Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

#514 - Fix login with Gitea OAuth: external user ID not recorded #515

Merged
merged 1 commit into from
Jan 28, 2022
Merged

#514 - Fix login with Gitea OAuth: external user ID not recorded #515

merged 1 commit into from
Jan 28, 2022

Conversation

gytisrepecka
Copy link
Contributor

Fix issue #514 - fix details:

  • change inspect endpoint, add missing fields to receive scope, external user ID, username, display name and email;
  • change error message when OAuth account is already associated;
  • log external (Gitea) user ID in addition to internal (WriteFreely) user ID;
  • include additional auth fields into oauth_gitea.go based on oauth_generic.go.
  • I have signed the CLA

@gytisrepecka
Copy link
Contributor Author

Running successfully in production for a while now. Anyone could test it as well?

@thebaer thebaer added this to the 0.13.2 milestone Jan 27, 2022
@thebaer thebaer changed the base branch from develop to hotfix-0.13.2 January 27, 2022 16:20
@thebaer
Copy link
Member

thebaer commented Jan 27, 2022

Thanks for addressing this, @gytisrepecka!

This looks good from reading through, but I have just one concern: in what Gitea version did the inspect endpoint change? I'm thinking this might break current integrations, and we'll probably want to document this somewhere so people are aware.

@gytisrepecka
Copy link
Contributor Author

Thanks for addressing this, @gytisrepecka!

This looks good from reading through, but I have just one concern: in what Gitea version did the inspect endpoint change? I'm thinking this might break current integrations, and we'll probably want to document this somewhere so people are aware.

I believe I used wrong inspect endpoint from the beginning: in Gitea OAuth2 provider documentation OpenID Connect UserInfo is specified as /login/oauth/userinfo.

OAuth provider functionality is available in Gitea since v1.8.0 and it seems real endpoint did not change over time - it was simply not specified in documentation, therefore I took whatever I was able to find from API.

@thebaer
Copy link
Member

thebaer commented Jan 28, 2022

Ah, okay great -- that makes sense!

thebaer
thebaer approved these changes Jan 28, 2022
View reviewed changes
Copy link
Member

@thebaer thebaer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since it's been working in production for a while, and code looks good, this is good to go 👍

@thebaer thebaer merged commit e92c33a into writefreely:hotfix-0.13.2 Jan 28, 2022
@thebaer thebaer mentioned this pull request Jan 28, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thebaer thebaer thebaer approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
0.13.2
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@gytisrepecka @thebaer