2026-06-06 23:16:47 +00:00
2 changed files with 18 additions and 0 deletions
@@ -16,8 +16,11 @@ import (
 	"syscall"
 	"time"

+	auth_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/auth"
 	user_model "code.mokoconsulting.tech/MokoConsulting/MokoGitea/models/user"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/httplib"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/optional"
+	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/services/auth/source/oauth2"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/log"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/setting"
 	"code.mokoconsulting.tech/MokoConsulting/MokoGitea/modules/structs"
@@ -187,6 +190,17 @@ func (ctx *Context) Forbidden() {
 	ctx.Data["IsRepo"] = ctx.Repo.Repository != nil
 	ctx.Data["Title"] = "Access Denied"
 	ctx.Data["CurrentURL"] = ctx.Req.URL.RequestURI()
+
+	// Load OAuth2 providers for the login form on the 403 page
+	if !ctx.IsSigned {
+		oauth2Providers, err := oauth2.GetOAuth2Providers(ctx, optional.Some(true))
+		if err != nil {
+			log.Error("Forbidden: GetOAuth2Providers: %v", err)
+		}
+		ctx.Data["OAuth2Providers"] = oauth2Providers
+		ctx.Data["EnableSSPI"] = auth_model.IsSSPIEnabled(ctx)
+	}
+
 	ctx.HTML(http.StatusForbidden, "status/403")
 }

@@ -10,6 +10,10 @@
 			</div>
 			{{if not .IsSigned}}
 			<div class="tw-max-w-sm tw-mx-auto tw-mt-4">
+				{{if or .OAuth2Providers .EnableSSPI}}
+					{{template "user/auth/external_auth_methods" .}}
+					<div class="divider"></div>
+				{{end}}
 				<form class="ui form" action="{{AppSubUrl}}/user/login" method="post">
 					{{.CsrfTokenHtml}}
 					<input type="hidden" name="redirect_to" value="{{.CurrentURL}}">