Fix recovery middleware to render gitea style page. (#13857)

* Some changes to fix recovery * Move Recovery to middlewares * Remove trace code * Fix lint * add session middleware and remove dependent on macaron for sso * Fix panic 500 page rendering * Fix bugs * Fix fmt * Fix vendor * recover unnecessary change * Fix lint and addd some comments about the copied codes. * Use util.StatDir instead of com.StatDir Co-authored-by: 6543 <6543@obermui.de>
2025-10-29 10:57:44 +09:00 · 2021-01-05 21:05:40 +08:00
parent 126c9331d6
commit 15a475b7db
75 changed files with 5233 additions and 307 deletions
--- a/modules/auth/sso/oauth2.go
+++ b/modules/auth/sso/oauth2.go
@@ -6,15 +6,13 @@
 package sso

 import (
+	"net/http"
 	"strings"
 	"time"

 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/timeutil"
-
-	"gitea.com/macaron/macaron"
-	"gitea.com/macaron/session"
 )

 // Ensure the struct implements the interface.
@@ -63,15 +61,15 @@ func (o *OAuth2) Free() error {
 }

 // userIDFromToken returns the user id corresponding to the OAuth token.
-func (o *OAuth2) userIDFromToken(ctx *macaron.Context) int64 {
+func (o *OAuth2) userIDFromToken(req *http.Request, store DataStore) int64 {
 	// Check access token.
-	tokenSHA := ctx.Query("token")
+	tokenSHA := req.Form.Get("token")
 	if len(tokenSHA) == 0 {
-		tokenSHA = ctx.Query("access_token")
+		tokenSHA = req.Form.Get("access_token")
 	}
 	if len(tokenSHA) == 0 {
 		// Well, check with header again.
-		auHead := ctx.Req.Header.Get("Authorization")
+		auHead := req.Header.Get("Authorization")
 		if len(auHead) > 0 {
 			auths := strings.Fields(auHead)
 			if len(auths) == 2 && (auths[0] == "token" || strings.ToLower(auths[0]) == "bearer") {
@@ -87,7 +85,7 @@ func (o *OAuth2) userIDFromToken(ctx *macaron.Context) int64 {
 	if strings.Contains(tokenSHA, ".") {
 		uid := CheckOAuthAccessToken(tokenSHA)
 		if uid != 0 {
-			ctx.Data["IsApiToken"] = true
+			store.GetData()["IsApiToken"] = true
 		}
 		return uid
 	}
@@ -102,7 +100,7 @@ func (o *OAuth2) userIDFromToken(ctx *macaron.Context) int64 {
 	if err = models.UpdateAccessToken(t); err != nil {
 		log.Error("UpdateAccessToken: %v", err)
 	}
-	ctx.Data["IsApiToken"] = true
+	store.GetData()["IsApiToken"] = true
 	return t.UID
 }

@@ -116,16 +114,16 @@ func (o *OAuth2) IsEnabled() bool {
 // or the "Authorization" header and returns the corresponding user object for that ID.
 // If verification is successful returns an existing user object.
 // Returns nil if verification fails.
-func (o *OAuth2) VerifyAuthData(ctx *macaron.Context, sess session.Store) *models.User {
+func (o *OAuth2) VerifyAuthData(req *http.Request, store DataStore, sess SessionStore) *models.User {
 	if !models.HasEngine {
 		return nil
 	}

-	if isInternalPath(ctx) || !isAPIPath(ctx) && !isAttachmentDownload(ctx) {
+	if isInternalPath(req) || !isAPIPath(req) && !isAttachmentDownload(req) {
 		return nil
 	}

-	id := o.userIDFromToken(ctx)
+	id := o.userIDFromToken(req, store)
 	if id <= 0 {
 		return nil
 	}