vikunja/pkg/modules/auth/oauth2server
kolaente 22e3659153 refactor(auth): extract shared auth/token business logic for v2 reuse
Pull the HTTP-independent core out of the v1 auth handlers so both
/api/v1 and the upcoming /api/v2 routes share one implementation:

- oauth2server: ExchangeToken and Authorize take plain inputs and return
  typed responses; HandleToken/HandleAuthorize keep binding + headers.
- pkg/routes/api/shared: AuthenticateLinkShare, RegisterUser,
  ResetPassword (+ session clear), RequestPasswordResetToken and
  ConfirmEmail, plus the shared UserRegister and LinkShareToken types.

v1 handlers now delegate to these; their wire output is unchanged.
2026-06-12 09:35:53 +02:00
..
authorize.go refactor(auth): extract shared auth/token business logic for v2 reuse 2026-06-12 09:35:53 +02:00
client.go fix(oauth2server): accept all loopback redirect forms 2026-05-07 22:03:49 +00:00
client_test.go fix(oauth2server): accept all loopback redirect forms 2026-05-07 22:03:49 +00:00
pkce.go feat: add OAuth client validation and PKCE verification 2026-03-27 23:05:04 +00:00
pkce_test.go test: add tests for OAuth 2.0 authorization flow 2026-03-27 23:05:04 +00:00
token.go refactor(auth): extract shared auth/token business logic for v2 reuse 2026-06-12 09:35:53 +02:00