forgejo/routers/web/auth
Zettat123 886a675f62
Return access_denied error when an OAuth2 request is denied (#30974)
According to [RFC
6749](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1),
when the resource owner or authorization server denied an request, an
`access_denied` error should be returned. But currently in this case
Gitea does not return any error.

For example, if the user clicks "Cancel" here, an `access_denied` error
should be returned.

<img width="360px"
src="https://github.com/go-gitea/gitea/assets/15528715/be31c09b-4c0a-4701-b7a4-f54b8fe3a6c5"
/>

(cherry picked from commit f1d9f18d96050d89a4085c961f572f07b1e653d1)
2024-05-26 18:37:20 +02:00
..
2fa.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
auth.go [PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167) 2024-04-15 13:03:08 +00:00
auth_test.go Make "/user/login" page redirect if the current user has signed in (#29583) 2024-03-11 23:36:58 +07:00
linkaccount.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
oauth.go Return access_denied error when an OAuth2 request is denied (#30974) 2024-05-26 18:37:20 +02:00
oauth_test.go feat: implement PKCE when acting as oauth2 client (for user login) 2024-04-29 11:20:26 +02:00
openid.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
password.go Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
webauthn.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00