mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2026-03-25 17:23:02 -04:00
1c64bad453
- fix: show oauth2 retrieve error - `true` indicates it only should be shown when the page is rendered directly via `ctx.HTML` and not propagated if it redirects. As you can see this always redirects and means the error is not shown. - Has the funny behavior that you get redirected to `/user/login` without any indication what went wrong, no errors in the logs either. - fix: pre-process OAuth2 client ID and secret - Spaces should are not appropriate for these input, remove them. - Manually copying and pasting client ID and secret from Github OAuth2 applications seems prone to introduce whitespaces. - The error of having a incorrect client ID is more noticeable (404 page for the user). - The error of having a incorrect client secret is not noticeable (404 page for the goth library but no mention it's the wrong secret). Reported-by: marijnh Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/11715 Reviewed-by: Mathieu Fenniak <mfenniak@noreply.codeberg.org> Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz>
55 lines
1.5 KiB
Go
55 lines
1.5 KiB
Go
// Copyright 2025 The Forgejo Authors. All rights reserved.
|
|
// SPDX-License-Identifier: GPL-3.0-or-later.
|
|
|
|
package integration
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"testing"
|
|
|
|
"forgejo.org/models/auth"
|
|
"forgejo.org/tests"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestAdminAuthAllowUsernameChangeSetting(t *testing.T) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
session := loginUser(t, "user1")
|
|
|
|
source := addAuthSource(t, map[string]string{
|
|
"type": fmt.Sprintf("%d", auth.OAuth2),
|
|
"name": "some-name",
|
|
"is_active": "on",
|
|
"allow_username_change": "on",
|
|
"oauth2_provider": "gitlab",
|
|
})
|
|
|
|
response := session.MakeRequest(t, NewRequestf(t, "GET", "/admin/auths/%d", source.ID), http.StatusOK)
|
|
htmlDoc := NewHTMLParser(t, response.Body)
|
|
|
|
htmlDoc.AssertElement(t, "#allow_username_change[checked]", true)
|
|
}
|
|
|
|
func TestAdminAuthTrimSpace(t *testing.T) {
|
|
defer tests.PrepareTestEnv(t)()
|
|
|
|
session := loginUser(t, "user1")
|
|
|
|
source := addAuthSource(t, map[string]string{
|
|
"type": fmt.Sprintf("%d", auth.OAuth2),
|
|
"name": "some-name",
|
|
"is_active": "on",
|
|
"oauth2_provider": "gitlab",
|
|
"oauth2_key": " public_id ",
|
|
"oauth2_secret": " secret_key ",
|
|
})
|
|
|
|
response := session.MakeRequest(t, NewRequestf(t, "GET", "/admin/auths/%d", source.ID), http.StatusOK)
|
|
htmlDoc := NewHTMLParser(t, response.Body)
|
|
|
|
assert.Equal(t, "public_id", htmlDoc.GetInputValueByName("oauth2_key"))
|
|
assert.Equal(t, "secret_key", htmlDoc.GetInputValueByName("oauth2_secret"))
|
|
}
|