mirror/gitea
1
1
Fork 1
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-17 10:15:22 +01:00
Code Issues
release/v1.25
gitea/models
History
Giteabot 413074b1e1
Fix OAuth2 authorization code expiry and reuse handling (#36797) (#36851) 
Backport #36797 by @lunny

- set OAuth2 authorization code `ValidUntil` on creation and add expiry
checks during exchange
- return a specific error when codes are invalidated twice to prevent
concurrent reuse
- add unit tests covering validity timestamps, expiration, and double
invalidation

---
Generate by a coding agent with Codex 5.2

Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-06 10:33:20 -08:00
..
actions Add a doctor command to fix inconsistent run status (#35840) (#35845) 2025-11-04 11:16:36 -08:00
activities Fix incorrect pull request counter (#35819) (#35841) 2025-11-04 01:49:47 +00:00
admin Don't block site admin's operation if SECRET_KEY is lost (#35721) (#35724) 2025-10-22 05:02:47 +00:00
asymkey Fix regression in writing authorized principals (#36213) (#36218) 2025-12-20 01:57:26 +00:00
auth Fix OAuth2 authorization code expiry and reuse handling (#36797) (#36851) 2026-03-06 10:33:20 -08:00
avatars Remove incorrect "db.DefaultContext" usages (#35366) 2025-08-28 03:52:43 +00:00
db Fix various typos in codebase (#35480) 2025-09-13 10:34:43 -04:00
dbfs Remove incorrect "db.DefaultContext" usages (#35366) 2025-08-28 03:52:43 +00:00
fixtures Fix get release draft permission check (#36659) (#36715) 2026-02-22 22:09:07 +00:00
git Fix push time bug (#36693) (#36713) 2026-02-22 22:27:40 +01:00
issues Fix track time issue id (#36664) (#36689) 2026-02-21 00:26:56 +00:00
migrations Fix incorrect pull request counter (#35819) (#35841) 2025-11-04 01:49:47 +00:00
organization Fix team member access check (#35899) (#35905) 2025-11-09 03:44:53 +00:00
packages fix(packages/container): data race when uploading container blobs concurrently (#36524) (#36526) 2026-02-04 09:32:26 -08:00
perm Fix team member access check (#35899) (#35905) 2025-11-09 03:44:53 +00:00
project Fix permission check on org project operations (#36318) (#36373) 2026-01-14 14:22:27 -08:00
pull Fix incorrect viewed files counter if file has changed (#36009) (#36047) 2025-11-28 11:33:37 +01:00
renderhelper Fix commit message rendering and some UI problems (#34680) 2025-06-10 23:20:32 +08:00
repo Fix missing repository id when migrating release attachments (#36389) (#36413) 2026-01-20 23:36:45 +02:00
secret Don't block site admin's operation if SECRET_KEY is lost (#35721) (#35724) 2025-10-22 05:02:47 +00:00
shared/types Refactor locale&string&template related code (#29165) 2024-02-14 21:48:45 +00:00
system Remove incorrect "db.DefaultContext" usages (#35366) 2025-08-28 03:52:43 +00:00
unit Run gopls modernize on codebase (#34751) 2025-06-18 01:48:09 +00:00
unittest Refactor db package (#35380) 2025-08-30 01:04:06 +08:00
user Fix a bug user could change another user's primary email (#36586) (#36607) 2026-02-14 14:06:59 +02:00
webhook Remove incorrect "db.DefaultContext" usages (#35366) 2025-08-28 03:52:43 +00:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
repo_test.go Remove incorrect "db.DefaultContext" usages (#35366) 2025-08-28 03:52:43 +00:00
repo.go Use db.WithTx/WithTx2 instead of TxContext when possible (#35130) 2025-07-22 10:02:01 -07:00