Merge branch 'main' into gitea

atinux · Feb 4, 2025 · ba4afab · ba4afab
2 parents 2d478c2 + 6c5c4cd
commit ba4afab
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 5 deletions.
diff --git a/.github/workflows/autofix.yml b/.github/workflows/autofix.yml
@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
-      - run: corepack enable
+      - run: npm i -g --force corepack && corepack enable
       - uses: actions/setup-node@v4
         with:
           node-version: 20

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - run: corepack enable
+      - run: npm i -g --force corepack && corepack enable
       - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
         with:
           node-version: 20
@@ -50,7 +50,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-      - run: corepack enable
+      - run: npm i -g --force corepack && corepack enable
       - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
         with:
           node-version: 20

diff --git a/src/runtime/server/lib/oauth/github.ts b/src/runtime/server/lib/oauth/github.ts
@@ -148,6 +148,7 @@ export function defineOAuthGitHubEventHandler({ config, onSuccess, onError }: OA
         return onError(event, error)
       }
       user.email = primaryEmail.email
+      user.email_verified = primaryEmail.verified
     }
 
     return onSuccess(event, {

diff --git a/src/runtime/server/lib/oauth/microsoft.ts b/src/runtime/server/lib/oauth/microsoft.ts
@@ -77,15 +77,17 @@ export function defineOAuthMicrosoftEventHandler({ config, onSuccess, onError }:
     const redirectURL = config.redirectURL || getOAuthRedirectURL(event)
 
     if (!query.code) {
-      const scope = config.scope && config.scope.length > 0 ? config.scope : ['User.Read']
+      config.scope = config.scope && config.scope.length > 0 ? config.scope : ['User.Read']
+      // guarantee uniqueness of the scope
+      config.scope = [...new Set(config.scope)]
       // Redirect to Microsoft Oauth page
       return sendRedirect(
         event,
         withQuery(authorizationURL as string, {
           client_id: config.clientId,
           response_type: 'code',
           redirect_uri: redirectURL,
-          scope: scope.join(' '),
+          scope: config.scope.join(' '),
           ...config.authorizationParams,
         }),
       )