mirror/gitea
1
1
Fork 1
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-17 11:55:36 +01:00
Code Issues
release/v1.25
gitea/routers/web
History
Giteabot 413074b1e1
Fix OAuth2 authorization code expiry and reuse handling (#36797) (#36851) 
Backport #36797 by @lunny

- set OAuth2 authorization code `ValidUntil` on creation and add expiry
checks during exchange
- return a specific error when codes are invalidated twice to prevent
concurrent reuse
- add unit tests covering validity timestamps, expiration, and double
invalidation

---
Generate by a coding agent with Codex 5.2

Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2026-03-06 10:33:20 -08:00
..
admin Fix bug when updating user email (#36058) (#36066) 2025-12-02 02:57:21 +01:00
auth Fix OAuth2 authorization code expiry and reuse handling (#36797) (#36851) 2026-03-06 10:33:20 -08:00
devtest fix: auto-expand and auto-scroll for actions logs (#35583) (#35586) 2025-10-05 12:06:41 +08:00
events Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
explore Fix context usages (#35348) 2025-08-27 11:00:01 +00:00
feed Fix context usages (#35348) 2025-08-27 11:00:01 +00:00
healthcheck Always enable caches (#28527) 2023-12-19 09:29:05 +00:00
misc enforce explanation for necessary nolints and fix bugs (#34883) 2025-06-27 21:48:03 +08:00
org Fix permission check on org project operations (#36318) (#36373) 2026-01-14 14:22:27 -08:00
repo Fix track time issue id (#36664) (#36689) 2026-02-21 00:26:56 +00:00
shared when using rules to delete packages, remove unclean bugs (#34632) 2025-06-18 04:47:49 +00:00
user Fix a bug user could change another user's primary email (#36586) (#36607) 2026-02-14 14:06:59 +02:00
base.go Redirect to a presigned URL of HEAD for HEAD requests (#35088) 2025-07-16 11:22:45 +00:00
githttp.go Fix git client accessing renamed repo (#34034) 2025-03-28 07:28:58 +08:00
goget.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
home.go Do not mutate incoming options to SearchRepositoryByName (#34553) 2025-06-02 17:33:25 +00:00
metrics.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
nodeinfo.go Enable addtional linters (#34085) 2025-04-01 10:14:01 +00:00
passkey.go Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
swagger_json.go Improve OAuth2 provider (correct Issuer, respect ENABLED) (#34966) 2025-07-06 13:36:45 +08:00
web.go Make Golang correctly delete temp files during uploading (#36128) (#36129) 2025-12-11 20:10:59 +01:00
webfinger.go Fix context usages (#35348) 2025-08-27 11:00:01 +00:00