63ab92d797
This PR is an extended implementation of #25189 and builds upon the proposal by @hickford in #25653, utilizing some ideas proposed internally by @wxiaoguang. Mainly, this PR consists of a mechanism to pre-register OAuth2 applications on startup, which can be enabled or disabled by modifying the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2 applications registered this way are being marked as "locked" and neither be deleted nor edited over UI to prevent confusing/unexpected behavior. Instead, they're being removed if no longer enabled in config.  The implemented mechanism can also be used to pre-register other OAuth2 applications in the future, if wanted. Co-authored-by: hickford <mirth.hickford@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> --------- Co-authored-by: M Hickford <mirth.hickford@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
||
|---|---|---|
| .. | ||
| main_test.go | ||
| oauth2.go | ||
| oauth2_test.go | ||
| session.go | ||
| source.go | ||
| source_test.go | ||
| token.go | ||
| token_scope.go | ||
| token_scope_test.go | ||
| token_test.go | ||
| twofactor.go | ||
| webauthn.go | ||
| webauthn_test.go | ||