Revert "Prevent automatic OAuth grants for public clients (#30790) (#…

…30836)" This reverts commit 248a5b8. This commit introduces a regression descrdibed at go-gitea/gitea#30790 (comment) There is a commit to try and fix it, but it is similarly untested. Let's not accumulate regressions and wait until it is either field tested by humans in Gitea or a test is written. https://github.com/go-gitea/gitea/pull/31015/files
DennisRasey · May 22, 2024 · 6771312 · 6771312
1 parent 07ad7dd
commit 6771312
Showing 1 changed file with 2 additions and 3 deletions.
diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go
@@ -469,9 +469,8 @@ func AuthorizeOAuth(ctx *context.Context) {
 		return
 	}
 
-	// Redirect if user already granted access and the application is confidential.
-	// I.e. always require authorization for public clients as recommended by RFC 6749 Section 10.2
-	if app.ConfidentialClient && grant != nil {
+	// Redirect if user already granted access
+	if grant != nil {
 		code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
 		if err != nil {
 			handleServerError(ctx, form.State, form.RedirectURI)