From ca35dec18b3d3d7dd5cde4c69a10ae830961faf7 Mon Sep 17 00:00:00 2001 From: Denys Konovalov Date: Mon, 5 Jun 2023 09:00:12 +0200 Subject: [PATCH] Add ability to set multiple redirect URIs in OAuth application UI (#25072) OAuth applications can already have multiple redirect URIs if created/edited over API. This change allows for setting multiple redirect URIs through the UI as a comma-separated list (e. g. `https://example.org/redirect,https://redirect.example.org`)
Screenshots ![Bildschirmfoto vom 2023-06-04 17-14-40](https://github.com/go-gitea/gitea/assets/47871822/2206dc32-e7e4-4953-9ecb-e098890b3f54) ![Bildschirmfoto vom 2023-06-04 17-14-50](https://github.com/go-gitea/gitea/assets/47871822/cd97c73c-9310-44ee-a83a-b927a1ef94da)
Closes #25068 --- models/auth/oauth2.go | 8 -------- modules/util/truncate.go | 19 ++++++++++++++++++- options/locale/locale_en-US.ini | 2 +- routers/web/user/setting/oauth2_common.go | 5 +++-- services/forms/user_form.go | 2 +- .../applications_oauth2_edit_form.tmpl | 4 ++-- .../settings/applications_oauth2_list.tmpl | 4 ++-- 7 files changed, 27 insertions(+), 17 deletions(-) diff --git a/models/auth/oauth2.go b/models/auth/oauth2.go index bda0668c45f..53a5c28b4a5 100644 --- a/models/auth/oauth2.go +++ b/models/auth/oauth2.go @@ -51,14 +51,6 @@ func (app *OAuth2Application) TableName() string { return "oauth2_application" } -// PrimaryRedirectURI returns the first redirect uri or an empty string if empty -func (app *OAuth2Application) PrimaryRedirectURI() string { - if len(app.RedirectURIs) == 0 { - return "" - } - return app.RedirectURIs[0] -} - // ContainsRedirectURI checks if redirectURI is allowed for app func (app *OAuth2Application) ContainsRedirectURI(redirectURI string) bool { if !app.ConfidentialClient { diff --git a/modules/util/truncate.go b/modules/util/truncate.go index f41d27d8b74..77b116eeff2 100644 --- a/modules/util/truncate.go +++ b/modules/util/truncate.go @@ -3,7 +3,10 @@ package util -import "unicode/utf8" +import ( + "strings" + "unicode/utf8" +) // in UTF8 "…" is 3 bytes so doesn't really gain us anything... const ( @@ -35,3 +38,17 @@ func SplitStringAtByteN(input string, n int) (left, right string) { return input[:end] + utf8Ellipsis, utf8Ellipsis + input[end:] } + +// SplitTrimSpace splits the string at given separator and trims leading and trailing space +func SplitTrimSpace(input, sep string) []string { + // replace CRLF with LF + input = strings.ReplaceAll(input, "\r\n", "\n") + + var stringList []string + for _, s := range strings.Split(input, sep) { + // trim leading and trailing space + stringList = append(stringList, strings.TrimSpace(s)) + } + + return stringList +} diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 0abf1b3e058..2245d9bae0e 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -826,7 +826,7 @@ create_oauth2_application_success = You've successfully created a new OAuth2 app update_oauth2_application_success = You've successfully updated the OAuth2 application. oauth2_application_name = Application Name oauth2_confidential_client = Confidential Client. Select for apps that keep the secret confidential, such as web apps. Do not select for native apps including desktop and mobile apps. -oauth2_redirect_uri = Redirect URI +oauth2_redirect_uris = Redirect URIs. Please use a new line for every URI. save_application = Save oauth2_client_id = Client ID oauth2_client_secret = Client Secret diff --git a/routers/web/user/setting/oauth2_common.go b/routers/web/user/setting/oauth2_common.go index 5489b602608..5de0f0e22f4 100644 --- a/routers/web/user/setting/oauth2_common.go +++ b/routers/web/user/setting/oauth2_common.go @@ -10,6 +10,7 @@ import ( "code.gitea.io/gitea/models/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/services/forms" ) @@ -40,7 +41,7 @@ func (oa *OAuth2CommonHandlers) AddApp(ctx *context.Context) { // TODO validate redirect URI app, err := auth.CreateOAuth2Application(ctx, auth.CreateOAuth2ApplicationOptions{ Name: form.Name, - RedirectURIs: []string{form.RedirectURI}, + RedirectURIs: util.SplitTrimSpace(form.RedirectURIs, "\n"), UserID: oa.OwnerID, ConfidentialClient: form.ConfidentialClient, }) @@ -93,7 +94,7 @@ func (oa *OAuth2CommonHandlers) EditSave(ctx *context.Context) { if ctx.Data["App"], err = auth.UpdateOAuth2Application(auth.UpdateOAuth2ApplicationOptions{ ID: ctx.ParamsInt64("id"), Name: form.Name, - RedirectURIs: []string{form.RedirectURI}, + RedirectURIs: util.SplitTrimSpace(form.RedirectURIs, "\n"), UserID: oa.OwnerID, ConfidentialClient: form.ConfidentialClient, }); err != nil { diff --git a/services/forms/user_form.go b/services/forms/user_form.go index 1e04f85319c..1315fb237b3 100644 --- a/services/forms/user_form.go +++ b/services/forms/user_form.go @@ -398,7 +398,7 @@ func (f *NewAccessTokenForm) GetScope() (auth_model.AccessTokenScope, error) { // EditOAuth2ApplicationForm form for editing oauth2 applications type EditOAuth2ApplicationForm struct { Name string `binding:"Required;MaxSize(255)" form:"application_name"` - RedirectURI string `binding:"Required" form:"redirect_uri"` + RedirectURIs string `binding:"Required" form:"redirect_uris"` ConfidentialClient bool `form:"confidential_client"` } diff --git a/templates/user/settings/applications_oauth2_edit_form.tmpl b/templates/user/settings/applications_oauth2_edit_form.tmpl index 45f12f22d05..e19efe3147b 100644 --- a/templates/user/settings/applications_oauth2_edit_form.tmpl +++ b/templates/user/settings/applications_oauth2_edit_form.tmpl @@ -39,8 +39,8 @@
- - + +
diff --git a/templates/user/settings/applications_oauth2_list.tmpl b/templates/user/settings/applications_oauth2_list.tmpl index 2e42ed27587..e18c7f56b83 100644 --- a/templates/user/settings/applications_oauth2_list.tmpl +++ b/templates/user/settings/applications_oauth2_list.tmpl @@ -34,8 +34,8 @@
- - + +