Merge branch 'main' into patch-1

go-gitea · Jan 29, 2024 · a5e91c0 · a5e91c0
2 parents 75f12a5 + 2a50d78
commit a5e91c0
Show file tree

Hide file tree

Showing 8 changed files with 45 additions and 33 deletions.
diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
@@ -431,7 +431,7 @@ SECRET_KEY =
 ;SECRET_KEY_URI = file:/etc/gitea/secret_key
 ;;
 ;; Secret used to validate communication within Gitea binary.
-INTERNAL_TOKEN=
+INTERNAL_TOKEN =
 ;;
 ;; Alternative location to specify internal token, instead of this file; you cannot specify both this and INTERNAL_TOKEN, and must pick one
 ;INTERNAL_TOKEN_URI = file:/etc/gitea/internal_token
@@ -524,7 +524,7 @@ INTERNAL_TOKEN=
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;;
 ;; Enables OAuth2 provider
-ENABLE = true
+ENABLED = true
 ;;
 ;; Algorithm used to sign OAuth2 tokens. Valid values: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512, EdDSA
 ;JWT_SIGNING_ALGORITHM = RS256

diff --git a/docs/content/administration/config-cheat-sheet.en-us.md b/docs/content/administration/config-cheat-sheet.en-us.md
@@ -1107,7 +1107,7 @@ This section only does "set" config, a removed config key from this section won'
 
 ## OAuth2 (`oauth2`)
 
-- `ENABLE`: **true**: Enables OAuth2 provider.
+- `ENABLED`: **true**: Enables OAuth2 provider.
 - `ACCESS_TOKEN_EXPIRATION_TIME`: **3600**: Lifetime of an OAuth2 access token in seconds
 - `REFRESH_TOKEN_EXPIRATION_TIME`: **730**: Lifetime of an OAuth2 refresh token in hours
 - `INVALIDATE_REFRESH_TOKENS`: **false**: Check if refresh token has already been used

diff --git a/docs/content/administration/config-cheat-sheet.zh-cn.md b/docs/content/administration/config-cheat-sheet.zh-cn.md
@@ -1043,7 +1043,7 @@ Gitea 创建以下非唯一队列：
 
 ## OAuth2 (`oauth2`)
 
-- `ENABLE`: **true**：启用OAuth2提供者。
+- `ENABLED`: **true**：启用OAuth2提供者。
 - `ACCESS_TOKEN_EXPIRATION_TIME`：**3600**：OAuth2访问令牌的生命周期，以秒为单位。
 - `REFRESH_TOKEN_EXPIRATION_TIME`：**730**：OAuth2刷新令牌的生命周期，以小时为单位。
 - `INVALIDATE_REFRESH_TOKENS`：**false**：检查刷新令牌是否已被使用。

diff --git a/modules/repository/generate.go b/modules/repository/generate.go
@@ -224,8 +224,7 @@ func generateRepoCommit(ctx context.Context, repo, templateRepo, generateRepo *r
 		}
 	}
 
-	// FIXME: fix the hash
-	if err := git.InitRepository(ctx, tmpDir, false, git.Sha1ObjectFormat.Name()); err != nil {
+	if err := git.InitRepository(ctx, tmpDir, false, templateRepo.ObjectFormatName); err != nil {
 		return err
 	}
 
@@ -327,18 +326,19 @@ func (gro GenerateRepoOptions) IsValid() bool {
 // GenerateRepository generates a repository from a template
 func GenerateRepository(ctx context.Context, doer, owner *user_model.User, templateRepo *repo_model.Repository, opts GenerateRepoOptions) (_ *repo_model.Repository, err error) {
 	generateRepo := &repo_model.Repository{
-		OwnerID:       owner.ID,
-		Owner:         owner,
-		OwnerName:     owner.Name,
-		Name:          opts.Name,
-		LowerName:     strings.ToLower(opts.Name),
-		Description:   opts.Description,
-		DefaultBranch: opts.DefaultBranch,
-		IsPrivate:     opts.Private,
-		IsEmpty:       !opts.GitContent || templateRepo.IsEmpty,
-		IsFsckEnabled: templateRepo.IsFsckEnabled,
-		TemplateID:    templateRepo.ID,
-		TrustModel:    templateRepo.TrustModel,
+		OwnerID:          owner.ID,
+		Owner:            owner,
+		OwnerName:        owner.Name,
+		Name:             opts.Name,
+		LowerName:        strings.ToLower(opts.Name),
+		Description:      opts.Description,
+		DefaultBranch:    opts.DefaultBranch,
+		IsPrivate:        opts.Private,
+		IsEmpty:          !opts.GitContent || templateRepo.IsEmpty,
+		IsFsckEnabled:    templateRepo.IsFsckEnabled,
+		TemplateID:       templateRepo.ID,
+		TrustModel:       templateRepo.TrustModel,
+		ObjectFormatName: templateRepo.ObjectFormatName,
 	}
 
 	if err = CreateRepositoryByExample(ctx, doer, owner, generateRepo, false, false); err != nil {
@@ -358,8 +358,7 @@ func GenerateRepository(ctx context.Context, doer, owner *user_model.User, templ
 		}
 	}
 
-	// FIXME - fix the hash
-	if err = CheckInitRepository(ctx, owner.Name, generateRepo.Name, git.Sha1ObjectFormat.Name()); err != nil {
+	if err = CheckInitRepository(ctx, owner.Name, generateRepo.Name, generateRepo.ObjectFormatName); err != nil {
 		return generateRepo, err
 	}
 

diff --git a/modules/setting/oauth2.go b/modules/setting/oauth2.go
@@ -93,7 +93,7 @@ func parseScopes(sec ConfigSection, name string) []string {
 }
 
 var OAuth2 = struct {
-	Enable                     bool
+	Enabled                    bool
 	AccessTokenExpirationTime  int64
 	RefreshTokenExpirationTime int64
 	InvalidateRefreshTokens    bool
@@ -103,7 +103,7 @@ var OAuth2 = struct {
 	MaxTokenLength             int
 	DefaultApplications        []string
 }{
-	Enable:                     true,
+	Enabled:                    true,
 	AccessTokenExpirationTime:  3600,
 	RefreshTokenExpirationTime: 730,
 	InvalidateRefreshTokens:    false,
@@ -114,16 +114,23 @@ var OAuth2 = struct {
 }
 
 func loadOAuth2From(rootCfg ConfigProvider) {
-	if err := rootCfg.Section("oauth2").MapTo(&OAuth2); err != nil {
-		log.Fatal("Failed to OAuth2 settings: %v", err)
+	sec := rootCfg.Section("oauth2")
+	if err := sec.MapTo(&OAuth2); err != nil {
+		log.Fatal("Failed to map OAuth2 settings: %v", err)
 		return
 	}
 
-	if !OAuth2.Enable {
+	// Handle the rename of ENABLE to ENABLED
+	deprecatedSetting(rootCfg, "oauth2", "ENABLE", "oauth2", "ENABLED", "v1.23.0")
+	if sec.HasKey("ENABLE") && !sec.HasKey("ENABLED") {
+		OAuth2.Enabled = sec.Key("ENABLE").MustBool(OAuth2.Enabled)
+	}
+
+	if !OAuth2.Enabled {
 		return
 	}
 
-	OAuth2.JWTSecretBase64 = loadSecret(rootCfg.Section("oauth2"), "JWT_SECRET_URI", "JWT_SECRET")
+	OAuth2.JWTSecretBase64 = loadSecret(sec, "JWT_SECRET_URI", "JWT_SECRET")
 
 	if !filepath.IsAbs(OAuth2.JWTSigningPrivateKeyFile) {
 		OAuth2.JWTSigningPrivateKeyFile = filepath.Join(AppDataPath, OAuth2.JWTSigningPrivateKeyFile)

diff --git a/options/license/fmt-exception b/options/license/fmt-exception
@@ -0,0 +1,6 @@
+--- Optional exception to the license ---
+
+As an exception, if, as a result of your compiling your source code, portions
+of this Software are embedded into a machine-executable object form of such
+source code, you may redistribute such embedded portions in such object form
+without including the above copyright and permission notices.
diff --git a/routers/web/user/setting/applications.go b/routers/web/user/setting/applications.go
@@ -95,9 +95,9 @@ func loadApplicationsData(ctx *context.Context) {
 		return
 	}
 	ctx.Data["Tokens"] = tokens
-	ctx.Data["EnableOAuth2"] = setting.OAuth2.Enable
+	ctx.Data["EnableOAuth2"] = setting.OAuth2.Enabled
 	ctx.Data["IsAdmin"] = ctx.Doer.IsAdmin
-	if setting.OAuth2.Enable {
+	if setting.OAuth2.Enabled {
 		ctx.Data["Applications"], err = db.Find[auth_model.OAuth2Application](ctx, auth_model.FindOAuth2ApplicationsOptions{
 			OwnerID: ctx.Doer.ID,
 		})

diff --git a/routers/web/web.go b/routers/web/web.go
@@ -304,7 +304,7 @@ func registerRoutes(m *web.Route) {
 	validation.AddBindingRules()
 
 	linkAccountEnabled := func(ctx *context.Context) {
-		if !setting.Service.EnableOpenIDSignIn && !setting.Service.EnableOpenIDSignUp && !setting.OAuth2.Enable {
+		if !setting.Service.EnableOpenIDSignIn && !setting.Service.EnableOpenIDSignUp && !setting.OAuth2.Enabled {
 			ctx.Error(http.StatusForbidden)
 			return
 		}
@@ -768,7 +768,7 @@ func registerRoutes(m *web.Route) {
 				m.Post("/delete", admin.DeleteApplication)
 			})
 		}, func(ctx *context.Context) {
-			if !setting.OAuth2.Enable {
+			if !setting.OAuth2.Enabled {
 				ctx.Error(http.StatusForbidden)
 				return
 			}
@@ -779,7 +779,7 @@ func registerRoutes(m *web.Route) {
 			addSettingsRunnersRoutes()
 			addSettingsVariablesRoutes()
 		})
-	}, adminReq, ctxDataSet("EnableOAuth2", setting.OAuth2.Enable, "EnablePackages", setting.Packages.Enabled))
+	}, adminReq, ctxDataSet("EnableOAuth2", setting.OAuth2.Enabled, "EnablePackages", setting.Packages.Enabled))
 	// ***** END: Admin *****
 
 	m.Group("", func() {
@@ -891,7 +891,7 @@ func registerRoutes(m *web.Route) {
 						m.Post("/delete", org.DeleteOAuth2Application)
 					})
 				}, func(ctx *context.Context) {
-					if !setting.OAuth2.Enable {
+					if !setting.OAuth2.Enabled {
 						ctx.Error(http.StatusForbidden)
 						return
 					}
@@ -943,7 +943,7 @@ func registerRoutes(m *web.Route) {
 						m.Post("/rebuild", org.RebuildCargoIndex)
 					})
 				}, packagesEnabled)
-			}, ctxDataSet("EnableOAuth2", setting.OAuth2.Enable, "EnablePackages", setting.Packages.Enabled, "PageIsOrgSettings", true))
+			}, ctxDataSet("EnableOAuth2", setting.OAuth2.Enabled, "EnablePackages", setting.Packages.Enabled, "PageIsOrgSettings", true))
 		}, context.OrgAssignment(true, true))
 	}, reqSignIn)
 	// ***** END: Organization *****