63ab92d797
This PR is an extended implementation of #25189 and builds upon the
proposal by @hickford in #25653, utilizing some ideas proposed
internally by @wxiaoguang.
Mainly, this PR consists of a mechanism to pre-register OAuth2
applications on startup, which can be enabled or disabled by modifying
the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2
applications registered this way are being marked as "locked" and
neither be deleted nor edited over UI to prevent confusing/unexpected
behavior. Instead, they're being removed if no longer enabled in config.
![grafik](
|
||
|---|---|---|
| .. | ||
| main_test.go | ||
| oauth2.go | ||
| oauth2_test.go | ||
| session.go | ||
| source.go | ||
| source_test.go | ||
| token.go | ||
| token_scope.go | ||
| token_scope_test.go | ||
| token_test.go | ||
| twofactor.go | ||
| webauthn.go | ||
| webauthn_test.go | ||