feat: remove API authentication methods that uses the URL query (#7924)

- They have been marked as deprecated since 2023 and adequate warnings have been given about this method being deprecated, remove it for Forgejo v12. - For clarity: the reason they are deprecated is that these methods allow authentication material to be given via a URL query. This results in the authentication material being logged, which is undesired behavior. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7924 Reviewed-by: Beowulf <beowulf@beocode.eu> Reviewed-by: Michael Kriese <michael.kriese@gmx.de> Co-authored-by: Gusted <postmaster@gusted.xyz> Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-06-20 16:10:50 +00:00 · 2025-05-23 22:47:43 +02:00 · 2025-05-23 22:47:43 +02:00 · b2a3966e64
commit b2a3966e64
parent a5260b7f08
8 changed files with 0 additions and 64 deletions
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -22,8 +22,6 @@
 //
 //	Security:
 //	- BasicAuth :
-//	- Token :
-//	- AccessToken :
 //	- AuthorizationHeaderToken :
 //	- SudoParam :
 //	- SudoHeader :
@ -32,16 +30,6 @@
 //	SecurityDefinitions:
 //	BasicAuth:
 //	     type: basic
-//	Token:
-//	     type: apiKey
-//	     name: token
-//	     in: query
-//	     description: This authentication option is deprecated for removal in Gitea 1.23. Please use AuthorizationHeaderToken instead.
-//	AccessToken:
-//	     type: apiKey
-//	     name: access_token
-//	     in: query
-//	     description: This authentication option is deprecated for removal in Gitea 1.23. Please use AuthorizationHeaderToken instead.
 //	AuthorizationHeaderToken:
 //	     type: apiKey
 //	     name: Authorization