Skip to content

Add setting to OAuth handlers to skip local 2FA authentication #16594

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 10, 2021
Merged

Add setting to OAuth handlers to skip local 2FA authentication #16594

merged 5 commits into from
Sep 10, 2021

Conversation

zeripath
Copy link
Contributor

@zeripath zeripath commented Aug 1, 2021
edited
Loading

This PR adds a setting to OAuth and OpenID login sources to allow the source to
skip local 2FA authentication.

Fix #13939

Signed-off-by: Andrew Thornton art27@cantab.net

@zeripath zeripath added the type/enhancement An improvement of existing functionality label Aug 1, 2021
@zeripath zeripath added this to the 1.16.0 milestone Aug 1, 2021
lafriks
lafriks reviewed Aug 1, 2021
View reviewed changes
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Aug 1, 2021
@codecov-commenter
Copy link

codecov-commenter commented Aug 1, 2021
edited
Loading

Codecov Report

Merging #16594 (11e6c82) into main (6c125e9) will increase coverage by 0.00%.
The diff coverage is 0.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##             main   #16594   +/-   ##
=======================================
  Coverage   45.19%   45.19%           
=======================================
  Files         762      762           
  Lines       86173    86179    +6     
=======================================
+ Hits        38942    38949    +7     
+ Misses      40935    40931    -4     
- Partials     6296     6299    +3
Impacted Files Coverage Δ
cmd/admin.go 0.00% <0.00%> (ø)
modules/storage/storage.go 48.57% <0.00%> (-0.71%) ⬇️
routers/web/admin/auths.go 48.20% <0.00%> (-0.18%) ⬇️
routers/web/user/auth.go 12.21% <0.00%> (-0.04%) ⬇️
services/auth/source/oauth2/source.go 25.00% <ø> (ø)
services/forms/auth_form.go 100.00% <ø> (ø)
modules/queue/queue_channel.go 95.00% <0.00%> (-1.67%) ⬇️
modules/git/log_name_status.go 60.74% <0.00%> (-1.24%) ⬇️
modules/queue/queue_bytefifo.go 59.88% <0.00%> (+0.59%) ⬆️
modules/queue/workerpool.go 48.85% <0.00%> (+0.76%) ⬆️
... and 3 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5a73153...11e6c82. Read the comment docs.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Aug 1, 2021
@6543 6543 mentioned this pull request Aug 13, 2021
Open
@zeripath
Add setting to OAuth handlers to override local 2FA settings
ceaf11c 
This PR adds a setting to OAuth and OpenID login sources to allow the source to
override local 2FA requirements.

Fix go-gitea#13939

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath force-pushed the fix-13939-make-2fa-optional branch from 59a58de to ceaf11c Compare August 21, 2021 15:18
This was referenced Aug 21, 2021
Merged
Closed
@zeripath
Change to Skip Local 2fa instead of Override Local 2fa
cb6b4c2 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath changed the title Add setting to OAuth handlers to override local 2FA settings Add setting to OAuth handlers to skip local 2FA authentication Sep 4, 2021
@zeripath zeripath mentioned this pull request Sep 4, 2021
Merged
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Sep 10, 2021
@6543
Copy link
Member

6543 commented Sep 10, 2021

🚀

@6543 6543 merged commit 9ca0e79 into go-gitea:main Sep 10, 2021
@zeripath zeripath deleted the fix-13939-make-2fa-optional branch September 11, 2021 08:08
zeripath added a commit that referenced this pull request Sep 17, 2021
@zeripath
Make LDAP be able to skip local 2FA (#16954)
27b351a 
This PR extends #16594 to allow LDAP to be able to be set to skip local 2FA too. The technique used here would be extensible to PAM and SMTP sources.

Signed-off-by: Andrew Thornton <art27@cantab.net>
@go-gitea go-gitea locked and limited conversation to collaborators Oct 19, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lafriks lafriks lafriks approved these changes

@6543 6543 6543 approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/authentication type/enhancement An improvement of existing functionality
Projects
None yet
Milestone
1.16.0
Development

Successfully merging this pull request may close these issues.

Skip 2FA with OpenID Connect
5 participants
@zeripath @codecov-commenter @6543 @lafriks @GiteaBot