Go to file
Johnny Oskarsson a07e67d9cc
Minimal OpenID Connect implementation (#14139)
This is "minimal" in the sense that only the Authorization Code Flow
from OpenID Connect Core is implemented.  No discovery, no configuration
endpoint, and no user scope management.

OpenID Connect is an extension to the (already implemented) OAuth 2.0
protocol, and essentially an `id_token` JWT is added to the access token
endpoint response when using the Authorization Code Flow.  I also added
support for the "nonce" field since it is required to be used in the
id_token if the client decides to include it in its initial request.

In order to enable this extension an OAuth 2.0 scope containing
"openid" is needed. Other OAuth 2.0 requests should not be impacted by
this change.

This minimal implementation is enough to enable single sign-on (SSO)
for other sites, e.g. by using something like `mod_auth_openidc` to
only allow access to a CI server if a user has logged into Gitea.

Fixes: #1310

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-01-02 00:33:27 +08:00
.github Add FAQ link to Issue template (#14020) 2020-12-16 20:18:36 +01:00
assets Clean up SVG (#13680) 2020-12-17 16:33:53 -05:00
build gitea png to logo (#13974) 2020-12-18 20:17:27 -05:00
cmd CLI support for OAuth sources custom icons (#14166) 2020-12-28 09:39:12 +01:00
contrib migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
custom/conf Improve vfsgen to not unzip bindata files but send to browser directly (#7109) 2020-12-24 12:25:17 +08:00
docker Set RUN_MODE prod by default (#13765) 2020-11-30 14:52:04 -05:00
docs Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
integrations migrate from com.* to alternatives (#14103) 2020-12-25 11:59:32 +02:00
models Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
modules Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
options [skip ci] Updated translations via Crowdin 2020-12-29 23:49:34 +00:00
public Update JS dependencies and webpack (#14118) 2020-12-27 15:24:27 +01:00
routers Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
services Check for 'main' as potential default branch name (#14193) 2020-12-30 15:46:26 +00:00
snap gitea png to logo (#13974) 2020-12-18 20:17:27 -05:00
templates Minimal OpenID Connect implementation (#14139) 2021-01-02 00:33:27 +08:00
tools Added 2 fuzzers (#13818) 2020-12-10 20:43:11 +01:00
vendor Fix bug of link query order on markdown render (#14156) 2020-12-29 00:28:27 +08:00
web_src fix branch selector on new issue page (#14194) 2020-12-31 13:32:11 -05:00
.air.conf Add 'watch-backend' (#12330) 2020-07-27 14:05:42 -04:00
.changelog.yml Add API Section to Changelog (#13125) 2020-10-13 01:39:17 -04:00
.drone.yml Use native git variants by default with go-git variants as build tag (#13673) 2020-12-17 22:00:47 +08:00
.editorconfig Fix .editorconfig (#13735) 2020-11-28 20:29:46 +02:00
.eslintrc Update JS dependencies and webpack (#14118) 2020-12-27 15:24:27 +01:00
.gitattributes Update JS dependencies and misc tweaks (#13741) 2020-11-29 16:39:36 -05:00
.gitignore Precompile fomantic-ui files (#13332) 2020-10-27 19:44:06 -04:00
.golangci.yml Move webhook type from int to string (#13664) 2020-12-08 11:41:14 +01:00
.ignore
.lgtm
.npmrc Update JS dependencies and misc tweaks (#13741) 2020-11-29 16:39:36 -05:00
.revive.toml
.stylelintrc Fix tooltips and issue dependency styles (#13458) 2020-11-10 20:28:07 +02:00
BSDmakefile
CHANGELOG.md frontport 1.13.1 changelog (#14175) 2020-12-28 19:38:44 -05:00
CONTRIBUTING.md Update owners for 2021 (#14206) 2021-01-01 01:41:03 +02:00
DCO
Dockerfile Revert "Dockerfile: Support socat use cases (#13208)" (#13369) 2020-10-31 15:19:41 +02:00
Dockerfile.rootless When building rootless docker image move chown&chmod to build stage (#13578) 2020-11-15 20:44:41 -05:00
LICENSE Fix typo 2016-11-08 08:42:05 +01:00
MAINTAINERS add @noerw to maintainers (#13997) 2020-12-15 14:19:26 -05:00
Makefile deprecate building for mips (#14174) 2021-01-01 23:22:32 +08:00
README.md fix: small typo error (#14170) 2020-12-28 12:08:01 -05:00
README_ZH.md
SECURITY.md Add security policy to repo (#12536) 2020-08-19 17:15:55 +01:00
build.go update revive lint to latest commit (#12921) 2020-09-22 20:02:16 +03:00
go.mod Fix bug of link query order on markdown render (#14156) 2020-12-29 00:28:27 +08:00
go.sum Fix bug of link query order on markdown render (#14156) 2020-12-29 00:28:27 +08:00
main.go Dump github/gitlab/gitea repository data to a local directory and restore to gitea (#12244) 2020-12-27 11:34:19 +08:00
package-lock.json Update JS dependencies and webpack (#14118) 2020-12-27 15:24:27 +01:00
package.json Update JS dependencies and webpack (#14118) 2020-12-27 15:24:27 +01:00
semantic.json Update JS dependencies (#12782) 2020-09-10 12:16:40 +08:00
webpack.config.js Update JS dependencies and webpack (#14118) 2020-12-27 15:24:27 +01:00

README.md

简体中文

logo Gitea - Git with a cup of tea

Build Status Join the Discord chat at https://discord.gg/Gitea codecov Go Report Card GoDoc GitHub release Help Contribute to Open Source Become a backer/sponsor of gitea License: MIT Crowdin TODOs

Purpose

The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across all platforms which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it with the online demo! This project has been forked from Gogs since 2016.11 but changed a lot.

Building

From the root of the source tree, run:

TAGS="bindata" make build

or if sqlite support is required:

TAGS="bindata sqlite sqlite_unlock_notify" make build

The build target is split into two sub-targets:

  • make backend which requires Go 1.13 or greater.
  • make frontend which requires Node.js 10.13 or greater.

If pre-built frontend files are present it is possible to only build the backend:

TAGS="bindata" make backend

Parallelism is not supported for these targets, so please don't include -j <num>.

More info: https://docs.gitea.io/en-us/install-from-source/

Using

./gitea web

NOTE: If you're interested in using our APIs, we have experimental support with documentation.

Contributing

Expected workflow is: Fork -> Patch -> Push -> Pull Request

NOTES:

  1. YOU MUST READ THE CONTRIBUTORS GUIDE BEFORE STARTING TO WORK ON A PULL REQUEST.
  2. If you have found a vulnerability in the project, please write privately to security@gitea.io. Thanks!

Further information

For more information and instructions about how to install Gitea, please look at our documentation. If you have questions that are not covered by the documentation, you can get in contact with us on our Discord server or create a post in the discourse forum.

We maintain a list of Gitea-related projects at gitea/awesome-gitea.
The hugo-based documentation theme is hosted at gitea/theme.
The official Gitea CLI is developed at gitea/tea.

Authors

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

FAQ

How do you pronounce Gitea?

Gitea is pronounced /ɡɪti:/ as in "gi-tea" with a hard g.

Why is this not hosted on a Gitea instance?

We're working on it.

License

This project is licensed under the MIT License. See the LICENSE file for the full license text.

Screenshots

Looking for an overview of the interface? Check it out!

Dashboard User Profile Global Issues
Branches Web Editor Activity
New Migration Migrating Pull Request View
Pull Request Dark Diff Review Dark Diff Dark