llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-24 08:20:31 +08:00
Code Issues Packages Projects Releases Wiki Activity
806 Commits 27 Branches 1,253 Tags
Commit Graph

364 Commits

Author SHA1 Message Date
Yang Luo
ca87dd7dea Add returnUrl to product. 2022-03-13 16:25:54 +08:00
Yang Luo
32af4a766e Add GetUserPayments() API. 2022-03-13 14:56:21 +08:00
Yang Luo
4d035bf66d Add tags to organization. 2022-03-13 00:35:49 +08:00
Yixiang Zhao
d43d7d1ae9
feat: support master password for ldap user (#561) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-12 21:06:38 +08:00
Yang Luo
c906f1e5d2 Add user and state to payment pages. 2022-03-12 20:03:58 +08:00
Gucheng Wang
380cdc5f7e fix: The top-right logout button sometimes disappears for small screen size (#544) 2022-03-08 21:14:04 +08:00
Yixiang Zhao
8a9cc2eb8f
fix: change client_secret in refresh_token API as optional (#540) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-07 13:52:51 +08:00
Yang Luo
a4fc04474e Add NotifyPayment API. 2022-03-07 00:33:45 +08:00
Yang Luo
bf5d4eea48 Add alipay provider. 2022-03-06 22:46:02 +08:00
Steve0x2a
1d0af9cf7b
fix: client_credentials' token miss some claims (#536) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-04 22:57:31 +08:00
Nekotoxin
4d48517be9
fix: fix the No.0 bug(for all sign up methods) (#535) 2022-03-04 13:06:21 +08:00
Leon
178cf7945d
feat: improve token introspection endpoint (#534) 
* feat: add introspection endpoint to oidc discovery endpoint

* fix: let introspect endpoint handle formData as spec define.

Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-04 08:54:33 +08:00
Leon
ab5af979c8
feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532) 
Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-03 17:48:47 +08:00
Yixiang Zhao
83a6b757a4
fix: password leakage vulnerability caused by pagination (#527) 
* fix: password leakage vulnerability caused by pagination

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: unsafe get-app-login response fields

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-02 20:58:16 +08:00
Steve0x2a
2a0dcd746f
feat: add token logout endpoint (#526) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 20:37:31 +08:00
Steve0x2a
22f5ad06ec
fix: Make secret optional when using PKCE (#525) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 13:15:14 +08:00
Steve0x2a
697b3e4998
feat: add implicit flow support (#520) 
* feat: add implicit flow support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: idp support in implicit flow

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-01 19:09:59 +08:00
Nekotoxin
759a1421e5
feat: add the 'karma' prop to table User (#518) 
* feature: feat : add the 'karma' prop to table User

* feat: add the 'karma' prop to table User
 2022-02-28 16:25:09 +08:00
Gucheng Wang
c14bf9fdab Fix bug in first name, last name checking 2022-02-28 13:17:05 +08:00
Yang Luo
e19f07c521 Add product detail page. 2022-02-27 23:50:35 +08:00
Yang Luo
39ab71c5db Add product pages. 2022-02-27 20:09:19 +08:00
Steve0x2a
2c97f8a8b7
feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Yang Luo
21392dcc14 Support user's first name and last name. 2022-02-27 14:02:52 +08:00
Yang Luo
953d3d5bc5 Change personal to real name. 2022-02-27 13:44:44 +08:00
Steve0x2a
cbc8c58e85
fix: oidc jwks endpoint only return default cert (#506) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-21 23:17:16 +08:00
Steve0x2a
a33076ada4
feat: add AD-FS support (#505) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-20 15:01:48 +08:00
Steve0x2a
274096fe9d
fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Steve0x2a
661abd6b6e
feat: add steam support (#497) 
* feat: add steam support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: wrong name

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-16 19:57:46 +08:00
Yixiang Zhao
4122c94205
feat: add pagination for LdapSyncPage and fix the bug Ldap auto-sync cannot disable (#496) 
* feat: add pagination for LdapSyncPage

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* fix: Ldap auto sync cannot disable

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-02-15 23:03:53 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Gucheng Wang
9024010081 Update demo site URL. 2022-02-13 20:47:34 +08:00
Yang Luo
07abe06332 Use utf8mb4 for DB encoding. 2022-02-11 22:38:56 +08:00
Rafael Firmino
47d1448c02
test: add step in gitHub action from running tests first (#476) 
* Add step for running tests in github actions

The test xlsx/xlsx_test.go is removed becout the path containing
file not exist.

* Fix error in test

* test: This test was supposed to test getUsers, but it does nothing

This test will be rewrite for using a clean database, today its
necessary create a syncer manualy for this test pass.

* Add syncer tests

* Fix Copyright position

* fix: back with test file
 2022-02-10 17:15:15 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00
Steve0x2a
f85f4c0cf8
feat: add infoflow idp support (#472) 
* feat: add infoflow internal backend support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* feat: add infoflow idp support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: copyright and comment

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-05 21:54:38 +08:00
Yang Luo
940aa2bc2d Add payment pages. 2022-02-05 20:13:15 +08:00
Gucheng Wang
19ed35f964 Add getOriginFromHost(). 2022-01-29 23:43:25 +08:00
Steve0x2a
3c2f7b7fc8
feat: add protection against attacks (#460) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-29 00:32:57 +08:00
Gucheng Wang
fbc73de3bb Support WeCom Internal sub type. 2022-01-28 23:57:54 +08:00
Gucheng Wang
479daf4fa4 Improve code format. 2022-01-28 17:45:41 +08:00
Steve0x2a
d129202b95
fix: no database check when using accessToken (#461) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-28 15:07:42 +08:00
Yixiang Zhao
5ec0c7a890
fix: fix the SQL injection vulnerability in field filter (#442) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-01-26 19:36:36 +08:00
Steve0x2a
051752340d
feat: add userinfo endpoint (#447) 
* feat: add userinfo endpoint

Signed-off-by: 0x2a <stevesough@gmail.com>

* feat: add scope support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: modify the endpoint of discovery

Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-26 11:56:01 +08:00
Steve0x2a
02c06bc93c
feat: add baidu support as idp (#438) 
* feat: add baidu support as idp

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: add license

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-01-22 19:36:44 +08:00
Steve0x2a
630b84f534
feat: add PKCE support (#434) 
* feat: add PKCE support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error output when challenge is empty

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-01-21 09:29:19 +08:00
Gucheng Wang
c22ab44894 Update import path. 2022-01-20 14:11:46 +08:00
hanpeng
c3fb48f473
fix: Add a configuration that can set the table prefix. There is no prefix by default (#432) 
* fix: Add a configuration that can set the table prefix. There is no prefix by default

* fix: Add a configuration that can set the table prefix. There is no prefix by default
 2022-01-20 13:50:20 +08:00
hanpeng
a111fd672c
fix: Add the configuration of whether to print SQL. The default value is false (#429) 2022-01-19 16:58:45 +08:00
Gucheng Wang
9fd175eefd Add ErrorText to syncer. 2022-01-17 21:17:42 +08:00
Gucheng Wang
d9bcce9485 Start syncer dynamically. 2022-01-17 20:09:29 +08:00