casdoor

mirror of https://github.com/casdoor/casdoor.git synced 2025-05-24 08:20:31 +08:00

Author	SHA1	Message	Date
Yixiang Zhao	d43d7d1ae9	feat: support master password for ldap user (#561 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-03-12 21:06:38 +08:00
Yang Luo	c906f1e5d2	Add user and state to payment pages.	2022-03-12 20:03:58 +08:00
Gucheng Wang	380cdc5f7e	fix: The top-right logout button sometimes disappears for small screen size (#544 )	2022-03-08 21:14:04 +08:00
Yixiang Zhao	8a9cc2eb8f	fix: change client_secret in refresh_token API as optional (#540 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-03-07 13:52:51 +08:00
Yang Luo	a4fc04474e	Add NotifyPayment API.	2022-03-07 00:33:45 +08:00
Yang Luo	bf5d4eea48	Add alipay provider.	2022-03-06 22:46:02 +08:00
Steve0x2a	1d0af9cf7b	fix: client_credentials' token miss some claims (#536 ) Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-03-04 22:57:31 +08:00
Nekotoxin	4d48517be9	fix: fix the No.0 bug(for all sign up methods) (#535 )	2022-03-04 13:06:21 +08:00
Leon	178cf7945d	feat: improve token introspection endpoint (#534 ) * feat: add introspection endpoint to oidc discovery endpoint * fix: let introspect endpoint handle formData as spec define. Signed-off-by: Leon <leondevlifelog@gmail.com>	2022-03-04 08:54:33 +08:00
Leon	ab5af979c8	feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532 ) Signed-off-by: Leon <leondevlifelog@gmail.com>	2022-03-03 17:48:47 +08:00
Yixiang Zhao	83a6b757a4	fix: password leakage vulnerability caused by pagination (#527 ) * fix: password leakage vulnerability caused by pagination Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: unsafe get-app-login response fields Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-03-02 20:58:16 +08:00
Steve0x2a	2a0dcd746f	feat: add token logout endpoint (#526 ) Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-03-02 20:37:31 +08:00
Steve0x2a	22f5ad06ec	fix: Make secret optional when using PKCE (#525 ) Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-03-02 13:15:14 +08:00
Steve0x2a	697b3e4998	feat: add implicit flow support (#520 ) * feat: add implicit flow support Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: idp support in implicit flow Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-03-01 19:09:59 +08:00
Nekotoxin	759a1421e5	feat: add the 'karma' prop to table User (#518 ) * feature: feat : add the 'karma' prop to table User * feat: add the 'karma' prop to table User	2022-02-28 16:25:09 +08:00
Gucheng Wang	c14bf9fdab	Fix bug in first name, last name checking	2022-02-28 13:17:05 +08:00
Yang Luo	e19f07c521	Add product detail page.	2022-02-27 23:50:35 +08:00
Yang Luo	39ab71c5db	Add product pages.	2022-02-27 20:09:19 +08:00
Steve0x2a	2c97f8a8b7	feat: add two authentication flow types (#512 ) * feat: add two authentication flow types Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: delete implicit method Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: use a more appropriate name Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: apply suggestion Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: remove redundant code Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-02-27 14:05:07 +08:00
Yang Luo	21392dcc14	Support user's first name and last name.	2022-02-27 14:02:52 +08:00
Yang Luo	953d3d5bc5	Change personal to real name.	2022-02-27 13:44:44 +08:00
Steve0x2a	cbc8c58e85	fix: oidc jwks endpoint only return default cert (#506 ) Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-02-21 23:17:16 +08:00
Steve0x2a	a33076ada4	feat: add AD-FS support (#505 ) Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-02-20 15:01:48 +08:00
Steve0x2a	274096fe9d	fix: empty iss return (#503 ) Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-02-18 12:36:11 +08:00
Steve0x2a	661abd6b6e	feat: add steam support (#497 ) * feat: add steam support Signed-off-by: 0x2a <stevesough@gmail.com> * fix: wrong name Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-02-16 19:57:46 +08:00
Yixiang Zhao	4122c94205	feat: add pagination for LdapSyncPage and fix the bug Ldap auto-sync cannot disable (#496 ) * feat: add pagination for LdapSyncPage Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com> * fix: Ldap auto sync cannot disable Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-02-15 23:03:53 +08:00
Gucheng Wang	db37f53d6c	Update license headers.	2022-02-13 23:39:27 +08:00
Gucheng Wang	9024010081	Update demo site URL.	2022-02-13 20:47:34 +08:00
Yang Luo	07abe06332	Use utf8mb4 for DB encoding.	2022-02-11 22:38:56 +08:00
Rafael Firmino	47d1448c02	test: add step in gitHub action from running tests first (#476 ) * Add step for running tests in github actions The test xlsx/xlsx_test.go is removed becout the path containing file not exist. * Fix error in test * test: This test was supposed to test getUsers, but it does nothing This test will be rewrite for using a clean database, today its necessary create a syncer manualy for this test pass. * Add syncer tests * Fix Copyright position * fix: back with test file	2022-02-10 17:15:15 +08:00
Yang Luo	612b5f5c2e	Improve message in GetOAuthToken().	2022-02-08 20:52:20 +08:00
Steve0x2a	f85f4c0cf8	feat: add infoflow idp support (#472 ) * feat: add infoflow internal backend support Signed-off-by: Steve0x2a <stevesough@gmail.com> * feat: add infoflow idp support Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: copyright and comment Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-02-05 21:54:38 +08:00
Yang Luo	940aa2bc2d	Add payment pages.	2022-02-05 20:13:15 +08:00
Gucheng Wang	19ed35f964	Add getOriginFromHost().	2022-01-29 23:43:25 +08:00
Steve0x2a	3c2f7b7fc8	feat: add protection against attacks (#460 ) Signed-off-by: 0x2a <stevesough@gmail.com>	2022-01-29 00:32:57 +08:00
Gucheng Wang	fbc73de3bb	Support WeCom Internal sub type.	2022-01-28 23:57:54 +08:00
Gucheng Wang	479daf4fa4	Improve code format.	2022-01-28 17:45:41 +08:00
Steve0x2a	d129202b95	fix: no database check when using accessToken (#461 ) Signed-off-by: 0x2a <stevesough@gmail.com>	2022-01-28 15:07:42 +08:00
Yixiang Zhao	5ec0c7a890	fix: fix the SQL injection vulnerability in field filter (#442 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-01-26 19:36:36 +08:00
Steve0x2a	051752340d	feat: add userinfo endpoint (#447 ) * feat: add userinfo endpoint Signed-off-by: 0x2a <stevesough@gmail.com> * feat: add scope support Signed-off-by: 0x2a <stevesough@gmail.com> * fix: modify the endpoint of discovery Signed-off-by: 0x2a <stevesough@gmail.com>	2022-01-26 11:56:01 +08:00
Steve0x2a	02c06bc93c	feat: add baidu support as idp (#438 ) * feat: add baidu support as idp Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: add license Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-01-22 19:36:44 +08:00
Steve0x2a	630b84f534	feat: add PKCE support (#434 ) * feat: add PKCE support Signed-off-by: Steve0x2a <stevesough@gmail.com> * fix: error output when challenge is empty Signed-off-by: Steve0x2a <stevesough@gmail.com>	2022-01-21 09:29:19 +08:00
Gucheng Wang	c22ab44894	Update import path.	2022-01-20 14:11:46 +08:00
hanpeng	c3fb48f473	fix: Add a configuration that can set the table prefix. There is no prefix by default (#432 ) * fix: Add a configuration that can set the table prefix. There is no prefix by default * fix: Add a configuration that can set the table prefix. There is no prefix by default	2022-01-20 13:50:20 +08:00
hanpeng	a111fd672c	fix: Add the configuration of whether to print SQL. The default value is false (#429 )	2022-01-19 16:58:45 +08:00
Gucheng Wang	9fd175eefd	Add ErrorText to syncer.	2022-01-17 21:17:42 +08:00
Gucheng Wang	d9bcce9485	Start syncer dynamically.	2022-01-17 20:09:29 +08:00
Gucheng Wang	d183b9eca9	Change syncer.SyncInterval to second-level.	2022-01-17 19:27:52 +08:00
Gucheng Wang	f24d9ae251	Don't update password in AddUsers().	2022-01-17 13:26:30 +08:00
Gucheng Wang	dee9bac110	Show signupApplication in user edit page.	2022-01-15 18:29:10 +08:00

1 2 3 4 5 ...

361 Commits