Lunny Xiao f3bdcc58af Fix OAuth2 authorization code expiry and reuse handling (#36797) ... - set OAuth2 authorization code `ValidUntil` on creation and add expiry checks during exchange - return a specific error when codes are invalidated twice to prevent concurrent reuse - add unit tests covering validity timestamps, expiration, and double invalidation --- Generate by a coding agent with Codex 5.2 --------- Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>		2026-03-06 05:00:44 +00:00
..
access_token_scope_test.go	Enable addtional linters (#34085)	2025-04-01 10:14:01 +00:00
access_token_scope.go	Run gopls modernize on codebase (#34751)	2025-06-18 01:48:09 +00:00
access_token_test.go	Remove incorrect "db.DefaultContext" usages (#35366)	2025-08-28 03:52:43 +00:00
access_token.go	Use db.Find instead of writing methods for every object (#28084)	2023-11-24 03:49:41 +00:00
auth_token.go	enforce explanation for necessary nolints and fix bugs (#34883)	2025-06-27 21:48:03 +08:00
main_test.go	make writing main test easier (#27270)	2023-09-28 01:38:53 +00:00
oauth2_list.go	Use db.Find instead of writing methods for every object (#28084)	2023-11-24 03:49:41 +00:00
oauth2_test.go	Fix OAuth2 authorization code expiry and reuse handling (#36797)	2026-03-06 05:00:44 +00:00
oauth2.go	Fix OAuth2 authorization code expiry and reuse handling (#36797)	2026-03-06 05:00:44 +00:00
session.go	Refactor db package (#35380)	2025-08-30 01:04:06 +08:00
source_test.go	Refactor db package (#35380)	2025-08-30 01:04:06 +08:00
source.go	Implements OIDC RP-Initiated Logout (#36724)	2026-03-01 06:28:26 +00:00
twofactor.go	Don't block site admin's operation if SECRET_KEY is lost (#35721)	2025-10-22 12:35:56 +08:00
webauthn_test.go	Remove incorrect "db.DefaultContext" usages (#35366)	2025-08-28 03:52:43 +00:00
webauthn.go	Fix: passkey login not working anymore (#32623)	2024-11-26 16:04:17 +00:00