f1d9f18d96
According to [RFC 6749](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1), when the resource owner or authorization server denied an request, an `access_denied` error should be returned. But currently in this case Gitea does not return any error. For example, if the user clicks "Cancel" here, an `access_denied` error should be returned. <img width="360px" src="https://github.com/go-gitea/gitea/assets/15528715/be31c09b-4c0a-4701-b7a4-f54b8fe3a6c5" /> |
||
---|---|---|
.. | ||
2fa.go | ||
auth_test.go | ||
auth.go | ||
linkaccount.go | ||
main_test.go | ||
oauth_test.go | ||
oauth.go | ||
openid.go | ||
password.go | ||
webauthn.go |