mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-24 11:31:54 +01:00
0981ec30c3
* Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix #13939 Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix regression from #16544 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add scopes settings Signed-off-by: Andrew Thornton <art27@cantab.net> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <art27@cantab.net> * add required claim options Signed-off-by: Andrew Thornton <art27@cantab.net> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <art27@cantab.net> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <art27@cantab.net> * add label back in Signed-off-by: Andrew Thornton <art27@cantab.net> * adjust localisation Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
88 lines
3 KiB
Go
88 lines
3 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package forms
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"code.gitea.io/gitea/modules/context"
|
|
"code.gitea.io/gitea/modules/web/middleware"
|
|
|
|
"gitea.com/go-chi/binding"
|
|
)
|
|
|
|
// AuthenticationForm form for authentication
|
|
type AuthenticationForm struct {
|
|
ID int64
|
|
Type int `binding:"Range(2,7)"`
|
|
Name string `binding:"Required;MaxSize(30)"`
|
|
Host string
|
|
Port int
|
|
BindDN string
|
|
BindPassword string
|
|
UserBase string
|
|
UserDN string
|
|
AttributeUsername string
|
|
AttributeName string
|
|
AttributeSurname string
|
|
AttributeMail string
|
|
AttributeSSHPublicKey string
|
|
AttributeAvatar string
|
|
AttributesInBind bool
|
|
UsePagedSearch bool
|
|
SearchPageSize int
|
|
Filter string
|
|
AdminFilter string
|
|
GroupsEnabled bool
|
|
GroupDN string
|
|
GroupFilter string
|
|
GroupMemberUID string
|
|
UserUID string
|
|
RestrictedFilter string
|
|
AllowDeactivateAll bool
|
|
IsActive bool
|
|
IsSyncEnabled bool
|
|
SMTPAuth string
|
|
SMTPHost string
|
|
SMTPPort int
|
|
AllowedDomains string
|
|
SecurityProtocol int `binding:"Range(0,2)"`
|
|
TLS bool
|
|
SkipVerify bool
|
|
HeloHostname string
|
|
DisableHelo bool
|
|
ForceSMTPS bool
|
|
PAMServiceName string
|
|
PAMEmailDomain string
|
|
Oauth2Provider string
|
|
Oauth2Key string
|
|
Oauth2Secret string
|
|
OpenIDConnectAutoDiscoveryURL string
|
|
Oauth2UseCustomURL bool
|
|
Oauth2TokenURL string
|
|
Oauth2AuthURL string
|
|
Oauth2ProfileURL string
|
|
Oauth2EmailURL string
|
|
Oauth2IconURL string
|
|
Oauth2Tenant string
|
|
Oauth2Scopes string
|
|
Oauth2RequiredClaimName string
|
|
Oauth2RequiredClaimValue string
|
|
Oauth2GroupClaimName string
|
|
Oauth2AdminGroup string
|
|
Oauth2RestrictedGroup string
|
|
SkipLocalTwoFA bool
|
|
SSPIAutoCreateUsers bool
|
|
SSPIAutoActivateUsers bool
|
|
SSPIStripDomainNames bool
|
|
SSPISeparatorReplacement string `binding:"AlphaDashDot;MaxSize(5)"`
|
|
SSPIDefaultLanguage string
|
|
}
|
|
|
|
// Validate validates fields
|
|
func (f *AuthenticationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
|
|
ctx := context.GetContext(req)
|
|
return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
|
|
}
|