llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-22 18:25:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: use client secret field for providers (#2355)

Browse Source 
* feat: fix key exposure problem

* fix display bug
This commit is contained in:
UsherFall 2023-09-24 18:35:58 +08:00 committed by GitHub
parent b94d06fb07
commit aab6a799fe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 45 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
email/provider.go
View File

@ -18,9 +18,9 @@ type EmailProvider interface {
Send(fromAddress string, fromName, toAddress string, subject string, content string) error Send(fromAddress string, fromName, toAddress string, subject string, content string) error
} }
func GetEmailProvider(typ string, clientId string, clientSecret string, appId string, host string, port int, disableSsl bool) EmailProvider { func GetEmailProvider(typ string, clientId string, clientSecret string, host string, port int, disableSsl bool) EmailProvider {
if typ == "Azure ACS" { if typ == "Azure ACS" {
return NewAzureACSEmailProvider(appId, host) return NewAzureACSEmailProvider(clientSecret, host)
} else { } else {
return NewSmtpEmailProvider(clientId, clientSecret, host, port, typ, disableSsl) return NewSmtpEmailProvider(clientId, clientSecret, host, port, typ, disableSsl)
} }

2
notification/matrix.go
View File

@ -21,7 +21,7 @@ import (
"maunium.net/go/mautrix/id" "maunium.net/go/mautrix/id"
) )
func NewMatrixProvider(userId string, roomId string, accessToken string, homeServer string) (*notify.Notify, error) { func NewMatrixProvider(userId string, accessToken string, roomId string, homeServer string) (*notify.Notify, error) {
matrixSrv, err := matrix.New(id.UserID(userId), id.RoomID(roomId), homeServer, accessToken) matrixSrv, err := matrix.New(id.UserID(userId), id.RoomID(roomId), homeServer, accessToken)
if err != nil { if err != nil {
return nil, err return nil, err

18
notification/provider.go
View File

@ -18,27 +18,27 @@ import "github.com/casdoor/notify"
func GetNotificationProvider(typ string, clientId string, clientSecret string, clientId2 string, clientSecret2 string, appId string, receiver string, method string, title string, metaData string) (notify.Notifier, error) { func GetNotificationProvider(typ string, clientId string, clientSecret string, clientId2 string, clientSecret2 string, appId string, receiver string, method string, title string, metaData string) (notify.Notifier, error) {
if typ == "Telegram" { if typ == "Telegram" {
return NewTelegramProvider(appId, receiver) return NewTelegramProvider(clientSecret, receiver)
} else if typ == "Custom HTTP" { } else if typ == "Custom HTTP" {
return NewCustomHttpProvider(receiver, method, title) return NewCustomHttpProvider(receiver, method, title)
} else if typ == "DingTalk" { } else if typ == "DingTalk" {
return NewDingTalkProvider(appId, receiver) return NewDingTalkProvider(clientId, clientSecret)
} else if typ == "Lark" { } else if typ == "Lark" {
return NewLarkProvider(receiver) return NewLarkProvider(clientSecret)
} else if typ == "Microsoft Teams" { } else if typ == "Microsoft Teams" {
return NewMicrosoftTeamsProvider(receiver) return NewMicrosoftTeamsProvider(clientSecret)
} else if typ == "Bark" { } else if typ == "Bark" {
return NewBarkProvider(receiver) return NewBarkProvider(clientSecret)
} else if typ == "Pushover" { } else if typ == "Pushover" {
return NewPushoverProvider(appId, receiver) return NewPushoverProvider(clientSecret, receiver)
} else if typ == "Pushbullet" { } else if typ == "Pushbullet" {
return NewPushbulletProvider(appId, receiver) return NewPushbulletProvider(clientSecret, receiver)
} else if typ == "Slack" { } else if typ == "Slack" {
return NewSlackProvider(appId, receiver) return NewSlackProvider(clientSecret, receiver)
} else if typ == "Webpush" { } else if typ == "Webpush" {
return NewWebpushProvider(clientId, clientSecret, receiver) return NewWebpushProvider(clientId, clientSecret, receiver)
} else if typ == "Discord" { } else if typ == "Discord" {
return NewDiscordProvider(appId, receiver) return NewDiscordProvider(clientSecret, receiver)
} else if typ == "Google Chat" { } else if typ == "Google Chat" {
return NewGoogleChatProvider(metaData) return NewGoogleChatProvider(metaData)
} else if typ == "Line" { } else if typ == "Line" {

2
object/email.go
View File

@ -36,7 +36,7 @@ func getDialer(provider *Provider) *gomail.Dialer {
} }
func SendEmail(provider *Provider, title string, content string, dest string, sender string) error { func SendEmail(provider *Provider, title string, content string, dest string, sender string) error {
emailProvider := email.GetEmailProvider(provider.Type, provider.ClientId, provider.ClientSecret, provider.AppId, provider.Host, provider.Port, provider.DisableSsl) emailProvider := email.GetEmailProvider(provider.Type, provider.ClientId, provider.ClientSecret, provider.Host, provider.Port, provider.DisableSsl)
fromAddress := provider.ClientId2 fromAddress := provider.ClientId2
if fromAddress == "" { if fromAddress == "" {

55
web/src/ProviderEditPage.js
View File

@ -172,6 +172,12 @@ class ProviderEditPage extends React.Component {
} else { } else {
return Setting.getLabel(i18next.t("provider:Site key"), i18next.t("provider:Site key - Tooltip")); return Setting.getLabel(i18next.t("provider:Site key"), i18next.t("provider:Site key - Tooltip"));
} }
case "Notification":
if (provider.type === "DingTalk") {
return Setting.getLabel(i18next.t("provider:Access key"), i18next.t("provider:Access key - Tooltip"));
} else {
return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
}
default: default:
return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip")); return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
} }
@ -180,7 +186,11 @@ class ProviderEditPage extends React.Component {
getClientSecretLabel(provider) { getClientSecretLabel(provider) {
switch (provider.category) { switch (provider.category) {
case "Email": case "Email":
return Setting.getLabel(i18next.t("general:Password"), i18next.t("general:Password - Tooltip")); if (provider.type === "Azure ACS") {
return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip"));
} else {
return Setting.getLabel(i18next.t("general:Password"), i18next.t("general:Password - Tooltip"));
}
case "SMS": case "SMS":
if (provider.type === "Volc Engine SMS" || provider.type === "Amazon SNS" || provider.type === "Baidu Cloud SMS") { if (provider.type === "Volc Engine SMS" || provider.type === "Amazon SNS" || provider.type === "Baidu Cloud SMS") {
return Setting.getLabel(i18next.t("provider:Secret access key"), i18next.t("provider:Secret access key - Tooltip")); return Setting.getLabel(i18next.t("provider:Secret access key"), i18next.t("provider:Secret access key - Tooltip"));
@ -202,8 +212,10 @@ class ProviderEditPage extends React.Component {
return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip")); return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip"));
} }
case "Notification": case "Notification":
if (provider.type === "Line") { if (provider.type === "Line" || provider.type === "Telegram" || provider.type === "Bark" || provider.type === "DingTalk" || provider.type === "Discord" || provider.type === "Slack" || provider.type === "Pushover" || provider.type === "Pushbullet") {
return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip")); return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip"));
} else if (provider.type === "Lark" || provider.type === "Microsoft Teams") {
return Setting.getLabel(i18next.t("provider:Endpoint"), i18next.t("provider:Endpoint - Tooltip"));
} else { } else {
return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip")); return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip"));
} }
@ -297,7 +309,7 @@ class ProviderEditPage extends React.Component {
tooltip = i18next.t("provider:Project Id - Tooltip"); tooltip = i18next.t("provider:Project Id - Tooltip");
} }
} else if (provider.category === "Email") { } else if (provider.category === "Email") {
if (provider.type === "SUBMAIL" || provider.type === "Azure ACS") { if (provider.type === "SUBMAIL") {
text = i18next.t("provider:App ID"); text = i18next.t("provider:App ID");
tooltip = i18next.t("provider:App ID - Tooltip"); tooltip = i18next.t("provider:App ID - Tooltip");
} }
@ -305,7 +317,7 @@ class ProviderEditPage extends React.Component {
if (provider.type === "Viber") { if (provider.type === "Viber") {
text = i18next.t("provider:Domain"); text = i18next.t("provider:Domain");
tooltip = i18next.t("provider:Domain - Tooltip"); tooltip = i18next.t("provider:Domain - Tooltip");
} else if (provider.type === "Telegram" || provider.type === "DingTalk" || provider.type === "Pushover" || provider.type === "Pushbullet" || provider.type === "Slack" || provider.type === "Discord" || provider.type === "Line" || provider.type === "Matrix" || provider.type === "Rocket Chat") { } else if (provider.type === "Line" || provider.type === "Matrix" || provider.type === "Rocket Chat") {
text = i18next.t("provider:App Key"); text = i18next.t("provider:App Key");
tooltip = i18next.t("provider:App Key - Tooltip"); tooltip = i18next.t("provider:App Key - Tooltip");
} }
@ -336,12 +348,9 @@ class ProviderEditPage extends React.Component {
if (provider.type === "Telegram" || provider.type === "Pushover" || provider.type === "Pushbullet" || provider.type === "Slack" || provider.type === "Discord" || provider.type === "Line" || provider.type === "Twitter" || provider.type === "Reddit" || provider.type === "Rocket Chat" || provider.type === "Viber") { if (provider.type === "Telegram" || provider.type === "Pushover" || provider.type === "Pushbullet" || provider.type === "Slack" || provider.type === "Discord" || provider.type === "Line" || provider.type === "Twitter" || provider.type === "Reddit" || provider.type === "Rocket Chat" || provider.type === "Viber") {
text = i18next.t("provider:Chat ID"); text = i18next.t("provider:Chat ID");
tooltip = i18next.t("provider:Chat ID - Tooltip"); tooltip = i18next.t("provider:Chat ID - Tooltip");
} else if (provider.type === "Custom HTTP" || provider.type === "Lark" || provider.type === "Microsoft Teams" || provider.type === "Webpush" || provider.type === "Matrix") { } else if (provider.type === "Custom HTTP" || provider.type === "Webpush" || provider.type === "Matrix") {
text = i18next.t("provider:Endpoint"); text = i18next.t("provider:Endpoint");
tooltip = i18next.t("provider:Endpoint - Tooltip"); tooltip = i18next.t("provider:Endpoint - Tooltip");
} else if (provider.type === "DingTalk" || provider.type === "Bark") {
text = i18next.t("provider:Secret Key");
tooltip = i18next.t("provider:Secret Key - Tooltip");
} }
if (text === "" && tooltip === "") { if (text === "" && tooltip === "") {
@ -626,24 +635,24 @@ class ProviderEditPage extends React.Component {
} }
{ {
(this.state.provider.category === "Captcha" && this.state.provider.type === "Default") || (this.state.provider.category === "Captcha" && this.state.provider.type === "Default") ||
(this.state.provider.category === "Email" && this.state.provider.type === "Azure ACS") ||
(this.state.provider.category === "Web3") || (this.state.provider.category === "Web3") ||
(this.state.provider.category === "Storage" && this.state.provider.type === "Local File System" || (this.state.provider.category === "Storage" && this.state.provider.type === "Local File System") ||
(this.state.provider.category === "Notification" && this.state.provider.type !== "Webpush" && this.state.provider.type !== "Line" && this.state.provider.type !== "Matrix" && this.state.provider.type !== "Twitter" && this.state.provider.type !== "Reddit" && this.state.provider.type !== "Rocket Chat" && this.state.provider.type !== "Viber")) ? null : ( (this.state.provider.category === "Notification" && (this.state.provider.type === "Google Chat" || this.state.provider.type === "Custom HTTP")) ? null : (
<React.Fragment> <React.Fragment>
{ {
this.state.provider.type === "Line" ? null : ( (this.state.provider.category === "Email" && this.state.provider.type === "Azure ACS") ||
<Row style={{marginTop: "20px"}} > (this.state.provider.category === "Notification" && (this.state.provider.type === "Line" || this.state.provider.type === "Telegram" || this.state.provider.type === "Bark" || this.state.provider.type === "Discord" || this.state.provider.type === "Slack" || this.state.provider.type === "Pushbullet" || this.state.provider.type === "Pushover" || this.state.provider.type === "Lark" || this.state.provider.type === "Microsoft Teams")) ? null : (
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}> <Row style={{marginTop: "20px"}} >
{this.getClientIdLabel(this.state.provider)} : <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
</Col> {this.getClientIdLabel(this.state.provider)} :
<Col span={22} > </Col>
<Input value={this.state.provider.clientId} onChange={e => { <Col span={22} >
this.updateProviderField("clientId", e.target.value); <Input value={this.state.provider.clientId} onChange={e => {
}} /> this.updateProviderField("clientId", e.target.value);
</Col> }} />
</Row> </Col>
) </Row>
)
} }
<Row style={{marginTop: "20px"}} > <Row style={{marginTop: "20px"}} >
<Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}> <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>