Mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use user.FullName in Oauth2 id_token response (#32542) 

This makes `/login/oauth/authorize` behave the same way as the
`/login/oauth/userinfo` endpoint.
This commit is contained in:
Baltazár Radics 2024-11-18 12:24:17 +01:00 committed by GitHub
parent 896314c7a2
commit 5eb0ee49a1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 3 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
routers/web/auth/oauth2_provider.go
View File

@ -98,7 +98,7 @@ func InfoOAuth(ctx *context.Context) {
response := &userInfoResponse{ response := &userInfoResponse{
Sub: fmt.Sprint(ctx.Doer.ID), Sub: fmt.Sprint(ctx.Doer.ID),
Name: ctx.Doer.FullName, Name: ctx.Doer.DisplayName(),
PreferredUsername: ctx.Doer.Name, PreferredUsername: ctx.Doer.Name,
Email: ctx.Doer.Email, Email: ctx.Doer.Email,
Picture: ctx.Doer.AvatarLink(ctx), Picture: ctx.Doer.AvatarLink(ctx),

21
routers/web/auth/oauth_test.go
View File

@ -10,7 +10,6 @@ import (
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/unittest" "code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/services/oauth2_provider" "code.gitea.io/gitea/services/oauth2_provider"
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
@ -66,25 +65,7 @@ func TestNewAccessTokenResponse_OIDCToken(t *testing.T) {
// Scopes: openid profile email // Scopes: openid profile email
oidcToken = createAndParseToken(t, grants[0]) oidcToken = createAndParseToken(t, grants[0])
assert.Equal(t, user.Name, oidcToken.Name) assert.Equal(t, user.DisplayName(), oidcToken.Name)
assert.Equal(t, user.Name, oidcToken.PreferredUsername)
assert.Equal(t, user.HTMLURL(), oidcToken.Profile)
assert.Equal(t, user.AvatarLink(db.DefaultContext), oidcToken.Picture)
assert.Equal(t, user.Website, oidcToken.Website)
assert.Equal(t, user.UpdatedUnix, oidcToken.UpdatedAt)
assert.Equal(t, user.Email, oidcToken.Email)
assert.Equal(t, user.IsActive, oidcToken.EmailVerified)
// set DefaultShowFullName to true
oldDefaultShowFullName := setting.UI.DefaultShowFullName
setting.UI.DefaultShowFullName = true
defer func() {
setting.UI.DefaultShowFullName = oldDefaultShowFullName
}()
// Scopes: openid profile email
oidcToken = createAndParseToken(t, grants[0])
assert.Equal(t, user.FullName, oidcToken.Name)
assert.Equal(t, user.Name, oidcToken.PreferredUsername) assert.Equal(t, user.Name, oidcToken.PreferredUsername)
assert.Equal(t, user.HTMLURL(), oidcToken.Profile) assert.Equal(t, user.HTMLURL(), oidcToken.Profile)
assert.Equal(t, user.AvatarLink(db.DefaultContext), oidcToken.Picture) assert.Equal(t, user.AvatarLink(db.DefaultContext), oidcToken.Picture)

2
services/oauth2_provider/access_token.go
View File

@ -148,7 +148,7 @@ func NewAccessTokenResponse(ctx context.Context, grant *auth.OAuth2Grant, server
Nonce: grant.Nonce, Nonce: grant.Nonce,
} }
if grant.ScopeContains("profile") { if grant.ScopeContains("profile") {
idToken.Name = user.GetDisplayName() idToken.Name = user.DisplayName()
idToken.PreferredUsername = user.Name idToken.PreferredUsername = user.Name
idToken.Profile = user.HTMLURL() idToken.Profile = user.HTMLURL()
idToken.Picture = user.AvatarLink(ctx) idToken.Picture = user.AvatarLink(ctx)