github/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-09-13 17:06:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix incorrect /tokens api (#32085) (#32092)

Browse Source 
Backport #32085 by @KN4CK3R

Fixes #32078

- Add missing scopes output.
- Disallow empty scope.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
This commit is contained in:
Giteabot
2024-09-23 02:02:09 +08:00
committed by GitHub
parent 69ba37e9fd
commit 919b82461a
2 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
routers/api/v1/user/app.go
View File

@@ -118,6 +118,10 @@ func CreateAccessToken(ctx *context.APIContext) {
ctx.Error(http.StatusBadRequest, "AccessTokenScope.Normalize", fmt.Errorf("invalid access token scope provided: %w", err))
return
}
if scope == "" {
ctx.Error(http.StatusBadRequest, "AccessTokenScope", "access token must have a scope")
return
}
t.Scope = scope
if err := auth_model.NewAccessToken(ctx, t); err != nil {
@@ -129,6 +133,7 @@ func CreateAccessToken(ctx *context.APIContext) {
Token: t.Token,
ID: t.ID,
TokenLastEight: t.TokenLastEight,
Scopes: t.Scope.StringSlice(),
})
}