clarify why not error for onlyPublicGroups

- in the review it came out the part was not clear without the comment
2024-11-20 10:35:33 +01:00 · 2024-11-20 10:35:33 +01:00 · f26c7b73ab
parent 08dfb224ba
commit f26c7b73ab
2 changed files with 6 additions and 0 deletions
--- a/routers/web/auth/oauth2_provider.go
+++ b/routers/web/auth/oauth2_provider.go
@ -111,6 +111,9 @@ func InfoOAuth(ctx *context.Context) {
 			accessTokenScope, _ = auth_service.GetOAuthAccessTokenScopeAndUserID(ctx, auths[1])
 		}
 	}
+
+	// since version 1.22 does not verify if groups should be public-only,
+	// onlyPublicGroups will be set only if 'public-only' is included in a valid scope
 	onlyPublicGroups, _ := accessTokenScope.PublicOnly()
 	groups, err := oauth2_provider.GetOAuthGroupsForUser(ctx, ctx.Doer, onlyPublicGroups)
 	if err != nil {
--- a/services/oauth2_provider/access_token.go
+++ b/services/oauth2_provider/access_token.go
@ -188,6 +188,9 @@ func NewAccessTokenResponse(ctx context.Context, grant *auth.OAuth2Grant, server
 		}
 		if grant.ScopeContains("groups") {
 			accessTokenScope := GrantAdditionalScopes(grant.Scope)
+
+			// since version 1.22 does not verify if groups should be public-only,
+			// onlyPublicGroups will be set only if 'public-only' is included in a valid scope
 			onlyPublicGroups, _ := accessTokenScope.PublicOnly()

 			groups, err := GetOAuthGroupsForUser(ctx, user, onlyPublicGroups)