llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-04 13:20:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,703 Commits 28 Branches 1,288 Tags
12dee8afd3ea55dc99ef3d004623be0f2f35ef86
Commit Graph

74 Commits

Author SHA1 Message Date
XDTD
cc456f265f feat: fix LDAP user password checking logic in GetOAuthToken() (#1975) 2023-06-15 21:04:09 +08:00
yehong
02e692a300 feat: return most backend API errors to frontend (#1836) 
* feat: return most backend API errros to frontend

Signed-off-by: yehong <239859435@qq.com>

* refactor: reduce int type change

Signed-off-by: yehong <239859435@qq.com>

* feat: return err backend in token.go

Signed-off-by: yehong <239859435@qq.com>

---------

Signed-off-by: yehong <239859435@qq.com>
 2023-05-30 15:49:39 +08:00
XDTD
cb542ae46a feat: fix org admin permissions (#1822) 2023-05-09 00:06:52 +08:00
Gucheng Wang
5280f872dc Speed up GetOAuthToken() 2023-03-27 14:05:44 +08:00
hsluoyz
117ee509cf feat: fix name format in application login: GetClientCredentialsToken() (#1639) 2023-03-25 23:02:08 +08:00
June
dc7b66822d feat: change token ExpiresIn to second (#1550) 2023-02-14 09:18:30 +08:00
Zayn Xie
9256791420 feat: app session control and db migrate (#1539) 
* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process (#1533)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774)

* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process

* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process

* feat: integrate application session management into Casdoor's session management (#774) && standardized the database migration process

---------

Co-authored-by: Zayn Xie <84443886+xiaoniuren99@users.noreply.github.com>

* fix: migrate err

* fix: migrate err

* feat: app session control and db migrate

* feat: app session control and db migrate

* feat: app session control and db migrate

---------

Co-authored-by: Zayn Xie <84443886+xiaoniuren99@users.noreply.github.com>
 2023-02-12 09:33:24 +08:00
June
6f7230e949 feat: support refresh token on GetOAuthToken (#1536) 2023-02-10 23:52:13 +08:00
Yaodong Yu
5d9b17542f feat: end-user log out (#1356) 2023-01-17 22:57:05 +08:00
Gucheng Wang
a6e9084973 Remove duplicated i18n words 2023-01-06 20:12:32 +08:00
Gucheng Wang
f075d0fd74 Refactor out application.IsRedirectUriValid() 2022-12-21 00:35:33 +08:00
Liu
26acece8af feat: add all other missing objects to init_data (#1407) 
* Add all other missing objects to init_data.json

* Format golang code

* feat: add all other missing objects to init_data

* feat: add all other missing objects to init_data
 2022-12-18 01:49:42 +08:00
Mr Forest
1bb3d2dea9 feat: refactor backend i18n (#1373) 
* fix: handle the dataSourceName when DB changes

* reduce duplication of code

* feat: refactor translation error message

* feat: use json intsead of ini file

* remove useless translation

* fix translate problems

* remove useless addition

* fix pr problems

* fix pr problems

* fix split problem

* use gofumpt to fmt code

* use crowdin to execute backend translation

* fix pr problems

* refactor: change translation file structure same as frontend

* delete useless output

* update go.mod
 2022-12-07 13:13:23 +08:00
Yaodong Yu
b337b908ea feat: fix the bug that admin cannot upload avatar for other users (#1323) 2022-11-25 09:36:47 +08:00
Mr Forest
d86f3c88c7 feat: support i18n in backend err messages (#1232) 
* feat: support i18n in backend err messages

* use gofumpt to fmt code

* fix review problems

* support auto generate err message

* delete beego/i18n moudle

* fix Github action test problems

* fix review problems

* use gofumpt to format code

* use gofumpt to fmt code
 2022-10-23 15:16:24 +08:00
cofecatt
4c7f6fda37 fix: Add restriction to username when signing up (#1203) 2022-10-10 19:58:02 +08:00
conghuhu
a383af0ebc feat: fix token info not contains roles and permissions (#1060) 
* fix: fix token info not contains roles and permissions

feat: remove repeated code for obtaining roles and permissions in user controller

* Update user.go

* Update user.go

* Update token.go

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2022-08-24 01:41:26 +08:00
Ryao
6676cc8ff3 fix: add JTI name to JWT token (#989) 
* feat: add jti to jwt

* fix

* fix
 2022-08-11 14:32:47 +08:00
Mikey
79119760f2 style: golint (#988) 2022-08-09 16:50:49 +08:00
Mikey
802995ed16 refactor: remove WeChat unionId to properties (#985) 2022-08-08 18:43:12 +08:00
q1anx1
2ea58cd639 chore(style): use gofumpt to fmt go code (#967) 2022-08-07 12:26:14 +08:00
aecra
f0431701c9 fix: fix OAuth error response (#835) 
* fix: fix OAuth error response

* fix: provide more detailed error messages for TokenError
 2022-07-01 14:53:34 +08:00
疯魔慕薇
a6a055cc83 Fix: ExpiresIn of token should be seconds. (#676) 
Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
 2022-04-18 10:57:51 +08:00
Yi Zhan
b92d03e2bb feat: add wechat mini program support (#658) 
* feat: add wechat mini program support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: accept suggestions.

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error message and code level modification

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: simplify the use process

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-04-15 11:49:56 +08:00
Yi Zhan
9877174780 fix: add independent error message in token endpoint (#662) 
* fix: add independent error message in token endpoint

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: reduced use of variables

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error messages use the same variable

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-04-14 10:22:56 +08:00
Minh Ha
24459d852e fix: comparing hashed password with plain text password during password grant (#627) 
* fix: use object.CheckPassword for password grant

* Apply suggestions from code review

fix: remove log per change request
 2022-03-30 00:37:38 +08:00
Yi Zhan
879ca6a488 fix: refresh_token api return old token (#623) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-27 23:10:05 +08:00
Yi Zhan
cd76e9372e feat: delete the old token when refreshing token (#617) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-24 19:58:12 +08:00
Yixiang Zhao
8a9cc2eb8f fix: change client_secret in refresh_token API as optional (#540) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-07 13:52:51 +08:00
Steve0x2a
1d0af9cf7b fix: client_credentials' token miss some claims (#536) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-04 22:57:31 +08:00
Leon
178cf7945d feat: improve token introspection endpoint (#534) 
* feat: add introspection endpoint to oidc discovery endpoint

* fix: let introspect endpoint handle formData as spec define.

Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-04 08:54:33 +08:00
Leon
ab5af979c8 feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532) 
Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-03 17:48:47 +08:00
Steve0x2a
2a0dcd746f feat: add token logout endpoint (#526) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 20:37:31 +08:00
Steve0x2a
22f5ad06ec fix: Make secret optional when using PKCE (#525) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 13:15:14 +08:00
Steve0x2a
697b3e4998 feat: add implicit flow support (#520) 
* feat: add implicit flow support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: idp support in implicit flow

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-01 19:09:59 +08:00
Steve0x2a
2c97f8a8b7 feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Steve0x2a
274096fe9d fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00
Steve0x2a
3c2f7b7fc8 feat: add protection against attacks (#460) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-29 00:32:57 +08:00
Gucheng Wang
479daf4fa4 Improve code format. 2022-01-28 17:45:41 +08:00
Steve0x2a
d129202b95 fix: no database check when using accessToken (#461) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-28 15:07:42 +08:00
Yixiang Zhao
5ec0c7a890 fix: fix the SQL injection vulnerability in field filter (#442) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-01-26 19:36:36 +08:00
Steve0x2a
051752340d feat: add userinfo endpoint (#447) 
* feat: add userinfo endpoint

Signed-off-by: 0x2a <stevesough@gmail.com>

* feat: add scope support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: modify the endpoint of discovery

Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-26 11:56:01 +08:00
Steve0x2a
630b84f534 feat: add PKCE support (#434) 
* feat: add PKCE support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error output when challenge is empty

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-01-21 09:29:19 +08:00
Gucheng Wang
c22ab44894 Update import path. 2022-01-20 14:11:46 +08:00
Steve0x2a
ffc0a0e0d5 fix: refresh_token endpoint does not work (#410) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-01 15:20:49 +08:00
Yang Luo
5e8897e41b Make cert work. 2021-12-31 10:02:06 +08:00
Steve0x2a
4f124ff140 fix: refresh token does not return (#401) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2021-12-28 19:44:17 +08:00
Yixiang Zhao
10a85f2386 feat: add server-side search, filter and sorter for all pages (#388) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2021-12-25 10:55:10 +08:00