llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 18:54:03 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,254 Commits 27 Branches 1,253 Tags
Commit Graph

61 Commits

Author SHA1 Message Date
Yaodong Yu
b337b908ea
feat: fix the bug that admin cannot upload avatar for other users (#1323) 2022-11-25 09:36:47 +08:00
Mr Forest
d86f3c88c7
feat: support i18n in backend err messages (#1232) 
* feat: support i18n in backend err messages

* use gofumpt to fmt code

* fix review problems

* support auto generate err message

* delete beego/i18n moudle

* fix Github action test problems

* fix review problems

* use gofumpt to format code

* use gofumpt to fmt code
 2022-10-23 15:16:24 +08:00
cofecatt
4c7f6fda37
fix: Add restriction to username when signing up (#1203) 2022-10-10 19:58:02 +08:00
conghuhu
a383af0ebc
feat: fix token info not contains roles and permissions (#1060) 
* fix: fix token info not contains roles and permissions

feat: remove repeated code for obtaining roles and permissions in user controller

* Update user.go

* Update user.go

* Update token.go

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2022-08-24 01:41:26 +08:00
Ryao
6676cc8ff3
fix: add JTI name to JWT token (#989) 
* feat: add jti to jwt

* fix

* fix
 2022-08-11 14:32:47 +08:00
Mikey
79119760f2
style: golint (#988) 2022-08-09 16:50:49 +08:00
Mikey
802995ed16
refactor: remove WeChat unionId to properties (#985) 2022-08-08 18:43:12 +08:00
q1anx1
2ea58cd639
chore(style): use gofumpt to fmt go code (#967) 2022-08-07 12:26:14 +08:00
aecra
f0431701c9
fix: fix OAuth error response (#835) 
* fix: fix OAuth error response

* fix: provide more detailed error messages for TokenError
 2022-07-01 14:53:34 +08:00
疯魔慕薇
a6a055cc83
Fix: ExpiresIn of token should be seconds. (#676) 
Signed-off-by: 疯魔慕薇 <kfanjian@gmail.com>
 2022-04-18 10:57:51 +08:00
Yi Zhan
b92d03e2bb
feat: add wechat mini program support (#658) 
* feat: add wechat mini program support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: accept suggestions.

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error message and code level modification

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: simplify the use process

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-04-15 11:49:56 +08:00
Yi Zhan
9877174780
fix: add independent error message in token endpoint (#662) 
* fix: add independent error message in token endpoint

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: reduced use of variables

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error messages use the same variable

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-04-14 10:22:56 +08:00
Minh Ha
24459d852e
fix: comparing hashed password with plain text password during password grant (#627) 
* fix: use object.CheckPassword for password grant

* Apply suggestions from code review

fix: remove log per change request
 2022-03-30 00:37:38 +08:00
Yi Zhan
879ca6a488
fix: refresh_token api return old token (#623) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-27 23:10:05 +08:00
Yi Zhan
cd76e9372e
feat: delete the old token when refreshing token (#617) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-24 19:58:12 +08:00
Yixiang Zhao
8a9cc2eb8f
fix: change client_secret in refresh_token API as optional (#540) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-03-07 13:52:51 +08:00
Steve0x2a
1d0af9cf7b
fix: client_credentials' token miss some claims (#536) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-04 22:57:31 +08:00
Leon
178cf7945d
feat: improve token introspection endpoint (#534) 
* feat: add introspection endpoint to oidc discovery endpoint

* fix: let introspect endpoint handle formData as spec define.

Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-04 08:54:33 +08:00
Leon
ab5af979c8
feat: add Oauth 2.0 Token Introspection(rfc7662) endpoint support (#532) 
Signed-off-by: Leon <leondevlifelog@gmail.com>
 2022-03-03 17:48:47 +08:00
Steve0x2a
2a0dcd746f
feat: add token logout endpoint (#526) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 20:37:31 +08:00
Steve0x2a
22f5ad06ec
fix: Make secret optional when using PKCE (#525) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-02 13:15:14 +08:00
Steve0x2a
697b3e4998
feat: add implicit flow support (#520) 
* feat: add implicit flow support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: idp support in implicit flow

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-03-01 19:09:59 +08:00
Steve0x2a
2c97f8a8b7
feat: add two authentication flow types (#512) 
* feat: add two authentication flow types

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: delete implicit method

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: use a more appropriate name

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: apply suggestion

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: remove redundant code

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-27 14:05:07 +08:00
Steve0x2a
274096fe9d
fix: empty iss return (#503) 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-02-18 12:36:11 +08:00
Gucheng Wang
db37f53d6c Update license headers. 2022-02-13 23:39:27 +08:00
Yang Luo
612b5f5c2e Improve message in GetOAuthToken(). 2022-02-08 20:52:20 +08:00
Steve0x2a
3c2f7b7fc8
feat: add protection against attacks (#460) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-29 00:32:57 +08:00
Gucheng Wang
479daf4fa4 Improve code format. 2022-01-28 17:45:41 +08:00
Steve0x2a
d129202b95
fix: no database check when using accessToken (#461) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-28 15:07:42 +08:00
Yixiang Zhao
5ec0c7a890
fix: fix the SQL injection vulnerability in field filter (#442) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2022-01-26 19:36:36 +08:00
Steve0x2a
051752340d
feat: add userinfo endpoint (#447) 
* feat: add userinfo endpoint

Signed-off-by: 0x2a <stevesough@gmail.com>

* feat: add scope support

Signed-off-by: 0x2a <stevesough@gmail.com>

* fix: modify the endpoint of discovery

Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-26 11:56:01 +08:00
Steve0x2a
630b84f534
feat: add PKCE support (#434) 
* feat: add PKCE support

Signed-off-by: Steve0x2a <stevesough@gmail.com>

* fix: error output when challenge is empty

Signed-off-by: Steve0x2a <stevesough@gmail.com>
 2022-01-21 09:29:19 +08:00
Gucheng Wang
c22ab44894 Update import path. 2022-01-20 14:11:46 +08:00
Steve0x2a
ffc0a0e0d5
fix: refresh_token endpoint does not work (#410) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2022-01-01 15:20:49 +08:00
Yang Luo
5e8897e41b Make cert work. 2021-12-31 10:02:06 +08:00
Steve0x2a
4f124ff140
fix: refresh token does not return (#401) 
Signed-off-by: 0x2a <stevesough@gmail.com>
 2021-12-28 19:44:17 +08:00
Yixiang Zhao
10a85f2386
feat: add server-side search, filter and sorter for all pages (#388) 
Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

Co-authored-by: Yang Luo <hsluoyz@qq.com>
 2021-12-25 10:55:10 +08:00
Yixiang Zhao
755d912f61
feat: add refresh token mechanism for server side (#336) 
* feat: add refresh token mechanism for server side

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>

* feat: add refresh token expire configuration UI

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
 2021-12-18 18:49:38 +08:00
Steve0x2a
98f6cc0085
feat: add OIDC feature support. (#373) 
1. add nonce parameter.
2. add sub in userinfo endpoint.

Signed-off-by: 0x2a <stevesough@gmail.com>
 2021-12-15 21:42:16 +08:00
Gucheng Wang
f4265d015a Improve user error handling. 2021-12-12 19:59:55 +08:00
Gucheng Wang
c8b8488797 Improve Redirect URI error message. 2021-12-04 00:40:21 +08:00
Товарищ программист
e888ff8475 fix: add id_token and support auth header (#338) 2021-11-28 18:54:58 +08:00
Yixiang Zhao
b1db47bad1
feat: add server-side pagination (#312) 
Signed-off-by: “seriouszyx” <seriouszyx@foxmail.com>
 2021-11-06 11:32:22 +08:00
Yang Luo
15786070bb Mask application for /api/get-app-login 2021-09-28 23:41:27 +08:00
sh1luo
a4edf47dc4
fix: improvde code logic (#285) 
Signed-off-by: sh1luo <690898835@qq.com>
 2021-09-04 22:20:47 +08:00
sh1luo
c632c3c307
fix: replace casdoor with casbin (#194) 
Signed-off-by: sh1luo <690898835@qq.com>
 2021-07-25 09:34:25 +08:00
Yang Luo
64f85fdc6c Fix get null object bug. 2021-06-21 01:09:02 +08:00
Kininaru
56be5f9a51 feat: authorize via clientId and clientSecret 
Signed-off-by: Kininaru <shiftregister233@outlook.com>
 2021-06-06 17:27:03 +08:00
Yang Luo
58c7a60220 Show error in AccessToken. 2021-06-01 22:03:04 +08:00
Yang Luo
fffada894c Add organization and user to token. 2021-05-04 22:36:05 +08:00