Skip to content

Fix OAuth2 authorization code expiry and reuse handling (#36797)#36851

Merged
lunny merged 1 commit intogo-gitea:release/v1.25from
GiteaBot:backport-36797-v1.25
Mar 6, 2026
Merged

Fix OAuth2 authorization code expiry and reuse handling (#36797)#36851
lunny merged 1 commit intogo-gitea:release/v1.25from
GiteaBot:backport-36797-v1.25

Conversation

@GiteaBot
Copy link
Copy Markdown
Collaborator

@GiteaBot GiteaBot commented Mar 6, 2026

Backport #36797 by @lunny

  • set OAuth2 authorization code ValidUntil on creation and add expiry checks during exchange
  • return a specific error when codes are invalidated twice to prevent concurrent reuse
  • add unit tests covering validity timestamps, expiration, and double invalidation

Generate by a coding agent with Codex 5.2

@lunny @GiteaBot
Fix OAuth2 authorization code expiry and reuse handling (go-gitea#36797)
d86ef07 
- set OAuth2 authorization code `ValidUntil` on creation and add expiry
checks during exchange
- return a specific error when codes are invalidated twice to prevent
concurrent reuse
- add unit tests covering validity timestamps, expiration, and double
invalidation

---
Generate by a coding agent with Codex 5.2

---------

Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@GiteaBot GiteaBot added modifies/go Pull requests that update Go code type/bug labels Mar 6, 2026
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Mar 6, 2026
@GiteaBot GiteaBot added this to the 1.25.5 milestone Mar 6, 2026
@GiteaBot GiteaBot requested review from Zettat123 and silverwind March 6, 2026 16:28
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Mar 6, 2026
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Mar 6, 2026
@lunny lunny merged commit 413074b into go-gitea:release/v1.25 Mar 6, 2026
26 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lunny lunny lunny approved these changes

@silverwind silverwind silverwind approved these changes

@Zettat123 Zettat123 Awaiting requested review from Zettat123

Assignees

@lunny lunny

Labels

lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/go Pull requests that update Go code type/bug

Projects

None yet

Milestone

1.25.5

Development

Successfully merging this pull request may close these issues.

3 participants

@GiteaBot @lunny @silverwind