rdelaage
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into rename

This commit is contained in:
Giteabot 2024-05-03 01:06:11 +08:00 committed by GitHub
parent 4a213f892e 5c542ca94c
commit 01f2ba79f8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
routers/web/auth/oauth.go
View File

@ -470,8 +470,9 @@ func AuthorizeOAuth(ctx *context.Context) {
return
}
// Redirect if user already granted access
if grant != nil {
// Redirect if user already granted access and the application is confidential.
// I.e. always require authorization for public clients as recommended by RFC 6749 Section 10.2
if app.ConfidentialClient && grant != nil {
code, err := grant.GenerateNewAuthorizationCode(ctx, form.RedirectURI, form.CodeChallenge, form.CodeChallengeMethod)
if err != nil {
handleServerError(ctx, form.State, form.RedirectURI)