Add regenerate secret feature for oauth2 (#6291)

* Add regenerate secret functionality

* Fix lint
This commit is contained in:
Jonas Franz 2019-03-09 17:29:58 +01:00 committed by GitHub
parent 8211e01d9e
commit 8fffb06168
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 33 additions and 1 deletions

View file

@ -302,6 +302,7 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Group("/applications/oauth2", func() {
m.Get("/:id", userSetting.OAuth2ApplicationShow)
m.Post("/:id", bindIgnErr(auth.EditOAuth2ApplicationForm{}), userSetting.OAuthApplicationsEdit)
m.Post("/:id/regenerate_secret", userSetting.OAuthApplicationsRegenerateSecret)
m.Post("", bindIgnErr(auth.EditOAuth2ApplicationForm{}), userSetting.OAuthApplicationsPost)
m.Post("/delete", userSetting.DeleteOAuth2Application)
})

View file

@ -78,6 +78,34 @@ func OAuthApplicationsEdit(ctx *context.Context, form auth.EditOAuth2Application
ctx.HTML(200, tplSettingsOAuthApplications)
}
// OAuthApplicationsRegenerateSecret handles the post request for regenerating the secret
func OAuthApplicationsRegenerateSecret(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("settings")
ctx.Data["PageIsSettingsApplications"] = true
app, err := models.GetOAuth2ApplicationByID(ctx.ParamsInt64("id"))
if err != nil {
if models.IsErrOAuthApplicationNotFound(err) {
ctx.NotFound("Application not found", err)
return
}
ctx.ServerError("GetOAuth2ApplicationByID", err)
return
}
if app.UID != ctx.User.ID {
ctx.NotFound("Application not found", nil)
return
}
ctx.Data["App"] = app
ctx.Data["ClientSecret"], err = app.GenerateClientSecret()
if err != nil {
ctx.ServerError("GenerateClientSecret", err)
return
}
ctx.Flash.Success(ctx.Tr("settings.update_oauth2_application_success"))
ctx.HTML(200, tplSettingsOAuthApplications)
}
// OAuth2ApplicationShow displays the given application
func OAuth2ApplicationShow(ctx *context.Context) {
app, err := models.GetOAuth2ApplicationByID(ctx.ParamsInt64("id"))

View file

@ -30,7 +30,10 @@
<div class="item">
<!-- TODO add regenerate secret functionality */ -->
{{.i18n.Tr "settings.oauth2_regenerate_secret_hint"}}
<a onclick="alert('Not yet implemented.')">{{.i18n.Tr "settings.oauth2_regenerate_secret"}}</a>
<form class="ui form ignore-dirty" action="{{$.AppSubURL}}/user/settings/applications/oauth2/{{.App.ID}}/regenerate_secret" method="post">
{{.CsrfTokenHtml}}
<a href="#" onclick="event.target.parentNode.submit()">{{.i18n.Tr "settings.oauth2_regenerate_secret"}}</a>
</form>
</div>
</div>
<div class="ui attached bottom segment">