llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-04 21:30:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,703 Commits 28 Branches 1,288 Tags
12dee8afd3ea55dc99ef3d004623be0f2f35ef86
Commit Graph

721 Commits

Author SHA1 Message Date
Yi Zhan
e8b9c67671 feat: add casdoor as itself idp support (#578) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-18 18:28:46 +08:00
Yixiang Zhao
35bef969fd feat: support Huawei Cloud SMS (#565) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-14 20:49:03 +08:00
Yang Luo
4dca3bd3f7 Add Notify() to payment provider. 2022-03-14 02:56:04 +08:00
Yang Luo
5de417ecf7 Add gc provider. 2022-03-14 00:32:36 +08:00
Yang Luo
bf24594fb4 Make resource name longer. 2022-03-13 21:20:00 +08:00
Yang Luo
4a87b4790e Avoid panic in AddUsers(). 2022-03-13 20:53:05 +08:00
Yang Luo
fde8c4b5f6 Fix NotifyPayment(). 2022-03-13 19:57:23 +08:00
Yang Luo
ca87dd7dea Add returnUrl to product. 2022-03-13 16:25:54 +08:00
Yang Luo
32af4a766e Add GetUserPayments() API. 2022-03-13 14:56:21 +08:00
Yang Luo
4d035bf66d Add tags to organization. 2022-03-13 00:35:49 +08:00
Yixiang Zhao
d43d7d1ae9 feat: support master password for ldap user (#561) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-12 21:06:38 +08:00
Yang Luo
c906f1e5d2 Add user and state to payment pages. 2022-03-12 20:03:58 +08:00
Gucheng Wang
380cdc5f7e fix: The top-right logout button sometimes disappears for small screen size (#544) 2022-03-08 21:14:04 +08:00
Yixiang Zhao
8a9cc2eb8f fix: change client_secret in refresh_token API as optional (#540) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-07 13:52:51 +08:00
Yang Luo
a4fc04474e Add NotifyPayment API. 2022-03-07 00:33:45 +08:00
Yang Luo
bf5d4eea48 Add alipay provider. 2022-03-06 22:46:02 +08:00
Steve0x2a
1d0af9cf7b fix: client_credentials' token miss some claims (#536) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-04 22:57:31 +08:00
Nekotoxin
4d48517be9 fix: fix the No.0 bug(for all sign up methods) (#535) 2022-03-04 13:06:21 +08:00
Leon
178cf7945d feat: improve token introspection endpoint (#534) 
* feat: add introspection endpoint to oidc discovery endpoint

* fix: let introspect endpoint handle formData as spec define.

Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-04 08:54:33 +08:00
Leon
ab5af979c8 feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532) 
Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-03 17:48:47 +08:00
Yixiang Zhao
83a6b757a4 fix: password leakage vulnerability caused by pagination (#527) 
* fix: password leakage vulnerability caused by pagination

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: unsafe get-app-login response fields

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-02 20:58:16 +08:00
Steve0x2a
2a0dcd746f feat: add token logout endpoint (#526) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 20:37:31 +08:00
Steve0x2a
22f5ad06ec fix: Make secret optional when using PKCE (#525) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 13:15:14 +08:00
Steve0x2a
697b3e4998 feat: add implicit flow support (#520) 
* feat: add implicit flow support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: idp support in implicit flow

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-01 19:09:59 +08:00
Nekotoxin
759a1421e5 feat: add the 'karma' prop to table User (#518) 
* feature: feat : add the 'karma' prop to table User

* feat: add the 'karma' prop to table User
 2022-02-28 16:25:09 +08:00
Gucheng Wang
c14bf9fdab Fix bug in first name, last name checking 2022-02-28 13:17:05 +08:00
Yang Luo
e19f07c521 Add product detail page. 2022-02-27 23:50:35 +08:00
Yang Luo
39ab71c5db Add product pages. 2022-02-27 20:09:19 +08:00
Steve0x2a
2c97f8a8b7 feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Yang Luo
21392dcc14 Support user's first name and last name. 2022-02-27 14:02:52 +08:00
Yang Luo
953d3d5bc5 Change personal to real name. 2022-02-27 13:44:44 +08:00
Steve0x2a
cbc8c58e85 fix: oidc jwks endpoint only return default cert (#506) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-21 23:17:16 +08:00
Steve0x2a
a33076ada4 feat: add AD-FS support (#505) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-20 15:01:48 +08:00
Steve0x2a
274096fe9d fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Steve0x2a
661abd6b6e feat: add steam support (#497) 
* feat: add steam support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: wrong name

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-16 19:57:46 +08:00
Yixiang Zhao
4122c94205 feat: add pagination for LdapSyncPage and fix the bug Ldap auto-sync cannot disable (#496) 
* feat: add pagination for LdapSyncPage

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: Ldap auto sync cannot disable

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-02-15 23:03:53 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Gucheng Wang
9024010081 Update demo site URL. 2022-02-13 20:47:34 +08:00
Yang Luo
07abe06332 Use utf8mb4 for DB encoding. 2022-02-11 22:38:56 +08:00
Rafael Firmino
47d1448c02 test: add step in gitHub action from running tests first (#476) 
* Add step for running tests in github actions

The test xlsx/xlsx_test.go is removed becout the path containing
file not exist.

* Fix error in test

* test: This test was supposed to test getUsers, but it does nothing

This test will be rewrite for using a clean database, today its
necessary create a syncer manualy for this test pass.

* Add syncer tests

* Fix Copyright position

* fix: back with test file
 2022-02-10 17:15:15 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00
Steve0x2a
f85f4c0cf8 feat: add infoflow idp support (#472) 
* feat: add infoflow internal backend support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* feat: add infoflow idp support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: copyright and comment

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-05 21:54:38 +08:00
Yang Luo
940aa2bc2d Add payment pages. 2022-02-05 20:13:15 +08:00
Gucheng Wang
19ed35f964 Add getOriginFromHost(). 2022-01-29 23:43:25 +08:00
Steve0x2a
3c2f7b7fc8 feat: add protection against attacks (#460) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-29 00:32:57 +08:00
Gucheng Wang
fbc73de3bb Support WeCom Internal sub type. 2022-01-28 23:57:54 +08:00
Gucheng Wang
479daf4fa4 Improve code format. 2022-01-28 17:45:41 +08:00
Steve0x2a
d129202b95 fix: no database check when using accessToken (#461) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-28 15:07:42 +08:00
Yixiang Zhao
5ec0c7a890 fix: fix the SQL injection vulnerability in field filter (#442) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-01-26 19:36:36 +08:00
Steve0x2a
051752340d feat: add userinfo endpoint (#447) 
* feat: add userinfo endpoint

Signed-off-by: 0x2a <stevesough@gmail.com>

* feat: add scope support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: modify the endpoint of discovery

Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-26 11:56:01 +08:00