Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return access_denied error when an OAuth2 request is denied (#30974) #31029

Merged
merged 2 commits into from
May 20, 2024
Merged

Return access_denied error when an OAuth2 request is denied (#30974) #31029

merged 2 commits into from
May 20, 2024

Conversation

GiteaBot
Copy link
Contributor

Backport #30974 by @Zettat123

According to RFC 6749, when the resource owner or authorization server denied an request, an access_denied error should be returned. But currently in this case Gitea does not return any error.

For example, if the user clicks "Cancel" here, an access_denied error should be returned.

@Zettat123 @GiteaBot
Return access_denied error when an OAuth2 request is denied (go-git…
e7cbf2b 
…ea#30974)

According to [RFC
6749](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1),
when the resource owner or authorization server denied an request, an
`access_denied` error should be returned. But currently in this case
Gitea does not return any error.

For example, if the user clicks "Cancel" here, an `access_denied` error
should be returned.

<img width="360px"
src="https://github.com/go-gitea/gitea/assets/15528715/be31c09b-4c0a-4701-b7a4-f54b8fe3a6c5"
/>
@GiteaBot GiteaBot added modifies/go Pull requests that update Go code modifies/templates This PR modifies the template files type/bug labels May 20, 2024
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label May 20, 2024
@GiteaBot GiteaBot added this to the 1.22.0 milestone May 20, 2024
@GiteaBot GiteaBot requested review from lunny and wxiaoguang May 20, 2024 07:17
@pull-request-size pull-request-size bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label May 20, 2024
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels May 20, 2024
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels May 20, 2024
@KN4CK3R KN4CK3R added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label May 20, 2024
@wxiaoguang wxiaoguang merged commit 8a259e5 into go-gitea:release/v1.22 May 20, 2024
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label May 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lunny lunny lunny approved these changes

@delvh delvh delvh approved these changes

@wxiaoguang wxiaoguang Awaiting requested review from wxiaoguang

Assignees

@Zettat123 Zettat123

Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/go Pull requests that update Go code modifies/templates This PR modifies the template files size/S Denotes a PR that changes 10-29 lines, ignoring generated files. type/bug
Projects
None yet
Milestone
1.22.0
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@GiteaBot @lunny @delvh @KN4CK3R @wxiaoguang @Zettat123