llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-07-02 11:20:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
2,802 Commits 28 Branches 1,283 Tags
568c0e2c3d28e33ce361cc0d97d1567afbeb936e
Commit Graph

89 Commits

Author SHA1 Message Date
Steve0x2a
2c97f8a8b7 feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Steve0x2a
274096fe9d fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00
Steve0x2a
3c2f7b7fc8 feat: add protection against attacks (#460) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-29 00:32:57 +08:00
Gucheng Wang
479daf4fa4 Improve code format. 2022-01-28 17:45:41 +08:00
Steve0x2a
d129202b95 fix: no database check when using accessToken (#461) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-28 15:07:42 +08:00
Yixiang Zhao
5ec0c7a890 fix: fix the SQL injection vulnerability in field filter (#442) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-01-26 19:36:36 +08:00
Steve0x2a
051752340d feat: add userinfo endpoint (#447) 
* feat: add userinfo endpoint

Signed-off-by: 0x2a <stevesough@gmail.com>

* feat: add scope support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: modify the endpoint of discovery

Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-26 11:56:01 +08:00
Steve0x2a
630b84f534 feat: add PKCE support (#434) 
* feat: add PKCE support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error output when challenge is empty

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-01-21 09:29:19 +08:00
Gucheng Wang
c22ab44894 Update import path. 2022-01-20 14:11:46 +08:00
Steve0x2a
ffc0a0e0d5 fix: refresh_token endpoint does not work (#410) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-01 15:20:49 +08:00
Yang Luo
5e8897e41b Make cert work. 2021-12-31 10:02:06 +08:00
Steve0x2a
4f124ff140 fix: refresh token does not return (#401) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2021-12-28 19:44:17 +08:00
Yixiang Zhao
10a85f2386 feat: add server-side search, filter and sorter for all pages (#388) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2021-12-25 10:55:10 +08:00
Yixiang Zhao
755d912f61 feat: add refresh token mechanism for server side (#336) 
* feat: add refresh token mechanism for server side

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* feat: add refresh token expire configuration UI

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2021-12-18 18:49:38 +08:00
Steve0x2a
98f6cc0085 feat: add OIDC feature support. (#373) 
1. add nonce parameter.
2. add sub in userinfo endpoint.

Signed-off-by: 0x2a <stevesough@gmail.com>
 2021-12-15 21:42:16 +08:00
Gucheng Wang
f4265d015a Improve user error handling. 2021-12-12 19:59:55 +08:00
Gucheng Wang
c8b8488797 Improve Redirect URI error message. 2021-12-04 00:40:21 +08:00
Товарищ программист
e888ff8475 fix: add id_token and support auth header (#338) 2021-11-28 18:54:58 +08:00
Yixiang Zhao
b1db47bad1 feat: add server-side pagination (#312) 
Signed-off-by: “seriouszyx” <seriouszyx@foxmail.com>
 2021-11-06 11:32:22 +08:00
Yang Luo
15786070bb Mask application for /api/get-app-login 2021-09-28 23:41:27 +08:00
sh1luo
a4edf47dc4 fix: improvde code logic (#285) 
Signed-off-by: sh1luo <690898835@qq.com>
 2021-09-04 22:20:47 +08:00
sh1luo
c632c3c307 fix: replace casdoor with casbin (#194) 
Signed-off-by: sh1luo <690898835@qq.com>
 2021-07-25 09:34:25 +08:00
Yang Luo
64f85fdc6c Fix get null object bug. 2021-06-21 01:09:02 +08:00
Kininaru
56be5f9a51 feat: authorize via clientId and clientSecret 
Signed-off-by: Kininaru <shiftregister233@outlook.com>
 2021-06-06 17:27:03 +08:00
Yang Luo
58c7a60220 Show error in AccessToken. 2021-06-01 22:03:04 +08:00
Yang Luo
fffada894c Add organization and user to token. 2021-05-04 22:36:05 +08:00
Yang Luo
79f1c62ff7 Move adapter.createTable() out, make engine public. 2021-05-02 10:34:31 +08:00
Yang Luo
0127f8fb63 Improve response message. 2021-03-28 10:36:47 +08:00
Yang Luo
d6715c7601 Improve API error handling. 2021-03-28 00:48:34 +08:00
Yang Luo
63a4066a8d Return code for /api/login 2021-03-20 13:05:34 +08:00
Yang Luo
9980ef1975 Add /api/get-app-login 2021-03-20 10:51:00 +08:00
Yang Luo
4e22e0523d Rename redirectUrl to redirectUri. 2021-03-15 00:01:21 +08:00
Yang Luo
df948e9e34 Fix JWT token bugs. 2021-03-14 23:08:08 +08:00
Yang Luo
f014554415 Generate real access token. 2021-03-14 22:48:09 +08:00
Yang Luo
1fd6ee388c Add /api/oauth/code API. 2021-03-14 18:18:03 +08:00
Yang Luo
202a94a8e5 Add /api/oauth/token API. 2021-03-14 00:18:11 +08:00
Yang Luo
85523fa9d4 Add token pages. 2021-03-14 00:00:29 +08:00