctor Refactor git command arguments and make all arguments to be safe to be used (#21535) 2 years ago
emoji Go 1.19 format (#20758) 2 years ago
eventsource Move some files into models' sub packages (#20262) 2 years ago
generate Use base32 for 2FA scratch token (#18384) 3 years ago
git Refactor git command arguments and make all arguments to be safe to be used (#21535) 2 years ago
gitgraph Refactor git command arguments and make all arguments to be safe to be used (#21535) 2 years ago
graceful Support Proxy protocol (#12527) 2 years ago
hcaptcha hCaptcha Support (#12594) 4 years ago
highlight Upgrade chroma to v2.3.0 (#21259) 2 years ago
hostmatcher Add proxy host into allow list (#20798) 2 years ago
httpcache Add Cache-Control header to html and api responses, add no-transform (#20432) 3 years ago
httplib refactor httplib (#18338) 3 years ago
indexer Refactor git command arguments and make all arguments to be safe to be used (#21535) 2 years ago
issue/template Add generic set type (#21408) 2 years ago
json Refactor legacy `unknwon/com` package, improve golangci lint (#19284) 3 years ago
lfs Removed some vestigial code related to Range bounds checks (#20312) 3 years ago
log test: use `T.TempDir` to create temporary test directory (#21043) 2 years ago
markup Add link to user profile in markdown mention only if user exists (#21533) 2 years ago
mcaptcha Add support mCaptcha as captcha provider (#20458) 3 years ago
metrics Move some files into models' sub packages (#20262) 2 years ago
migration Add more checks in migration code (#21011) 2 years ago
mirror Implement sync push mirror on commit (#19411) 3 years ago
nosql fix broken insecureskipverify handling in rediss connection uris (#20967) 2 years ago
notification Decouple HookTask from Repository (#17940) 2 years ago
options Fix and improve incorrect error messages (#21342) 2 years ago
packages Add support for Chocolatey/NuGet v2 API (#21393) 2 years ago
paginator Remove unnecessary misspell ignore pattern (#21475) 2 years ago
password Fixed assert statements. (#16089) 4 years ago
pprof Go 1.19 format (#20758) 2 years ago
private log real ip of requests from ssh (#21216) 2 years ago
process Add more linters to improve code readability (#19989) 3 years ago
proxy Return nil proxy function if proxy not enabled (#16742) 4 years ago
proxyprotocol Support Proxy protocol (#12527) 2 years ago
public Add generic set type (#21408) 2 years ago
queue Add generic set type (#21408) 2 years ago
recaptcha refactor: move from io/ioutil to io and os package (#17109) 3 years ago
references Remove unnecessary misspell ignore pattern (#21475) 2 years ago
regexplru Custom regexp external issues (#17624) 3 years ago
repository Refactor git command arguments and make all arguments to be safe to be used (#21535) 2 years ago
secret Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439) 3 years ago
session format with gofumpt (#18184) 3 years ago
setting Add system setting table with cache and also add cache supports for user setting (#18058) 2 years ago
sitemap Add sitemap support (#18407) 3 years ago
ssh Support Proxy protocol (#12527) 2 years ago
storage Save files in local storage as umask (#21198) 2 years ago
structs Record OAuth client type at registration (#21316) 2 years ago
svg Remove legacy `+build:` constraint (#19582) 3 years ago
sync Add generic set type (#21408) 2 years ago
system Add system setting table with cache and also add cache supports for user setting (#18058) 2 years ago
templates Fix generating compare link (#21519) 2 years ago
test Refactor AssertExistsAndLoadBean to use generics (#20797) 2 years ago
timeutil Share HTML template renderers and create a watcher framework (#20218) 2 years ago
translation Make every not exist error unwrappable to a fs.ErrNotExist (#20891) 2 years ago
typesniffer Rework raw file http header logic (#20484) 3 years ago
updatechecker Add system setting table with cache and also add cache supports for user setting (#18058) 2 years ago
upload Simplify parameter types (#18006) 3 years ago
uri Prevent NPE if gitea uploader fails to open url (#18080) 3 years ago
user Add gitea-vet (#10948) 5 years ago
util Make every not exist error unwrappable to a fs.ErrNotExist (#20891) 2 years ago
validation Add more checks in migration code (#21011) 2 years ago
watcher Share HTML template renderers and create a watcher framework (#20218) 2 years ago
web refactor webhook *NewPost (#20729) 3 years ago