15 Commits (3d870f6dde9fa688a04d20150d224c4eb8c3f961)

Author	SHA1	Message	Date
Balki	c138e76c1c	Fix panic when an invalid oauth2 name is passed (#20820)	3 years ago
Lunny Xiao	86c85c19b6	Refactor AssertExistsAndLoadBean to use generics (#20797) ... * Refactor AssertExistsAndLoadBean to use generics * Fix tests Co-authored-by: zeripath <art27@cantab.net>	3 years ago
zeripath	e819da0837	WebAuthn CredentialID field needs to be increased in size (#20530) ... WebAuthn have updated their specification to set the maximum size of the CredentialID to 1023 bytes. This is somewhat larger than our current size and therefore we need to migrate. The PR changes the struct to add CredentialIDBytes and migrates the CredentialID string to the bytes field before another migration drops the old CredentialID field. Another migration renames this field back. Fix #20457 Signed-off-by: Andrew Thornton <art27@cantab.net>	3 years ago
Wim	cb50375e2b	Add more linters to improve code readability (#19989) ... Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability - nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length. - unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions - wastedassign - https://github.com/sanposhiho/wastedassign - wastedassign finds wasted assignment statements. - notlintlint - Reports ill-formed or insufficient nolint directives - stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005)	3 years ago
Lunny Xiao	fd7d83ace6	Move almost all functions' parameter db.Engine to context.Context (#19748) ... * Move almost all functions' parameter db.Engine to context.Context * remove some unnecessary wrap functions	3 years ago
6543	f41c2bec4c	Delete user related oauth stuff on user deletion too (#19677) ... * delete user related oauth stuff on user deletion too * extend doctor check-db-consistency	3 years ago
Lunny Xiao	772ad761eb	Fix some slice problems (incorrect slice length) (#19592)	3 years ago
Lunny Xiao	b8911fb456	Use a struct as test options (#19393) ... * Use a struct as test options * Fix name * Fix test	3 years ago
zeripath	3a29a23cdc	Attempt to fix the webauthn migration again - part 3 (#18770) ... v208.go is seriously broken as it misses an ID() check. We need to no-op and remigrate all of the u2f keys. See #18756 Signed-off-by: Andrew Thornton <art27@cantab.net>	3 years ago
Gusted	aa23f477b7	Use `CryptoRandomBytes` instead of `CryptoRandomString` (#18439) ... - Switch to use `CryptoRandomBytes` instead of `CryptoRandomString`, OAuth's secrets are copied pasted and don't need to avoid dubious characters etc. - `CryptoRandomBytes` gives  `CryptoRandomString` gives  possible states. - Add a prefix, such that code scanners can easily grep these in source code. - 32 Bytes + prefix	3 years ago
wxiaoguang	49dd906753	Use base32 for 2FA scratch token (#18384) ... * Use base32 for 2FA scratch token * rename Secure* to Crypto*, add comments	3 years ago
6543	54e9ee37a7	format with gofumpt (#18184) ... * gofumpt -w -l . * gofumpt -w -l -extra . * Add linter * manual fix * change make fmt	3 years ago
zeripath	d7c2a2951c	Webauthn nits (#18284) ... This contains some additional fixes and small nits related to #17957 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	3 years ago
Lunny Xiao	35c3553870	Support webauthn (#17957) ... Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	3 years ago
Lunny Xiao	de8e3948a5	Refactor auth package (#17962)	3 years ago