llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-24 08:20:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
840 Commits 27 Branches 1,253 Tags
Commit Graph

380 Commits

Author SHA1 Message Date
Minh Ha
24459d852e
fix: comparing hashed password with plain text password during password grant (#627) 
* fix: use object.CheckPassword for password grant

* Apply suggestions from code review

fix: remove log per change request
 2022-03-30 00:37:38 +08:00
蔡点点
e3f5bf93b2
fix: adjust the password check logic for ldap user (#597) 
* fix: the password check logic for ldap user.
LDAP user should only use the ldap connection to check the password.

* fix: code format
 2022-03-28 17:19:58 +08:00
Yi Zhan
879ca6a488
fix: refresh_token api return old token (#623) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-27 23:10:05 +08:00
Yi Zhan
cd76e9372e
feat: delete the old token when refreshing token (#617) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-24 19:58:12 +08:00
Sagilio
a78b2de7b2
fix: panic when not select one provider (#614) 
Signed-off-by: Sagilio <Sagilio@outlook.com>
 2022-03-24 12:15:10 +08:00
Nekotoxin
ade64693e4
fix: support lower go version(1.15) (#599) 
* fix: support lower go version(1.15)

* fix: support lower go version(1.15)

* fix: support lower go version(1.15)
 2022-03-21 21:55:16 +08:00
Товарищ программист
5f8924ed4e
feat: support overriding configuration with env (#590) 2022-03-20 23:21:09 +08:00
Yixiang Zhao
447dd1c534
feat: update the uploaded user field and provide demo xlsx file (#596) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-20 22:28:22 +08:00
Yang Luo
0841eb5c30 Fix !skipCi directive. 2022-03-19 23:15:19 +08:00
Yi Zhan
e8b9c67671
feat: add casdoor as itself idp support (#578) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-18 18:28:46 +08:00
Yixiang Zhao
35bef969fd
feat: support Huawei Cloud SMS (#565) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-14 20:49:03 +08:00
Yang Luo
4dca3bd3f7 Add Notify() to payment provider. 2022-03-14 02:56:04 +08:00
Yang Luo
5de417ecf7 Add gc provider. 2022-03-14 00:32:36 +08:00
Yang Luo
bf24594fb4 Make resource name longer. 2022-03-13 21:20:00 +08:00
Yang Luo
4a87b4790e Avoid panic in AddUsers(). 2022-03-13 20:53:05 +08:00
Yang Luo
fde8c4b5f6 Fix NotifyPayment(). 2022-03-13 19:57:23 +08:00
Yang Luo
ca87dd7dea Add returnUrl to product. 2022-03-13 16:25:54 +08:00
Yang Luo
32af4a766e Add GetUserPayments() API. 2022-03-13 14:56:21 +08:00
Yang Luo
4d035bf66d Add tags to organization. 2022-03-13 00:35:49 +08:00
Yixiang Zhao
d43d7d1ae9
feat: support master password for ldap user (#561) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-12 21:06:38 +08:00
Yang Luo
c906f1e5d2 Add user and state to payment pages. 2022-03-12 20:03:58 +08:00
Gucheng Wang
380cdc5f7e fix: The top-right logout button sometimes disappears for small screen size (#544) 2022-03-08 21:14:04 +08:00
Yixiang Zhao
8a9cc2eb8f
fix: change client_secret in refresh_token API as optional (#540) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-07 13:52:51 +08:00
Yang Luo
a4fc04474e Add NotifyPayment API. 2022-03-07 00:33:45 +08:00
Yang Luo
bf5d4eea48 Add alipay provider. 2022-03-06 22:46:02 +08:00
Steve0x2a
1d0af9cf7b
fix: client_credentials' token miss some claims (#536) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-04 22:57:31 +08:00
Nekotoxin
4d48517be9
fix: fix the No.0 bug(for all sign up methods) (#535) 2022-03-04 13:06:21 +08:00
Leon
178cf7945d
feat: improve token introspection endpoint (#534) 
* feat: add introspection endpoint to oidc discovery endpoint

* fix: let introspect endpoint handle formData as spec define.

Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-04 08:54:33 +08:00
Leon
ab5af979c8
feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532) 
Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-03 17:48:47 +08:00
Yixiang Zhao
83a6b757a4
fix: password leakage vulnerability caused by pagination (#527) 
* fix: password leakage vulnerability caused by pagination

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: unsafe get-app-login response fields

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-02 20:58:16 +08:00
Steve0x2a
2a0dcd746f
feat: add token logout endpoint (#526) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 20:37:31 +08:00
Steve0x2a
22f5ad06ec
fix: Make secret optional when using PKCE (#525) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 13:15:14 +08:00
Steve0x2a
697b3e4998
feat: add implicit flow support (#520) 
* feat: add implicit flow support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: idp support in implicit flow

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-01 19:09:59 +08:00
Nekotoxin
759a1421e5
feat: add the 'karma' prop to table User (#518) 
* feature: feat : add the 'karma' prop to table User

* feat: add the 'karma' prop to table User
 2022-02-28 16:25:09 +08:00
Gucheng Wang
c14bf9fdab Fix bug in first name, last name checking 2022-02-28 13:17:05 +08:00
Yang Luo
e19f07c521 Add product detail page. 2022-02-27 23:50:35 +08:00
Yang Luo
39ab71c5db Add product pages. 2022-02-27 20:09:19 +08:00
Steve0x2a
2c97f8a8b7
feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Yang Luo
21392dcc14 Support user's first name and last name. 2022-02-27 14:02:52 +08:00
Yang Luo
953d3d5bc5 Change personal to real name. 2022-02-27 13:44:44 +08:00
Steve0x2a
cbc8c58e85
fix: oidc jwks endpoint only return default cert (#506) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-21 23:17:16 +08:00
Steve0x2a
a33076ada4
feat: add AD-FS support (#505) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-20 15:01:48 +08:00
Steve0x2a
274096fe9d
fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Steve0x2a
661abd6b6e
feat: add steam support (#497) 
* feat: add steam support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: wrong name

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-16 19:57:46 +08:00
Yixiang Zhao
4122c94205
feat: add pagination for LdapSyncPage and fix the bug Ldap auto-sync cannot disable (#496) 
* feat: add pagination for LdapSyncPage

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: Ldap auto sync cannot disable

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-02-15 23:03:53 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Gucheng Wang
9024010081 Update demo site URL. 2022-02-13 20:47:34 +08:00
Yang Luo
07abe06332 Use utf8mb4 for DB encoding. 2022-02-11 22:38:56 +08:00
Rafael Firmino
47d1448c02
test: add step in gitHub action from running tests first (#476) 
* Add step for running tests in github actions

The test xlsx/xlsx_test.go is removed becout the path containing
file not exist.

* Fix error in test

* test: This test was supposed to test getUsers, but it does nothing

This test will be rewrite for using a clean database, today its
necessary create a syncer manualy for this test pass.

* Add syncer tests

* Fix Copyright position

* fix: back with test file
 2022-02-10 17:15:15 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00