upstream/mattermost
1
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2026-02-18 18:18:23 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

[MM-66681] Update path matching (#34524)

Browse source
This commit is contained in:
Ben Cooke 2025-11-19 09:50:25 -05:00 committed by GitHub
parent 7727f8f33b
commit 188b57fbcb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
server/channels/web/oauth.go
View file

@ -29,7 +29,8 @@ const (
func (w *Web) InitOAuth() {
// OAuth 2.0 Authorization Server Metadata endpoint (RFC 8414)
w.MainRouter.Handle(model.OAuthMetadataEndpoint, w.APIHandlerTrustRequester(getAuthorizationServerMetadata)).Methods(http.MethodGet)
// Match the exact path and any path with additional segments after it
w.MainRouter.PathPrefix(model.OAuthMetadataEndpoint).Handler(w.APIHandlerTrustRequester(getAuthorizationServerMetadata)).Methods(http.MethodGet)
// API version independent OAuth 2.0 as a service provider endpoints
w.MainRouter.Handle(model.OAuthAuthorizeEndpoint, w.APIHandlerTrustRequester(authorizeOAuthPage)).Methods(http.MethodGet)

3
server/public/model/oauth_metadata.go
View file

@ -58,7 +58,8 @@ func GetDefaultMetadata(siteURL string) (*AuthorizationServerMetadata, error) {
GrantTypeRefreshToken,
},
TokenEndpointAuthMethodsSupported: []string{
ClientAuthMethodClientSecretPost,
ClientAuthMethodNone, // Public clients (PKCE)
ClientAuthMethodClientSecretPost, // Confidential clients
},
ScopesSupported: []string{
ScopeUser,