Closed
Description
Description
We have CI for https://opendev.org where we are testing our upgrade of 1.18.5 to 1.19.1 [1].
We found that one of our CI tasks that gets the orgs from api/v1/orgs
started failing returning a 401
.
I believe this is related to de484e8
It's not too hard to replicate this; as opendev.org is still on 1.18
$ curl https://opendev.org/api/v1/orgs
$ curl https://try.gitea.io/api/v1/orgs
The first returns json, the second not :) I'm not sure if this is intentional; it does seem like the public org listing probably doens't need to be an authenticated call?
[1] https://review.opendev.org/c/opendev/system-config/+/877541
Gitea Version
1.19.1
Can you reproduce the bug on the Gitea demo site?
Yes
Log Gist
No response
Screenshots
No response
Git Version
No response
Operating System
No response
How are you running Gitea?
Our gitea is built from upstream into a container
Database
None
Activity
wxiaoguang commentedon Apr 18, 2023
Related to #20908
And it seems that not only this one, many other end-points also have similar changes.
@harryzcy do you have ideas about how to make them more correct?
harryzcy commentedon Apr 18, 2023
@wxiaoguang If it should be public, then
reqToken
call should be removed. If it should require a token but doesn't require any specific scope,reqToken("")
should be used.Fix access token issue on some public endpoints (#24194)
Fix access token issue on some public endpoints (go-gitea#24194)
Fix access token issue on some public endpoints (#24194) (#24259)