feat: support "All" in organization's country codes (#3264)

* feat: add PasswordObfuscator to the login API

* fix: change key error message

* fix: remove unnecessary change

* fix: fix one

* fix: fix two

* fix: fix three

* fix: fix five

* fix: disable organization update when key is invalid

* fix: fix six

* fix: use Form.Item to control key

* fix: update obfuscator.js

* Update obfuscator.go

* Update obfuscator.go

* Update auth.go

* fix: remove real-time key monitoring

---------

Co-authored-by: Yang Luo <hsluoyz@qq.com>

README.md

@@ -13,7 +13,7 @@
   <a href="https://github.com/casdoor/casdoor/releases/latest">
     <img alt="GitHub Release" src="https://img.shields.io/github/v/release/casdoor/casdoor.svg">
   </a>
-  <a href="https://hub.docker.com/repository/docker/casbin/casdoor">
+  <a href="https://hub.docker.com/r/casbin/casdoor">
     <img alt="Docker Image Version (latest semver)" src="https://img.shields.io/badge/Docker%20Hub-latest-brightgreen">
   </a>
 </p>

authz/authz.go

@@ -77,6 +77,7 @@ p, *, *, POST, /api/verify-code, *, *
 p, *, *, POST, /api/reset-email-or-phone, *, *
 p, *, *, POST, /api/upload-resource, *, *
 p, *, *, GET, /.well-known/openid-configuration, *, *
+p, *, *, GET, /.well-known/webfinger, *, *
 p, *, *, *, /.well-known/jwks, *, *
 p, *, *, GET, /api/get-saml-login, *, *
 p, *, *, POST, /api/acs, *, *

conf/app.conf

@@ -23,6 +23,7 @@ isDemoMode = false
 batchSize = 100
 enableErrorMask = false
 enableGzip = true
+inactiveTimeoutMinutes =
 ldapServerPort = 389
 radiusServerPort = 1812
 radiusSecret = "secret"

controllers/account.go

@@ -200,6 +200,10 @@ func (c *ApiController) Signup() {
 		Type:              userType,
 		Password:          authForm.Password,
 		DisplayName:       authForm.Name,
+		Gender:            authForm.Gender,
+		Bio:               authForm.Bio,
+		Tag:               authForm.Tag,
+		Education:         authForm.Education,
 		Avatar:            organization.DefaultAvatar,
 		Email:             authForm.Email,
 		Phone:             authForm.Phone,

controllers/auth.go

@@ -463,6 +463,15 @@ func (c *ApiController) Login() {
 			}
 
 			password := authForm.Password
+
+			if application.OrganizationObj != nil {
+				password, err = util.GetUnobfuscatedPassword(application.OrganizationObj.PasswordObfuscatorType, application.OrganizationObj.PasswordObfuscatorKey, authForm.Password)
+				if err != nil {
+					c.ResponseError(err.Error())
+					return
+				}
+			}
+
 			isSigninViaLdap := authForm.SigninMethod == "LDAP"
 			var isPasswordWithLdapEnabled bool
 			if authForm.SigninMethod == "Password" {

controllers/oidc_discovery.go

@@ -14,7 +14,11 @@
 
 package controllers
 
-import "github.com/casdoor/casdoor/object"
+import (
+	"strings"
+
+	"github.com/casdoor/casdoor/object"
+)
 
 // GetOidcDiscovery
 // @Title GetOidcDiscovery
@@ -42,3 +46,31 @@ func (c *RootController) GetJwks() {
 	c.Data["json"] = jwks
 	c.ServeJSON()
 }
+
+// GetWebFinger
+// @Title GetWebFinger
+// @Tag OIDC API
+// @Param resource query string true "resource"
+// @Success 200 {object} object.WebFinger
+// @router /.well-known/webfinger [get]
+func (c *RootController) GetWebFinger() {
+	resource := c.Input().Get("resource")
+	rels := []string{}
+	host := c.Ctx.Request.Host
+
+	for key, value := range c.Input() {
+		if strings.HasPrefix(key, "rel") {
+			rels = append(rels, value...)
+		}
+	}
+
+	webfinger, err := object.GetWebFinger(resource, rels, host)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
+	c.Data["json"] = webfinger
+	c.Ctx.Output.ContentType("application/jrd+json")
+	c.ServeJSON()
+}

controllers/organization.go

@@ -65,7 +65,7 @@ func (c *ApiController) GetOrganizations() {
 			c.ResponseOk(organizations)
 		} else {
 			limit := util.ParseInt(limit)
-			count, err := object.GetOrganizationCount(owner, field, value)
+			count, err := object.GetOrganizationCount(owner, organizationName, field, value)
 			if err != nil {
 				c.ResponseError(err.Error())
 				return
@@ -138,7 +138,7 @@ func (c *ApiController) AddOrganization() {
 		return
 	}
 
-	count, err := object.GetOrganizationCount("", "", "")
+	count, err := object.GetOrganizationCount("", "", "", "")
 	if err != nil {
 		c.ResponseError(err.Error())
 		return

controllers/user.go

@@ -410,6 +410,12 @@ func (c *ApiController) GetEmailAndPhone() {
 	organization := c.Ctx.Request.Form.Get("organization")
 	username := c.Ctx.Request.Form.Get("username")
 
+	enableErrorMask2 := conf.GetConfigBool("enableErrorMask2")
+	if enableErrorMask2 {
+		c.ResponseError("Error")
+		return
+	}
+
 	user, err := object.GetUserByFields(organization, username)
 	if err != nil {
 		c.ResponseError(err.Error())

controllers/util.go

@@ -45,6 +45,15 @@ func (c *ApiController) ResponseOk(data ...interface{}) {
 
 // ResponseError ...
 func (c *ApiController) ResponseError(error string, data ...interface{}) {
+	enableErrorMask2 := conf.GetConfigBool("enableErrorMask2")
+	if enableErrorMask2 {
+		error = c.T("subscription:Error")
+
+		resp := &Response{Status: "error", Msg: error}
+		c.ResponseJsonData(resp, data...)
+		return
+	}
+
 	enableErrorMask := conf.GetConfigBool("enableErrorMask")
 	if enableErrorMask {
 		if strings.HasPrefix(error, "The user: ") && strings.HasSuffix(error, " doesn't exist") || strings.HasPrefix(error, "用户: ") && strings.HasSuffix(error, "不存在") {

form/auth.go

@@ -26,6 +26,10 @@ type AuthForm struct {
 	Name           string `json:"name"`
 	FirstName      string `json:"firstName"`
 	LastName       string `json:"lastName"`
+	Gender         string `json:"gender"`
+	Bio            string `json:"bio"`
+	Tag            string `json:"tag"`
+	Education      string `json:"education"`
 	Email          string `json:"email"`
 	Phone          string `json:"phone"`
 	Affiliation    string `json:"affiliation"`

idp/alipay.go

@@ -200,7 +200,7 @@ func (idp *AlipayIdProvider) postWithBody(body interface{}, targetUrl string) ([
 
 	formData.Set("sign", sign)
 
-	resp, err := idp.Client.PostForm(targetUrl, formData)
+	resp, err := idp.Client.Post(targetUrl, "application/x-www-form-urlencoded;charset=utf-8", strings.NewReader(formData.Encode()))
 	if err != nil {
 		return nil, err
 	}

main.go

@@ -56,6 +56,7 @@ func main() {
 	beego.InsertFilter("*", beego.BeforeRouter, routers.StaticFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.AutoSigninFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.CorsFilter)
+	beego.InsertFilter("*", beego.BeforeRouter, routers.TimeoutFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.ApiFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.PrometheusFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.RecordMessage)
@@ -71,6 +72,7 @@ func main() {
 		beego.BConfig.WebConfig.Session.SessionProviderConfig = conf.GetConfigString("redisEndpoint")
 	}
 	beego.BConfig.WebConfig.Session.SessionCookieLifeTime = 3600 * 24 * 30
+	beego.BConfig.WebConfig.Session.SessionGCMaxLifetime = 3600 * 24 * 30
 	// beego.BConfig.WebConfig.Session.SessionCookieSameSite = http.SameSiteNoneMode
 
 	err := logs.SetLogger(logs.AdapterFile, conf.GetConfigString("logConfig"))

object/application.go

@@ -31,15 +31,17 @@ type SigninMethod struct {
 }
 
 type SignupItem struct {
-	Name        string `json:"name"`
-	Visible     bool   `json:"visible"`
-	Required    bool   `json:"required"`
-	Prompted    bool   `json:"prompted"`
-	CustomCss   string `json:"customCss"`
-	Label       string `json:"label"`
-	Placeholder string `json:"placeholder"`
-	Regex       string `json:"regex"`
-	Rule        string `json:"rule"`
+	Name        string   `json:"name"`
+	Visible     bool     `json:"visible"`
+	Required    bool     `json:"required"`
+	Prompted    bool     `json:"prompted"`
+	Type        string   `json:"type"`
+	CustomCss   string   `json:"customCss"`
+	Label       string   `json:"label"`
+	Placeholder string   `json:"placeholder"`
+	Options     []string `json:"options"`
+	Regex       string   `json:"regex"`
+	Rule        string   `json:"rule"`
 }
 
 type SigninItem struct {
@@ -78,13 +80,14 @@ type Application struct {
 	EnableSamlCompress    bool            `json:"enableSamlCompress"`
 	EnableSamlC14n10      bool            `json:"enableSamlC14n10"`
 	EnableSamlPostBinding bool            `json:"enableSamlPostBinding"`
+	UseEmailAsSamlNameId  bool            `json:"useEmailAsSamlNameId"`
 	EnableWebAuthn        bool            `json:"enableWebAuthn"`
 	EnableLinkWithEmail   bool            `json:"enableLinkWithEmail"`
 	OrgChoiceMode         string          `json:"orgChoiceMode"`
 	SamlReplyUrl          string          `xorm:"varchar(100)" json:"samlReplyUrl"`
 	Providers             []*ProviderItem `xorm:"mediumtext" json:"providers"`
 	SigninMethods         []*SigninMethod `xorm:"varchar(2000)" json:"signinMethods"`
-	SignupItems           []*SignupItem   `xorm:"varchar(2000)" json:"signupItems"`
+	SignupItems           []*SignupItem   `xorm:"varchar(3000)" json:"signupItems"`
 	SigninItems           []*SigninItem   `xorm:"mediumtext" json:"signinItems"`
 	GrantTypes            []string        `xorm:"varchar(1000)" json:"grantTypes"`
 	OrganizationObj       *Organization   `xorm:"-" json:"organizationObj"`
@@ -531,7 +534,7 @@ func GetMaskedApplication(application *Application, userId string) *Application
 
 	providerItems := []*ProviderItem{}
 	for _, providerItem := range application.Providers {
-		if providerItem.Provider != nil && (providerItem.Provider.Category == "OAuth" || providerItem.Provider.Category == "Web3" || providerItem.Provider.Category == "Captcha") {
+		if providerItem.Provider != nil && (providerItem.Provider.Category == "OAuth" || providerItem.Provider.Category == "Web3" || providerItem.Provider.Category == "Captcha" || providerItem.Provider.Category == "SAML") {
 			providerItems = append(providerItems, providerItem)
 		}
 	}

object/init_data.go

@@ -182,6 +182,9 @@ func readInitDataFromFile(filePath string) (*InitData, error) {
 		if organization.Tags == nil {
 			organization.Tags = []string{}
 		}
+		if organization.AccountItems == nil {
+			organization.AccountItems = []*AccountItem{}
+		}
 	}
 	for _, application := range data.Applications {
 		if application.Providers == nil {
@@ -275,7 +278,9 @@ func initDefinedOrganization(organization *Organization) {
 		}
 	}
 	organization.CreatedTime = util.GetCurrentTime()
-	organization.AccountItems = getBuiltInAccountItems()
+	if len(organization.AccountItems) == 0 {
+		organization.AccountItems = getBuiltInAccountItems()
+	}
 
 	_, err = AddOrganization(organization)
 	if err != nil {

object/oidc_discovery.go

@@ -44,6 +44,18 @@ type OidcDiscovery struct {
 	EndSessionEndpoint                     string   `json:"end_session_endpoint"`
 }
 
+type WebFinger struct {
+	Subject    string             `json:"subject"`
+	Links      []WebFingerLink    `json:"links"`
+	Aliases    *[]string          `json:"aliases,omitempty"`
+	Properties *map[string]string `json:"properties,omitempty"`
+}
+
+type WebFingerLink struct {
+	Rel  string `json:"rel"`
+	Href string `json:"href"`
+}
+
 func isIpAddress(host string) bool {
 	// Attempt to split the host and port, ignoring the error
 	hostWithoutPort, _, err := net.SplitHostPort(host)
@@ -160,3 +172,43 @@ func GetJsonWebKeySet() (jose.JSONWebKeySet, error) {
 
 	return jwks, nil
 }
+
+func GetWebFinger(resource string, rels []string, host string) (WebFinger, error) {
+	wf := WebFinger{}
+
+	resourceSplit := strings.Split(resource, ":")
+
+	if len(resourceSplit) != 2 {
+		return wf, fmt.Errorf("invalid resource")
+	}
+
+	resourceType := resourceSplit[0]
+	resourceValue := resourceSplit[1]
+
+	oidcDiscovery := GetOidcDiscovery(host)
+
+	switch resourceType {
+	case "acct":
+		user, err := GetUserByEmailOnly(resourceValue)
+		if err != nil {
+			return wf, err
+		}
+
+		if user == nil {
+			return wf, fmt.Errorf("user not found")
+		}
+
+		wf.Subject = resource
+
+		for _, rel := range rels {
+			if rel == "http://openid.net/specs/connect/1.0/issuer" {
+				wf.Links = append(wf.Links, WebFingerLink{
+					Rel:  "http://openid.net/specs/connect/1.0/issuer",
+					Href: oidcDiscovery.Issuer,
+				})
+			}
+		}
+	}
+
+	return wf, nil
+}

object/organization.go

@@ -56,10 +56,12 @@ type Organization struct {
 	WebsiteUrl             string     `xorm:"varchar(100)" json:"websiteUrl"`
 	Logo                   string     `xorm:"varchar(200)" json:"logo"`
 	LogoDark               string     `xorm:"varchar(200)" json:"logoDark"`
-	Favicon                string     `xorm:"varchar(100)" json:"favicon"`
+	Favicon                string     `xorm:"varchar(200)" json:"favicon"`
 	PasswordType           string     `xorm:"varchar(100)" json:"passwordType"`
 	PasswordSalt           string     `xorm:"varchar(100)" json:"passwordSalt"`
 	PasswordOptions        []string   `xorm:"varchar(100)" json:"passwordOptions"`
+	PasswordObfuscatorType string     `xorm:"varchar(100)" json:"passwordObfuscatorType"`
+	PasswordObfuscatorKey  string     `xorm:"varchar(100)" json:"passwordObfuscatorKey"`
 	CountryCodes           []string   `xorm:"varchar(200)"  json:"countryCodes"`
 	DefaultAvatar          string     `xorm:"varchar(200)" json:"defaultAvatar"`
 	DefaultApplication     string     `xorm:"varchar(100)" json:"defaultApplication"`
@@ -79,9 +81,9 @@ type Organization struct {
 	AccountItems []*AccountItem `xorm:"varchar(5000)" json:"accountItems"`
 }
 
-func GetOrganizationCount(owner, field, value string) (int64, error) {
+func GetOrganizationCount(owner, name, field, value string) (int64, error) {
 	session := GetSession(owner, -1, -1, field, value, "", "")
-	return session.Count(&Organization{})
+	return session.Count(&Organization{Name: name})
 }
 
 func GetOrganizations(owner string, name ...string) ([]*Organization, error) {

object/saml_idp.go

@@ -65,7 +65,11 @@ func NewSamlResponse(application *Application, user *User, host string, certific
 	assertion.CreateAttr("IssueInstant", now)
 	assertion.CreateElement("saml:Issuer").SetText(host)
 	subject := assertion.CreateElement("saml:Subject")
-	subject.CreateElement("saml:NameID").SetText(user.Name)
+	nameIDValue := user.Name
+	if application.UseEmailAsSamlNameId {
+		nameIDValue = user.Email
+	}
+	subject.CreateElement("saml:NameID").SetText(nameIDValue)
 	subjectConfirmation := subject.CreateElement("saml:SubjectConfirmation")
 	subjectConfirmation.CreateAttr("Method", "urn:oasis:names:tc:SAML:2.0:cm:bearer")
 	subjectConfirmationData := subjectConfirmation.CreateElement("saml:SubjectConfirmationData")
@@ -184,17 +188,17 @@ type NameIDFormat struct {
 }
 
 type SingleSignOnService struct {
-	XMLName  xml.Name
+	// XMLName  xml.Name
 	Binding  string `xml:"Binding,attr"`
 	Location string `xml:"Location,attr"`
 }
 
 type Attribute struct {
 	// XMLName      xml.Name
+	Xmlns        string   `xml:"xmlns,attr"`
 	Name         string   `xml:"Name,attr"`
 	NameFormat   string   `xml:"NameFormat,attr"`
 	FriendlyName string   `xml:"FriendlyName,attr"`
-	Xmlns        string   `xml:"xmlns,attr"`
 	Values       []string `xml:"AttributeValue"`
 }
 
@@ -386,7 +390,7 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 }
 
 // NewSamlResponse11 return a saml1.1 response(not 2.0)
-func NewSamlResponse11(user *User, requestID string, host string) (*etree.Element, error) {
+func NewSamlResponse11(application *Application, user *User, requestID string, host string) (*etree.Element, error) {
 	samlResponse := &etree.Element{
 		Space: "samlp",
 		Tag:   "Response",
@@ -430,7 +434,11 @@ func NewSamlResponse11(user *User, requestID string, host string) (*etree.Elemen
 	// nameIdentifier inside subject
 	nameIdentifier := subject.CreateElement("saml:NameIdentifier")
 	// nameIdentifier.CreateAttr("Format", "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress")
-	nameIdentifier.SetText(user.Name)
+	if application.UseEmailAsSamlNameId {
+		nameIdentifier.SetText(user.Email)
+	} else {
+		nameIdentifier.SetText(user.Name)
+	}
 
 	// subjectConfirmation inside subject
 	subjectConfirmation := subject.CreateElement("saml:SubjectConfirmation")
@@ -439,7 +447,11 @@ func NewSamlResponse11(user *User, requestID string, host string) (*etree.Elemen
 	attributeStatement := assertion.CreateElement("saml:AttributeStatement")
 	subjectInAttribute := attributeStatement.CreateElement("saml:Subject")
 	nameIdentifierInAttribute := subjectInAttribute.CreateElement("saml:NameIdentifier")
-	nameIdentifierInAttribute.SetText(user.Name)
+	if application.UseEmailAsSamlNameId {
+		nameIdentifierInAttribute.SetText(user.Email)
+	} else {
+		nameIdentifierInAttribute.SetText(user.Name)
+	}
 
 	subjectConfirmationInAttribute := subjectInAttribute.CreateElement("saml:SubjectConfirmation")
 	subjectConfirmationInAttribute.CreateElement("saml:ConfirmationMethod").SetText("urn:oasis:names:tc:SAML:1.0:cm:artifact")

object/token_cas.go

@@ -281,7 +281,7 @@ func GetValidationBySaml(samlRequest string, host string) (string, string, error
 		return "", "", fmt.Errorf("the application for user %s is not found", userId)
 	}
 
-	samlResponse, err := NewSamlResponse11(user, request.RequestID, host)
+	samlResponse, err := NewSamlResponse11(application, user, request.RequestID, host)
 	if err != nil {
 		return "", "", err
 	}

object/user.go

@@ -950,7 +950,17 @@ func DeleteUser(user *User) (bool, error) {
 		return false, err
 	}
 
-	return deleteUser(user)
+	organization, err := GetOrganizationByUser(user)
+	if err != nil {
+		return false, err
+	}
+	if organization != nil && organization.EnableSoftDeletion {
+		user.IsDeleted = true
+		user.DeletedTime = util.GetCurrentTime()
+		return UpdateUser(user.GetId(), user, []string{"is_deleted", "deleted_time"}, false)
+	} else {
+		return deleteUser(user)
+	}
 }
 
 func GetUserInfo(user *User, scope string, aud string, host string) (*Userinfo, error) {

object/user_util.go

@@ -271,113 +271,213 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
 
 	if oldUser.Owner != newUser.Owner {
 		item := GetAccountItemByName("Organization", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Owner = oldUser.Owner
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Name != newUser.Name {
 		item := GetAccountItemByName("Name", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Name = oldUser.Name
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Id != newUser.Id {
 		item := GetAccountItemByName("ID", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Id = oldUser.Id
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.DisplayName != newUser.DisplayName {
 		item := GetAccountItemByName("Display name", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.DisplayName = oldUser.DisplayName
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Avatar != newUser.Avatar {
 		item := GetAccountItemByName("Avatar", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Avatar = oldUser.Avatar
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Type != newUser.Type {
 		item := GetAccountItemByName("User type", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Type = oldUser.Type
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	// The password is *** when not modified
 	if oldUser.Password != newUser.Password && newUser.Password != "***" {
 		item := GetAccountItemByName("Password", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Password = oldUser.Password
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Email != newUser.Email {
 		item := GetAccountItemByName("Email", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Email = oldUser.Email
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Phone != newUser.Phone {
 		item := GetAccountItemByName("Phone", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Phone = oldUser.Phone
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.CountryCode != newUser.CountryCode {
 		item := GetAccountItemByName("Country code", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.CountryCode = oldUser.CountryCode
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Region != newUser.Region {
 		item := GetAccountItemByName("Country/Region", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Region = oldUser.Region
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Location != newUser.Location {
 		item := GetAccountItemByName("Location", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Location = oldUser.Location
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Affiliation != newUser.Affiliation {
 		item := GetAccountItemByName("Affiliation", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Affiliation = oldUser.Affiliation
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Title != newUser.Title {
 		item := GetAccountItemByName("Title", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Title = oldUser.Title
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Homepage != newUser.Homepage {
 		item := GetAccountItemByName("Homepage", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Homepage = oldUser.Homepage
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Bio != newUser.Bio {
 		item := GetAccountItemByName("Bio", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Bio = oldUser.Bio
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.Tag != newUser.Tag {
 		item := GetAccountItemByName("Tag", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Tag = oldUser.Tag
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.SignupApplication != newUser.SignupApplication {
 		item := GetAccountItemByName("Signup application", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.SignupApplication = oldUser.SignupApplication
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Gender != newUser.Gender {
 		item := GetAccountItemByName("Gender", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Gender = oldUser.Gender
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Birthday != newUser.Birthday {
 		item := GetAccountItemByName("Birthday", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Birthday = oldUser.Birthday
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Education != newUser.Education {
 		item := GetAccountItemByName("Education", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Education = oldUser.Education
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.IdCard != newUser.IdCard {
 		item := GetAccountItemByName("ID card", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.IdCard = oldUser.IdCard
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.IdCardType != newUser.IdCardType {
 		item := GetAccountItemByName("ID card type", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.IdCardType = oldUser.IdCardType
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	oldUserPropertiesJson, _ := json.Marshal(oldUser.Properties)
 	newUserPropertiesJson, _ := json.Marshal(newUser.Properties)
 	if string(oldUserPropertiesJson) != string(newUserPropertiesJson) {
 		item := GetAccountItemByName("Properties", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Properties = oldUser.Properties
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.PreferredMfaType != newUser.PreferredMfaType {
 		item := GetAccountItemByName("Multi-factor authentication", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.PreferredMfaType = oldUser.PreferredMfaType
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Groups == nil {
@@ -390,7 +490,11 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
 	newUserGroupsJson, _ := json.Marshal(newUser.Groups)
 	if string(oldUserGroupsJson) != string(newUserGroupsJson) {
 		item := GetAccountItemByName("Groups", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Groups = oldUser.Groups
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Address == nil {
@@ -404,65 +508,117 @@ func CheckPermissionForUpdateUser(oldUser, newUser *User, isAdmin bool, lang str
 	newUserAddressJson, _ := json.Marshal(newUser.Address)
 	if string(oldUserAddressJson) != string(newUserAddressJson) {
 		item := GetAccountItemByName("Address", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Address = oldUser.Address
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if newUser.FaceIds != nil {
 		item := GetAccountItemByName("Face ID", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.FaceIds = oldUser.FaceIds
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.IsAdmin != newUser.IsAdmin {
 		item := GetAccountItemByName("Is admin", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.IsAdmin = oldUser.IsAdmin
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.IsForbidden != newUser.IsForbidden {
 		item := GetAccountItemByName("Is forbidden", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.IsForbidden = oldUser.IsForbidden
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.IsDeleted != newUser.IsDeleted {
 		item := GetAccountItemByName("Is deleted", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.IsDeleted = oldUser.IsDeleted
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 	if oldUser.NeedUpdatePassword != newUser.NeedUpdatePassword {
 		item := GetAccountItemByName("Need update password", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.NeedUpdatePassword = oldUser.NeedUpdatePassword
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Balance != newUser.Balance {
 		item := GetAccountItemByName("Balance", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Balance = oldUser.Balance
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Score != newUser.Score {
 		item := GetAccountItemByName("Score", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Score = oldUser.Score
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Karma != newUser.Karma {
 		item := GetAccountItemByName("Karma", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Karma = oldUser.Karma
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Language != newUser.Language {
 		item := GetAccountItemByName("Language", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Language = oldUser.Language
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Ranking != newUser.Ranking {
 		item := GetAccountItemByName("Ranking", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Ranking = oldUser.Ranking
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Currency != newUser.Currency {
 		item := GetAccountItemByName("Currency", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Currency = oldUser.Currency
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	if oldUser.Hash != newUser.Hash {
 		item := GetAccountItemByName("Hash", organization)
-		itemsChanged = append(itemsChanged, item)
+		if item == nil {
+			newUser.Hash = oldUser.Hash
+		} else {
+			itemsChanged = append(itemsChanged, item)
+		}
 	}
 
 	for _, accountItem := range itemsChanged {

object/verification.go

@@ -166,19 +166,76 @@ func AddToVerificationRecord(user *User, provider *Provider, remoteAddr, recordT
 	return nil
 }
 
+func filterRecordIn24Hours(record *VerificationRecord) *VerificationRecord {
+	if record == nil {
+		return nil
+	}
+
+	now := time.Now().Unix()
+	if now-record.Time > 60*60*24 {
+		return nil
+	}
+
+	return record
+}
+
 func getVerificationRecord(dest string) (*VerificationRecord, error) {
-	var record VerificationRecord
+	record := &VerificationRecord{}
 	record.Receiver = dest
 
-	has, err := ormer.Engine.Desc("time").Where("is_used = false").Get(&record)
+	has, err := ormer.Engine.Desc("time").Where("is_used = false").Get(record)
 	if err != nil {
 		return nil, err
 	}
+
+	record = filterRecordIn24Hours(record)
+	if record == nil {
+		has = false
+	}
+
+	if !has {
+		record = &VerificationRecord{}
+		record.Receiver = dest
+
+		has, err = ormer.Engine.Desc("time").Get(record)
+		if err != nil {
+			return nil, err
+		}
+
+		record = filterRecordIn24Hours(record)
+		if record == nil {
+			has = false
+		}
+
+		if !has {
+			return nil, nil
+		}
+
+		return record, nil
+	}
+
+	return record, nil
+}
+
+func getUnusedVerificationRecord(dest string) (*VerificationRecord, error) {
+	record := &VerificationRecord{}
+	record.Receiver = dest
+
+	has, err := ormer.Engine.Desc("time").Where("is_used = false").Get(record)
+	if err != nil {
+		return nil, err
+	}
+
+	record = filterRecordIn24Hours(record)
+	if record == nil {
+		has = false
+	}
+
 	if !has {
 		return nil, nil
 	}
 
-	return &record, nil
+	return record, nil
 }
 
 func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult, error) {
@@ -187,7 +244,9 @@ func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult
 		return nil, err
 	}
 	if record == nil {
-		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:The verification code has not been sent yet, or has already been used!")}, nil
+		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:The verification code has not been sent yet!")}, nil
+	} else if record.IsUsed {
+		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:The verification code has already been used!")}, nil
 	}
 
 	timeoutInMinutes, err := conf.GetConfigInt64("verificationCodeTimeout")
@@ -196,9 +255,6 @@ func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult
 	}
 
 	now := time.Now().Unix()
-	if now-record.Time > timeoutInMinutes*60*10 {
-		return &VerifyResult{noRecordError, i18n.Translate(lang, "verification:The verification code has not been sent yet!")}, nil
-	}
 	if now-record.Time > timeoutInMinutes*60 {
 		return &VerifyResult{timeoutError, fmt.Sprintf(i18n.Translate(lang, "verification:You should verify your code in %d min!"), timeoutInMinutes)}, nil
 	}
@@ -211,7 +267,7 @@ func CheckVerificationCode(dest string, code string, lang string) (*VerifyResult
 }
 
 func DisableVerificationCode(dest string) error {
-	record, err := getVerificationRecord(dest)
+	record, err := getUnusedVerificationRecord(dest)
 	if record == nil || err != nil {
 		return nil
 	}

routers/cors_filter.go

@@ -48,6 +48,10 @@ func CorsFilter(ctx *context.Context) {
 	originHostname := getHostname(origin)
 	host := removePort(ctx.Request.Host)
 
+	if origin == "null" {
+		origin = ""
+	}
+
 	if strings.HasPrefix(origin, "http://localhost") || strings.HasPrefix(origin, "https://localhost") || strings.HasPrefix(origin, "http://127.0.0.1") || strings.HasPrefix(origin, "http://casdoor-app") || strings.Contains(origin, ".chromiumapp.org") {
 		setCorsHeaders(ctx, origin)
 		return

routers/router.go

@@ -290,6 +290,7 @@ func initAPI() {
 
 	beego.Router("/.well-known/openid-configuration", &controllers.RootController{}, "GET:GetOidcDiscovery")
 	beego.Router("/.well-known/jwks", &controllers.RootController{}, "*:GetJwks")
+	beego.Router("/.well-known/webfinger", &controllers.RootController{}, "GET:GetWebFinger")
 
 	beego.Router("/cas/:organization/:application/serviceValidate", &controllers.RootController{}, "GET:CasServiceValidate")
 	beego.Router("/cas/:organization/:application/proxyValidate", &controllers.RootController{}, "GET:CasProxyValidate")

routers/static_filter.go

@@ -43,6 +43,10 @@ func getWebBuildFolder() string {
 		return path
 	}
 
+	if util.FileExist(filepath.Join(frontendBaseDir, "index.html")) {
+		return frontendBaseDir
+	}
+
 	path = filepath.Join(frontendBaseDir, "web/build")
 	return path
 }

routers/timeout_filter.go

@@ -0,0 +1,64 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package routers
+
+import (
+	"fmt"
+	"sync"
+	"time"
+
+	"github.com/beego/beego/context"
+	"github.com/casdoor/casdoor/conf"
+)
+
+var (
+	inactiveTimeoutMinutes int64
+	requestTimeMap         sync.Map
+)
+
+func init() {
+	var err error
+	inactiveTimeoutMinutes, err = conf.GetConfigInt64("inactiveTimeoutMinutes")
+	if err != nil {
+		inactiveTimeoutMinutes = 0
+	}
+}
+
+func timeoutLogout(ctx *context.Context, sessionId string) {
+	requestTimeMap.Delete(sessionId)
+	ctx.Input.CruSession.Set("username", "")
+	ctx.Input.CruSession.Set("accessToken", "")
+	ctx.Input.CruSession.Delete("SessionData")
+	responseError(ctx, fmt.Sprintf(T(ctx, "auth:Timeout for inactivity of %d minutes"), inactiveTimeoutMinutes))
+}
+
+func TimeoutFilter(ctx *context.Context) {
+	if inactiveTimeoutMinutes <= 0 {
+		return
+	}
+
+	owner, name := getSubject(ctx)
+	if owner == "anonymous" || name == "anonymous" {
+		return
+	}
+
+	sessionId := ctx.Input.CruSession.SessionID()
+	currentTime := time.Now()
+	preRequestTime, has := requestTimeMap.Load(sessionId)
+	requestTimeMap.Store(sessionId, currentTime)
+	if has && preRequestTime.(time.Time).Add(time.Minute*time.Duration(inactiveTimeoutMinutes)).Before(currentTime) {
+		timeoutLogout(ctx, sessionId)
+	}
+}

util/obfuscator.go

@@ -0,0 +1,76 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package util
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/des"
+	"encoding/hex"
+	"fmt"
+)
+
+func unPaddingPkcs7(s []byte) []byte {
+	length := len(s)
+	if length == 0 {
+		return s
+	}
+	unPadding := int(s[length-1])
+	return s[:(length - unPadding)]
+}
+
+func decryptDesOrAes(passwordCipher string, block cipher.Block) (string, error) {
+	passwordCipherBytes, err := hex.DecodeString(passwordCipher)
+	if err != nil {
+		return "", err
+	}
+
+	if len(passwordCipherBytes) < block.BlockSize() {
+		return "", fmt.Errorf("the password ciphertext should contain a random hexadecimal string of length %d at the beginning", block.BlockSize()*2)
+	}
+
+	iv := passwordCipherBytes[:block.BlockSize()]
+	password := make([]byte, len(passwordCipherBytes)-block.BlockSize())
+
+	mode := cipher.NewCBCDecrypter(block, iv)
+	mode.CryptBlocks(password, passwordCipherBytes[block.BlockSize():])
+
+	return string(unPaddingPkcs7(password)), nil
+}
+
+func GetUnobfuscatedPassword(passwordObfuscatorType string, passwordObfuscatorKey string, passwordCipher string) (string, error) {
+	if passwordObfuscatorType == "Plain" || passwordObfuscatorType == "" {
+		return passwordCipher, nil
+	} else if passwordObfuscatorType == "DES" || passwordObfuscatorType == "AES" {
+		key, err := hex.DecodeString(passwordObfuscatorKey)
+		if err != nil {
+			return "", err
+		}
+
+		var block cipher.Block
+		if passwordObfuscatorType == "DES" {
+			block, err = des.NewCipher(key)
+		} else {
+			block, err = aes.NewCipher(key)
+		}
+		if err != nil {
+			return "", err
+		}
+
+		return decryptDesOrAes(passwordCipher, block)
+	} else {
+		return "", fmt.Errorf("unsupported password obfuscator type: %s", passwordObfuscatorType)
+	}
+}

util/validation.go

@@ -51,6 +51,9 @@ func IsPhoneValid(phone string, countryCode string) bool {
 }
 
 func IsPhoneAllowInRegin(countryCode string, allowRegions []string) bool {
+	if ContainsString(allowRegions, "All") {
+		return true
+	}
 	return ContainsString(allowRegions, countryCode)
 }
 

web/package.json

@@ -5,10 +5,6 @@
   "dependencies": {
     "@ant-design/cssinjs": "^1.10.1",
     "@ant-design/icons": "^4.7.0",
-    "@codemirror/language": "^6.10.2",
-    "@codemirror/lint": "^6.8.1",
-    "@codemirror/state": "^6.4.1",
-    "@codemirror/view": "^6.33.0",
     "@craco/craco": "^6.4.5",
     "@crowdin/cli": "^3.7.10",
     "@ctrl/tinycolor": "^3.5.0",
@@ -27,11 +23,11 @@
     "antd": "5.2.3",
     "antd-token-previewer": "^1.1.0-22",
     "buffer": "^6.0.3",
-    "casbin": "^5.30.0",
-    "codemirror": "5",
+    "codemirror": "^5.61.1",
     "copy-to-clipboard": "^3.3.1",
     "core-js": "^3.25.0",
     "craco-less": "^2.0.0",
+    "crypto-js": "^4.2.0",
     "echarts": "^5.4.3",
     "ethers": "5.6.9",
     "face-api.js": "^0.22.2",

web/src/ApplicationEditPage.js

@@ -703,6 +703,16 @@ class ApplicationEditPage extends React.Component {
             }} />
           </Col>
         </Row>
+        <Row style={{marginTop: "20px"}}>
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
+            {Setting.getLabel(i18next.t("application:Use Email as NameID"), i18next.t("application:Use Email as NameID - Tooltip"))} :
+          </Col>
+          <Col span={1}>
+            <Switch checked={this.state.application.useEmailAsSamlNameId} onChange={checked => {
+              this.updateApplicationField("useEmailAsSamlNameId", checked);
+            }} />
+          </Col>
+        </Row>
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 19 : 2}>
             {Setting.getLabel(i18next.t("application:Enable SAML POST binding"), i18next.t("application:Enable SAML POST binding - Tooltip"))} :

web/src/CasbinEditor.js

@@ -0,0 +1,97 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React, {useCallback, useEffect, useRef, useState} from "react";
+import {Controlled as CodeMirror} from "react-codemirror2";
+import "codemirror/lib/codemirror.css";
+import "codemirror/mode/properties/properties";
+import * as Setting from "./Setting";
+import IframeEditor from "./IframeEditor";
+import {Tabs} from "antd";
+
+const {TabPane} = Tabs;
+
+const CasbinEditor = ({model, onModelTextChange}) => {
+  const [activeKey, setActiveKey] = useState("advanced");
+  const iframeRef = useRef(null);
+  const [localModelText, setLocalModelText] = useState(model.modelText);
+
+  const handleModelTextChange = useCallback((newModelText) => {
+    if (!Setting.builtInObject(model)) {
+      setLocalModelText(newModelText);
+      onModelTextChange(newModelText);
+    }
+  }, [model, onModelTextChange]);
+
+  const syncModelText = useCallback(() => {
+    return new Promise((resolve) => {
+      if (activeKey === "advanced" && iframeRef.current) {
+        const handleSyncMessage = (event) => {
+          if (event.data.type === "modelUpdate") {
+            window.removeEventListener("message", handleSyncMessage);
+            handleModelTextChange(event.data.modelText);
+            resolve();
+          }
+        };
+        window.addEventListener("message", handleSyncMessage);
+        iframeRef.current.getModelText();
+      } else {
+        resolve();
+      }
+    });
+  }, [activeKey, handleModelTextChange]);
+
+  const handleTabChange = (key) => {
+    syncModelText().then(() => {
+      setActiveKey(key);
+      if (key === "advanced" && iframeRef.current) {
+        iframeRef.current.updateModelText(localModelText);
+      }
+    });
+  };
+
+  useEffect(() => {
+    setLocalModelText(model.modelText);
+  }, [model.modelText]);
+
+  return (
+    <div style={{height: "100%", width: "100%", display: "flex", flexDirection: "column"}}>
+      <Tabs activeKey={activeKey} onChange={handleTabChange} style={{flex: "0 0 auto", marginTop: "-10px"}}>
+        <TabPane tab="Basic Editor" key="basic" />
+        <TabPane tab="Advanced Editor" key="advanced" />
+      </Tabs>
+      <div style={{flex: "1 1 auto", overflow: "hidden"}}>
+        {activeKey === "advanced" ? (
+          <IframeEditor
+            ref={iframeRef}
+            initialModelText={localModelText}
+            onModelTextChange={handleModelTextChange}
+            style={{width: "100%", height: "100%"}}
+          />
+        ) : (
+          <CodeMirror
+            value={localModelText}
+            className="full-height-editor no-horizontal-scroll-editor"
+            options={{mode: "properties", theme: "default"}}
+            onBeforeChange={(editor, data, value) => {
+              handleModelTextChange(value);
+            }}
+          />
+        )}
+      </div>
+    </div>
+  );
+};
+
+export default CasbinEditor;

web/src/IframeEditor.js

@@ -0,0 +1,66 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import React, {forwardRef, useEffect, useImperativeHandle, useRef, useState} from "react";
+
+const IframeEditor = forwardRef(({initialModelText, onModelTextChange}, ref) => {
+  const iframeRef = useRef(null);
+  const [iframeReady, setIframeReady] = useState(false);
+
+  useEffect(() => {
+    const handleMessage = (event) => {
+      if (event.origin !== "https://editor.casbin.org") {return;}
+
+      if (event.data.type === "modelUpdate") {
+        onModelTextChange(event.data.modelText);
+      } else if (event.data.type === "iframeReady") {
+        setIframeReady(true);
+        iframeRef.current?.contentWindow.postMessage({
+          type: "initializeModel",
+          modelText: initialModelText,
+        }, "*");
+      }
+    };
+
+    window.addEventListener("message", handleMessage);
+    return () => window.removeEventListener("message", handleMessage);
+  }, [onModelTextChange, initialModelText]);
+
+  useImperativeHandle(ref, () => ({
+    getModelText: () => {
+      iframeRef.current?.contentWindow.postMessage({type: "getModelText"}, "*");
+    },
+    updateModelText: (newModelText) => {
+      if (iframeReady) {
+        iframeRef.current?.contentWindow.postMessage({
+          type: "updateModelText",
+          modelText: newModelText,
+        }, "*");
+      }
+    },
+  }));
+
+  return (
+    <iframe
+      ref={iframeRef}
+      src="https://editor.casbin.org/model-editor"
+      frameBorder="0"
+      width="100%"
+      height="500px"
+      title="Casbin Model Editor"
+    />
+  );
+});
+
+export default IframeEditor;

web/src/ModelEditPage.js

@@ -18,10 +18,7 @@ import * as ModelBackend from "./backend/ModelBackend";
 import * as OrganizationBackend from "./backend/OrganizationBackend";
 import * as Setting from "./Setting";
 import i18next from "i18next";
-import {Controlled as CodeMirror} from "react-codemirror2";
-import {createLinter} from "./utils/modelLinter";
-
-require("codemirror/mode/properties/properties");
+import ModelEditor from "./CasbinEditor";
 
 const {Option} = Select;
 
@@ -146,24 +143,10 @@ class ModelEditPage extends React.Component {
             {Setting.getLabel(i18next.t("model:Model text"), i18next.t("model:Model text - Tooltip"))} :
           </Col>
           <Col span={22}>
-            <div style={{width: "100%"}} >
-              <CodeMirror
-                value={this.state.model.modelText}
-                options={{
-                  mode: "properties",
-                  theme: "default",
-                  lineNumbers: true,
-                  lint: true,
-                }}
-                onBeforeChange={(editor, data, value) => {
-                  if (Setting.builtInObject(this.state.model)) {
-                    return;
-                  }
-                  this.updateModelField("modelText", value);
-                }}
-                editorDidMount={(editor, value, cb) => {
-                  createLinter(editor.constructor);
-                }}
+            <div style={{position: "relative", height: "500px"}} >
+              <ModelEditor
+                model={this.state.model}
+                onModelTextChange={(value) => this.updateModelField("modelText", value)}
               />
             </div>
           </Col>

web/src/OrganizationEditPage.js

@@ -19,6 +19,7 @@ import * as ApplicationBackend from "./backend/ApplicationBackend";
 import * as LdapBackend from "./backend/LdapBackend";
 import * as Setting from "./Setting";
 import * as Conf from "./Conf";
+import * as Obfuscator from "./auth/Obfuscator";
 import i18next from "i18next";
 import {LinkOutlined} from "@ant-design/icons";
 import LdapTable from "./table/LdapTable";
@@ -112,6 +113,22 @@ class OrganizationEditPage extends React.Component {
     });
   }
 
+  updatePasswordObfuscator(key, value) {
+    const organization = this.state.organization;
+    if (organization.passwordObfuscatorType === "") {
+      organization.passwordObfuscatorType = "Plain";
+    }
+    if (key === "type") {
+      organization.passwordObfuscatorType = value;
+      organization.passwordObfuscatorKey = Obfuscator.getRandomKeyForObfuscator(value);
+    } else if (key === "key") {
+      organization.passwordObfuscatorKey = value;
+    }
+    this.setState({
+      organization: organization,
+    });
+  }
+
   renderOrganization() {
     return (
       <Card size="small" title={
@@ -294,6 +311,34 @@ class OrganizationEditPage extends React.Component {
             />
           </Col>
         </Row>
+        <Row style={{marginTop: "20px"}} >
+          <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("general:Password obfuscator"), i18next.t("general:Password obfuscator - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Select virtual={false} style={{width: "100%"}}
+              value={this.state.organization.passwordObfuscatorType}
+              onChange={(value => {this.updatePasswordObfuscator("type", value);})}>
+              {
+                [
+                  {id: "Plain", name: "Plain"},
+                  {id: "AES", name: "AES"},
+                  {id: "DES", name: "DES"},
+                ].map((obfuscatorType, index) => <Option key={index} value={obfuscatorType.id}>{obfuscatorType.name}</Option>)
+              }
+            </Select>
+          </Col>
+        </Row>
+        {
+          (this.state.organization.passwordObfuscatorType === "Plain" || this.state.organization.passwordObfuscatorType === "") ? null : (<Row style={{marginTop: "20px"}} >
+            <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
+              {Setting.getLabel(i18next.t("general:Password obf key"), i18next.t("general:Password obf key - Tooltip"))} :
+            </Col>
+            <Col span={22} >
+              <Input value={this.state.organization.passwordObfuscatorKey} onChange={(e) => {this.updatePasswordObfuscator("key", e.target.value);}} />
+            </Col>
+          </Row>)
+        }
         <Row style={{marginTop: "20px"}} >
           <Col style={{marginTop: "5px"}} span={(Setting.isMobile()) ? 22 : 2}>
             {Setting.getLabel(i18next.t("general:Supported country codes"), i18next.t("general:Supported country codes - Tooltip"))} :
@@ -305,6 +350,7 @@ class OrganizationEditPage extends React.Component {
               }}
               filterOption={(input, option) => (option?.text ?? "").toLowerCase().includes(input.toLowerCase())}
             >
+              {Setting.getCountryCodeOption({name: i18next.t("organization:All"), code: "All", phone: 0})}
               {
                 Setting.getCountryCodeData().map((country) => Setting.getCountryCodeOption(country))
               }
@@ -528,6 +574,12 @@ class OrganizationEditPage extends React.Component {
     const organization = Setting.deepCopy(this.state.organization);
     organization.accountItems = organization.accountItems?.filter(accountItem => accountItem.name !== "Please select an account item");
 
+    const passwordObfuscatorErrorMessage = Obfuscator.checkPasswordObfuscator(organization.passwordObfuscatorType, organization.passwordObfuscatorKey);
+    if (passwordObfuscatorErrorMessage.length > 0) {
+      Setting.showMessage("error", passwordObfuscatorErrorMessage);
+      return;
+    }
+
     OrganizationBackend.updateOrganization(this.state.organization.owner, this.state.organizationName, organization)
       .then((res) => {
         if (res.status === "ok") {

web/src/OrganizationListPage.js

@@ -35,6 +35,8 @@ class OrganizationListPage extends BaseListPage {
       passwordType: "plain",
       PasswordSalt: "",
       passwordOptions: [],
+      passwordObfuscatorType: "Plain",
+      passwordObfuscatorKey: "",
       countryCodes: ["US"],
       defaultAvatar: `${Setting.StaticBaseUrl}/img/casbin.svg`,
       defaultApplication: "",

web/src/Setting.js

@@ -418,6 +418,9 @@ export function getCountryCode(country) {
 }
 
 export function getCountryCodeData(countryCodes = phoneNumber.getCountries()) {
+  if (countryCodes?.includes("All")) {
+    countryCodes = phoneNumber.getCountries();
+  }
   return countryCodes?.map((countryCode) => {
     if (phoneNumber.isSupportedCountry(countryCode)) {
       const name = initCountries().getName(countryCode, getLanguage());
@@ -436,10 +439,10 @@ export function getCountryCodeOption(country) {
     <Option key={country.code} value={country.code} label={`+${country.phone}`} text={`${country.name}, ${country.code}, ${country.phone}`} >
       <div style={{display: "flex", justifyContent: "space-between", marginRight: "10px"}}>
         <div>
-          {getCountryImage(country)}
+          {country.code === "All" ? null : getCountryImage(country)}
           {`${country.name}`}
         </div>
-        {`+${country.phone}`}
+        {country.code === "All" ? null : `+${country.phone}`}
       </div>
     </Option>
   );
@@ -1168,7 +1171,7 @@ export function renderLogo(application) {
 
 function isSigninMethodEnabled(application, signinMethod) {
   if (application && application.signinMethods) {
-    return application.signinMethods.filter(item => item.name === signinMethod).length > 0;
+    return application.signinMethods.filter(item => item.name === signinMethod && item.rule !== "Hide-Password").length > 0;
   } else {
     return false;
   }

web/src/SyncerEditPage.js

@@ -434,10 +434,9 @@ class SyncerEditPage extends React.Component {
             {Setting.getLabel(i18next.t("syncer:Table"), i18next.t("syncer:Table - Tooltip"))} :
           </Col>
           <Col span={22} >
-            <Input value={this.state.syncer.table}
-              disabled={this.state.syncer.type === "Keycloak"} onChange={e => {
-                this.updateSyncerField("table", e.target.value);
-              }} />
+            <Input value={this.state.syncer.table} onChange={e => {
+              this.updateSyncerField("table", e.target.value);
+            }} />
           </Col>
         </Row>
         <Row style={{marginTop: "20px"}} >

web/src/UserEditPage.js

@@ -1050,6 +1050,8 @@ class UserEditPage extends React.Component {
             <MfaAccountTable
               title={i18next.t("user:MFA accounts")}
               table={this.state.user.mfaAccounts}
+              accessToken={this.props.account?.accessToken}
+              icon={this.state.user.avatar}
               onUpdateTable={(table) => {this.updateUserField("mfaAccounts", table);}}
             />
           </Col>

web/src/auth/CasLogout.js

@@ -34,25 +34,42 @@ class CasLogout extends React.Component {
 
   UNSAFE_componentWillMount() {
     const params = new URLSearchParams(this.props.location.search);
+    const logoutInterval = 100;
+
+    const logoutTimeOut = (redirectUri) => {
+      setTimeout(() => {
+        AuthBackend.getAccount().then((accountRes) => {
+          if (accountRes.status === "ok") {
+            AuthBackend.logout().then((logoutRes) => {
+              if (logoutRes.status === "ok") {
+                logoutTimeOut(logoutRes.data2);
+              } else {
+                Setting.showMessage("error", `${i18next.t("login:Failed to log out")}: ${logoutRes.msg}`);
+              }
+            });
+          } else {
+            Setting.showMessage("success", i18next.t("application:Logged out successfully"));
+            this.props.onUpdateAccount(null);
+            if (redirectUri !== null && redirectUri !== undefined && redirectUri !== "") {
+              Setting.goToLink(redirectUri);
+            } else if (params.has("service")) {
+              Setting.goToLink(params.get("service"));
+            } else {
+              Setting.goToLinkSoft(this, `/cas/${this.state.owner}/${this.state.applicationName}/login`);
+            }
+          }
+        });
+      }, logoutInterval);
+    };
 
     AuthBackend.logout()
       .then((res) => {
         if (res.status === "ok") {
-          Setting.showMessage("success", "Logged out successfully");
-          this.props.onUpdateAccount(null);
-          const redirectUri = res.data2;
-          if (redirectUri !== null && redirectUri !== undefined && redirectUri !== "") {
-            Setting.goToLink(redirectUri);
-          } else if (params.has("service")) {
-            Setting.goToLink(params.get("service"));
-          } else {
-            Setting.goToLinkSoft(this, `/cas/${this.state.owner}/${this.state.applicationName}/login`);
-          }
+          logoutTimeOut(res.data2);
         } else {
-          Setting.showMessage("error", `Failed to log out: ${res.msg}`);
+          Setting.showMessage("error", `${i18next.t("login:Failed to log out")}: ${res.msg}`);
         }
       });
-
   }
 
   render() {

web/src/auth/LoginPage.js

@@ -19,6 +19,7 @@ import {withRouter} from "react-router-dom";
 import * as UserWebauthnBackend from "../backend/UserWebauthnBackend";
 import OrganizationSelect from "../common/select/OrganizationSelect";
 import * as Conf from "../Conf";
+import * as Obfuscator from "./Obfuscator";
 import * as AuthBackend from "./AuthBackend";
 import * as OrganizationBackend from "../backend/OrganizationBackend";
 import * as ApplicationBackend from "../backend/ApplicationBackend";
@@ -379,6 +380,14 @@ class LoginPage extends React.Component {
       return;
     }
     if (this.state.loginMethod === "password" || this.state.loginMethod === "ldap") {
+      const organization = this.getApplicationObj()?.organizationObj;
+      const [passwordCipher, errorMessage] = Obfuscator.encryptByPasswordObfuscator(organization?.passwordObfuscatorType, organization?.passwordObfuscatorKey, values["password"]);
+      if (errorMessage.length > 0) {
+        Setting.showMessage("error", errorMessage);
+        return;
+      } else {
+        values["password"] = passwordCipher;
+      }
       if (this.state.enableCaptchaModal === CaptchaRule.Always) {
         this.setState({
           openCaptchaModal: true,
@@ -938,7 +947,7 @@ class LoginPage extends React.Component {
             signinItem.label ? Setting.renderSignupLink(application, signinItem.label) :
               (
                 <React.Fragment>
-                  {i18next.t("login:No account?")}
+                  {i18next.t("login:No account?")}&nbsp;
                   {
                     Setting.renderSignupLink(application, i18next.t("login:sign up now"))
                   }
@@ -1125,6 +1134,9 @@ class LoginPage extends React.Component {
     ]);
 
     application?.signinMethods?.forEach((signinMethod) => {
+      if (signinMethod.rule === "Hide-Password") {
+        return;
+      }
       const item = itemsMap.get(generateItemKey(signinMethod.name, signinMethod.rule));
       if (item) {
         let label = signinMethod.name === signinMethod.displayName ? item.label : signinMethod.displayName;

web/src/auth/Obfuscator.js

@@ -0,0 +1,95 @@
+// Copyright 2024 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import CryptoJS from "crypto-js";
+import i18next from "i18next";
+
+export function getRandomKeyForObfuscator(obfuscatorType) {
+  if (obfuscatorType === "DES") {
+    return getRandomHexKey(16);
+  } else if (obfuscatorType === "AES") {
+    return getRandomHexKey(32);
+  } else {
+    return "";
+  }
+}
+
+export const passwordObfuscatorKeyRegexes = {
+  "DES": /^[1-9a-f]{16}$/,
+  "AES": /^[1-9a-f]{32}$/,
+};
+
+function encrypt(cipher, key, iv, password) {
+  const encrypted = cipher.encrypt(
+    CryptoJS.enc.Hex.parse(Buffer.from(password, "utf-8").toString("hex")),
+    CryptoJS.enc.Hex.parse(key),
+    {
+      iv: iv,
+      mode: CryptoJS.mode.CBC,
+      pad: CryptoJS.pad.Pkcs7,
+    }
+  );
+  return iv.concat(encrypted.ciphertext).toString(CryptoJS.enc.Hex);
+}
+
+export function checkPasswordObfuscator(passwordObfuscatorType, passwordObfuscatorKey) {
+  if (passwordObfuscatorType === undefined) {
+    return i18next.t("organization:failed to get password obfuscator");
+  } else if (passwordObfuscatorType === "Plain" || passwordObfuscatorType === "") {
+    return "";
+  } else if (passwordObfuscatorType === "AES" || passwordObfuscatorType === "DES") {
+    if (passwordObfuscatorKeyRegexes[passwordObfuscatorType].test(passwordObfuscatorKey)) {
+      return "";
+    } else {
+      return `${i18next.t("organization:The password obfuscator key doesn't match the regex")}: ${passwordObfuscatorKeyRegexes[passwordObfuscatorType].source}`;
+    }
+  } else {
+    return `${i18next.t("organization:unsupported password obfuscator type")}: ${passwordObfuscatorType}`;
+  }
+}
+
+export function encryptByPasswordObfuscator(passwordObfuscatorType, passwordObfuscatorKey, password) {
+  const passwordObfuscatorErrorMessage = checkPasswordObfuscator(passwordObfuscatorType, passwordObfuscatorKey);
+  if (passwordObfuscatorErrorMessage.length > 0) {
+    return ["", passwordObfuscatorErrorMessage];
+  } else {
+    if (passwordObfuscatorType === "Plain" || passwordObfuscatorType === "") {
+      return [password, ""];
+    } else if (passwordObfuscatorType === "AES") {
+      return [encryptByAes(passwordObfuscatorKey, password), ""];
+    } else if (passwordObfuscatorType === "DES") {
+      return [encryptByDes(passwordObfuscatorKey, password), ""];
+    }
+  }
+}
+
+function encryptByDes(key, password) {
+  const iv = CryptoJS.lib.WordArray.random(8);
+  return encrypt(CryptoJS.DES, key, iv, password);
+}
+
+function encryptByAes(key, password) {
+  const iv = CryptoJS.lib.WordArray.random(16);
+  return encrypt(CryptoJS.AES, key, iv, password);
+}
+
+function getRandomHexKey(length) {
+  const characters = "123456789abcdef";
+  let key = "";
+  for (let i = 0; i < length; i++) {
+    const randomIndex = Math.floor(Math.random() * characters.length);
+    key += characters[randomIndex];
+  }
+  return key;
+}

web/src/auth/SignupPage.js

@@ -13,7 +13,7 @@
 // limitations under the License.
 
 import React from "react";
-import {Button, Form, Input, Radio, Result, Row, message} from "antd";
+import {Button, Form, Input, Radio, Result, Row, Select, message} from "antd";
 import * as Setting from "../Setting";
 import * as AuthBackend from "./AuthBackend";
 import * as ProviderButton from "./ProviderButton";
@@ -50,6 +50,38 @@ const formItemLayout = {
   },
 };
 
+const renderFormItem = (signupItem) => {
+  const commonProps = {
+    name: signupItem.name.toLowerCase(),
+    label: signupItem.label || signupItem.name,
+    rules: [
+      {
+        required: signupItem.required,
+        message: i18next.t(`signup:Please input your ${signupItem.label || signupItem.name}!`),
+      },
+    ],
+  };
+
+  if (!signupItem.type || signupItem.type === "Input") {
+    return (
+      <Form.Item {...commonProps}>
+        <Input placeholder={signupItem.placeholder} />
+      </Form.Item>
+    );
+  } else if (signupItem.type === "Single Choice" || signupItem.type === "Multiple Choices") {
+    return (
+      <Form.Item {...commonProps}>
+        <Select
+          mode={signupItem.type === "Multiple Choices" ? "multiple" : "single"}
+          placeholder={signupItem.placeholder}
+          showSearch={false}
+          options={signupItem.options.map(option => ({label: option, value: option}))}
+        />
+      </Form.Item>
+    );
+  }
+};
+
 export const tailFormItemLayout = {
   wrapperCol: {
     xs: {
@@ -198,6 +230,22 @@ class SignupPage extends React.Component {
   onFinish(values) {
     const application = this.getApplicationObj();
 
+    if (Array.isArray(values.gender)) {
+      values.gender = values.gender.join(", ");
+    }
+
+    if (Array.isArray(values.bio)) {
+      values.bio = values.bio.join(", ");
+    }
+
+    if (Array.isArray(values.tag)) {
+      values.tag = values.tag.join(", ");
+    }
+
+    if (Array.isArray(values.education)) {
+      values.education = values.education.join(", ");
+    }
+
     const params = new URLSearchParams(window.location.search);
     values.plan = params.get("plan");
     values.pricing = params.get("pricing");
@@ -238,6 +286,7 @@ class SignupPage extends React.Component {
   }
 
   renderFormItem(application, signupItem) {
+    const validItems = ["Gender", "Bio", "Tag", "Education"];
     if (!signupItem.visible) {
       return null;
     }
@@ -366,7 +415,9 @@ class SignupPage extends React.Component {
             },
           ]}
         >
-          <RegionSelect className="signup-region-select" onChange={(value) => {this.setState({region: value});}} />
+          <RegionSelect className="signup-region-select" onChange={(value) => {
+            this.setState({region: value});
+          }} />
         </Form.Item>
       );
     } else if (signupItem.name === "Email" || signupItem.name === "Phone" || signupItem.name === "Email or Phone" || signupItem.name === "Phone or Email") {
@@ -669,8 +720,9 @@ class SignupPage extends React.Component {
             </span>
           );
         })
-
       );
+    } else if (validItems.includes(signupItem.name)) {
+      return renderFormItem(signupItem);
     }
   }
 

web/src/index.css

@@ -51,3 +51,19 @@ code {
 .custom-link:hover {
   color: rgb(64 64 64) !important;
 }
+
+.full-height-editor {
+  height: 100%;
+}
+
+.full-height-editor [class*="CodeMirror"] {
+  height: 100%;
+}
+
+.no-horizontal-scroll-editor [class*="CodeMirror-hscrollbar"] {
+  display: none !important;
+}
+
+.no-horizontal-scroll-editor [class*="CodeMirror-scroll"] {
+  overflow-x: hidden !important;
+}

web/src/locales/ar/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/cs/data.json

@@ -74,6 +74,7 @@
     "Left": "Vlevo",
     "Logged in successfully": "Úspěšně přihlášen",
     "Logged out successfully": "Úspěšně odhlášen",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Nová aplikace",
     "No verification": "Bez ověření",
     "Normal": "Normální",
@@ -112,6 +113,7 @@
     "Signin session": "Přihlašovací relace",
     "Signup items": "Položky registrace",
     "Signup items - Tooltip": "Položky, které uživatelé vyplňují při registraci nových účtů",
+    "Single Choice": "Single Choice",
     "Small icon": "Malá ikona",
     "Tags - Tooltip": "Pouze uživatelé s tagem uvedeným v tazích aplikace se mohou přihlásit",
     "The application does not allow to sign up new account": "Aplikace neumožňuje registraci nového účtu",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Formát přístupového tokenu",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Nečekali jste, že uvidíte tuto výzvu"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Přístupový klíč - Tooltip",
     "Access secret": "Přístupové tajemství",
     "Access secret - Tooltip": "Přístupové tajemství - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Akce",
     "Adapter": "Adaptér",
     "Adapter - Tooltip": "Název tabulky úložiště politiky",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Poskytovatelé plateb, které mají být nakonfigurovány, včetně PayPal, Alipay, WeChat Pay, atd.",
     "Providers": "Poskytovatelé",
     "Providers - Tooltip": "Poskytovatelé, kteří mají být nakonfigurováni, včetně přihlášení třetích stran, objektového úložiště, ověřovacího kódu, atd.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Skutečné jméno",
     "Records": "Záznamy",
     "Request URI": "Požadavek URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Rozpoznávání obličeje",
     "Face recognition failed": "Rozpoznávání obličeje selhalo",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Nepodařilo se získat autorizaci MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Nepodařilo se získat autorizaci Web3-Onboard",
     "Forgot password?": "Zapomněli jste heslo?",
@@ -831,6 +839,7 @@
     "Project Id": "ID projektu",
     "Project Id - Tooltip": "Nápověda k ID projektu",
     "Prompted": "Vyzván",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL poskytovatele",
     "Provider URL - Tooltip": "URL pro konfiguraci poskytovatele služby, toto pole je pouze pro referenci a není použito v Casdoor",
     "Public key": "Veřejný klíč",
@@ -950,6 +959,7 @@
     "Have account?": "Máte účet?",
     "Label": "Štítek",
     "Label HTML": "HTML štítek",
+    "Options": "Options",
     "Placeholder": "Zástupný text",
     "Please accept the agreement!": "Prosím přijměte smlouvu!",
     "Please click the below button to sign in": "Prosím klikněte na tlačítko níže pro přihlášení",

web/src/locales/de/data.json

@@ -74,6 +74,7 @@
     "Left": "Links",
     "Logged in successfully": "Erfolgreich eingeloggt",
     "Logged out successfully": "Erfolgreich ausgeloggt",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Neue Anwendung",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Anmeldesession",
     "Signup items": "Registrierungs Items",
     "Signup items - Tooltip": "Items, die Benutzer ausfüllen müssen, wenn sie neue Konten registrieren",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "Die Anwendung erlaubt es nicht, ein neues Konto zu registrieren",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Das Format des Access-Tokens",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Sie sind unerwartet auf diese Aufforderungsseite gelangt"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Aktion",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Tabellenname des Policy Stores",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Zahlungsprovider, die konfiguriert werden müssen, inkl. PayPal, Alipay, WeChat Pay usw.",
     "Providers": "Provider",
     "Providers - Tooltip": "Provider, die konfiguriert werden müssen, einschließlich Drittanbieter-Logins, Objektspeicherung, Verifizierungscode usw.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Echter Name",
     "Records": "Datensätze",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Passwort vergessen?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "ausgelöst",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Anbieter-URL",
     "Provider URL - Tooltip": "URL zur Konfiguration des Dienstanbieters, dieses Feld dient nur als Referenz und wird in Casdoor nicht verwendet",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Haben Sie ein Konto?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Bitte akzeptieren Sie die Vereinbarung!",
     "Please click the below button to sign in": "Bitte klicken Sie auf den untenstehenden Button, um sich anzumelden",

web/src/locales/en/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/es/data.json

@@ -74,6 +74,7 @@
     "Left": "Izquierda",
     "Logged in successfully": "Acceso satisfactorio",
     "Logged out successfully": "Cerró sesión exitosamente",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Nueva aplicación",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Sesión de inicio de sesión",
     "Signup items": "Artículos de registro",
     "Signup items - Tooltip": "Elementos para que los usuarios los completen al registrar nuevas cuentas",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "La aplicación no permite registrarse una cuenta nueva",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "El formato del token de acceso",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Es inesperado ver esta página de inicio"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Acción",
     "Adapter": "Adaptador",
     "Adapter - Tooltip": "Nombre de la tabla de la tienda de políticas",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Proveedores de pago a configurar, incluyendo PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Proveedores",
     "Providers - Tooltip": "Proveedores a configurar, incluyendo inicio de sesión de terceros, almacenamiento de objetos, código de verificación, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Nombre real",
     "Records": "Registros",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "¿Olvidaste tu contraseña?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Estimulado",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL del proveedor",
     "Provider URL - Tooltip": "Dirección URL para configurar el proveedor de servicios, este campo sólo se utiliza como referencia y no se utiliza en Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "¿Tiene una cuenta?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "¡Por favor, acepta el acuerdo!",
     "Please click the below button to sign in": "Por favor, haga clic en el botón de abajo para iniciar sesión",

web/src/locales/fa/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/fi/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/fr/data.json

@@ -74,6 +74,7 @@
     "Left": "Gauche",
     "Logged in successfully": "Connexion réussie",
     "Logged out successfully": "Déconnexion réussie",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Nouvelle application",
     "No verification": "Aucune vérification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Session de connexion",
     "Signup items": "Champs d'inscription",
     "Signup items - Tooltip": "Champs à remplir lors de l'enregistrement de nouveaux comptes",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Seuls les comptes ayant leur étiquette listée dans les étiquettes de l'application peuvent se connecter",
     "The application does not allow to sign up new account": "L'application ne permet pas de créer un nouveau compte",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Le format du jeton d'accès",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Il n'était pas prévu que vous voyez cette page de saisie"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Clé d'accès - Infobulle",
     "Access secret": "Clé secrète",
     "Access secret - Tooltip": "Clé secrète - Info-bulle",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adaptateur",
     "Adapter - Tooltip": "Nom de la table du magasin de règle",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Les fournisseurs de paiement à configurer, tels que PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Fournisseurs",
     "Providers - Tooltip": "Les fournisseurs à configurer, tels que la connexion via un service tiers, le stockage d'objets, le code de vérification, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Nom complet",
     "Records": "Enregistrements",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Échec de l'obtention de l'autorisation MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Échec de l'obtention de l'autorisation MetaMask",
     "Forgot password?": "Mot de passe oublié ?",
@@ -831,6 +839,7 @@
     "Project Id": "ID du projet",
     "Project Id - Tooltip": "ID du projet - Infobulle",
     "Prompted": "Incité",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL du fournisseur",
     "Provider URL - Tooltip": "URL pour configurer le fournisseur de services, ce champ est uniquement utilisé à titre de référence et n'est pas utilisé dans Casdoor",
     "Public key": "Clé publique",
@@ -950,6 +959,7 @@
     "Have account?": "Avez-vous un compte ?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Veuillez accepter l'accord !",
     "Please click the below button to sign in": "Veuillez cliquer sur le bouton ci-dessous pour vous connecter",

web/src/locales/he/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/id/data.json

@@ -74,6 +74,7 @@
     "Left": "Kiri",
     "Logged in successfully": "Berhasil masuk",
     "Logged out successfully": "Berhasil keluar dari sistem",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Aplikasi Baru",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Sesi masuk",
     "Signup items": "Item pendaftaran",
     "Signup items - Tooltip": "Item-item yang harus diisi pengguna saat mendaftar untuk akun baru",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "Aplikasi tidak memperbolehkan untuk mendaftar akun baru",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Format dari token akses",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Anda tidak mengharapkan untuk melihat halaman prompt ini"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Aksi",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Nama tabel dari penyimpanan kebijakan",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Penyedia pembayaran harus dikonfigurasi, termasuk PayPal, Alipay, WeChat Pay, dan sebagainya.",
     "Providers": "Penyedia-penyedia",
     "Providers - Tooltip": "Penyedia harus dikonfigurasi, termasuk login pihak ketiga, penyimpanan objek, kode verifikasi, dan lain-lain.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Nama asli",
     "Records": "Catatan",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Lupa kata sandi?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Mendorong",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL penyedia",
     "Provider URL - Tooltip": "URL untuk melakukan konfigurasi service provider, kolom ini hanya digunakan sebagai referensi dan tidak digunakan dalam Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Punya akun?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Tolong terima perjanjian ini!",
     "Please click the below button to sign in": "Silakan klik tombol di bawah ini untuk masuk",

web/src/locales/it/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/ja/data.json

@@ -74,6 +74,7 @@
     "Left": "左",
     "Logged in successfully": "正常にログインしました",
     "Logged out successfully": "正常にログアウトしました",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "新しいアプリケーション",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "サインインセッション",
     "Signup items": "サインアップアイテム",
     "Signup items - Tooltip": "新しいアカウントを登録する際にユーザーが入力するアイテム",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "アプリケーションでは新しいアカウントの登録ができません",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "アクセストークンのフォーマット",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "このプロンプトページを見ることは予期せぬことである"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "アクション",
     "Adapter": "アダプター",
     "Adapter - Tooltip": "ポリシー・ストアのテーブル名",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "支払いプロバイダーを設定する必要があります。これには、PayPal、Alipay、WeChat Payなどが含まれます。",
     "Providers": "プロバイダー",
     "Providers - Tooltip": "設定するプロバイダーには、サードパーティのログイン、オブジェクトストレージ、検証コードなどが含まれます。",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "本名",
     "Records": "記録",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "パスワードを忘れましたか？",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "促された",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "プロバイダーURL",
     "Provider URL - Tooltip": "サービスプロバイダーの設定用URL。このフィールドは参照用にのみ使用され、Casdoorでは使用されません",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "アカウントはありますか？",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "合意に同意してください！",
     "Please click the below button to sign in": "以下のボタンをクリックしてログインしてください",

web/src/locales/kk/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/ko/data.json

@@ -74,6 +74,7 @@
     "Left": "왼쪽",
     "Logged in successfully": "성공적으로 로그인했습니다",
     "Logged out successfully": "로그아웃이 성공적으로 되었습니다",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "새로운 응용 프로그램",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "로그인 세션",
     "Signup items": "가입 항목",
     "Signup items - Tooltip": "새로운 계정 등록시 사용자가 작성해야하는 항목들",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "이 어플리케이션은 새 계정 등록을 허용하지 않습니다",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "접근 토큰의 형식",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "당신은 이 프롬프트 페이지를 볼 것을 예상하지 못했습니다"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "동작",
     "Adapter": "어댑터",
     "Adapter - Tooltip": "정책 저장소의 테이블 이름",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "지불 공급자를 구성해야합니다. PayPal, Alipay, WeChat Pay 등이 포함됩니다.",
     "Providers": "제공자들",
     "Providers - Tooltip": "공급 업체는 구성되어야합니다. 3rd-party 로그인, 객체 저장소, 검증 코드 등을 포함합니다.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "실명",
     "Records": "기록",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "비밀번호를 잊으셨나요?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "자극 받은",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "제공자 URL",
     "Provider URL - Tooltip": "서비스 제공 업체 구성을 위한 URL이며, 이 필드는 참조 용도로만 사용되며 Casdoor에서 사용되지 않습니다",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "계정이 있나요?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "계약서를 승인해주세요!",
     "Please click the below button to sign in": "아래 버튼을 클릭하여 로그인하세요",

web/src/locales/ms/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/nl/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/pl/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/pt/data.json

@@ -74,6 +74,7 @@
     "Left": "Esquerda",
     "Logged in successfully": "Login realizado com sucesso",
     "Logged out successfully": "Logout realizado com sucesso",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Nova Aplicação",
     "No verification": "Sem verificação",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Sessão de login",
     "Signup items": "Itens de registro",
     "Signup items - Tooltip": "Itens para os usuários preencherem ao registrar novas contas",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Apenas usuários com a tag listada nas tags do aplicativo podem acessar",
     "The application does not allow to sign up new account": "A aplicação não permite o registro de novas contas",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "O formato do token de acesso",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Você não deveria ver esta página de prompt"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Ação",
     "Adapter": "Adaptador",
     "Adapter - Tooltip": "Nome da tabela do armazenamento de políticas",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Provedores de pagamento a serem configurados, incluindo PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Provedores",
     "Providers - Tooltip": "Provedores a serem configurados, incluindo login de terceiros, armazenamento de objetos, código de verificação, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Nome real",
     "Records": "Registros",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Esqueceu a senha?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Solicitado",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL do Provedor",
     "Provider URL - Tooltip": "URL para configurar o provedor de serviço, este campo é apenas usado para referência e não é usado no Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Já possui uma conta?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Por favor, aceite o acordo!",
     "Please click the below button to sign in": "Por favor, clique no botão abaixo para fazer login",

web/src/locales/ru/data.json

@@ -74,6 +74,7 @@
     "Left": "Левый",
     "Logged in successfully": "Успешный вход в систему",
     "Logged out successfully": "Успешный выход из системы",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Новое приложение",
     "No verification": "Нет верификации",
     "Normal": "Обычный",
@@ -112,6 +113,7 @@
     "Signin session": "Сессия входа в систему",
     "Signup items": "Элементы регистрации",
     "Signup items - Tooltip": "Элементы, которые пользователи должны заполнить при регистрации новых аккаунтов",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Только пользователи с тегом, указанным в тегах приложения могут войти в систему",
     "The application does not allow to sign up new account": "Приложение не позволяет зарегистрироваться новому аккаунту",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Формат токена доступа",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Вы не ожидали увидеть эту страницу-подсказку"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Действие",
     "Adapter": "Адаптер",
     "Adapter - Tooltip": "Имя таблицы хранилища политик",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Провайдеры платежей должны быть настроены, включая PayPal, Alipay, WeChat Pay и т.д.",
     "Providers": "Провайдеры",
     "Providers - Tooltip": "Провайдеры должны быть настроены, включая вход с помощью сторонних сервисов, объектное хранилище, код подтверждения и т.д.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Реальное имя",
     "Records": "Записи",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Не удалось получить авторизацию MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Забыли пароль?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Побудил",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL поставщика",
     "Provider URL - Tooltip": "URL для настройки поставщика услуг, это поле используется только для ссылки и не используется в Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "У вас есть аккаунт?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Пожалуйста, примите соглашение!",
     "Please click the below button to sign in": "Пожалуйста, нажмите на кнопку ниже, чтобы авторизоваться",

web/src/locales/sk/data.json

@@ -74,6 +74,7 @@
     "Left": "Vľavo",
     "Logged in successfully": "Úspešne prihlásený",
     "Logged out successfully": "Úspešne odhlásený",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Nová aplikácia",
     "No verification": "Bez overenia",
     "Normal": "Normálny",
@@ -112,6 +113,7 @@
     "Signin session": "Relácia prihlásenia",
     "Signup items": "Položky registrácie",
     "Signup items - Tooltip": "Položky, ktoré majú používatelia vyplniť pri registrácii nových účtov",
+    "Single Choice": "Single Choice",
     "Small icon": "Malá ikona",
     "Tags - Tooltip": "Prihlásiť sa môžu iba používatelia s tagom uvedeným v tagoch aplikácie",
     "The application does not allow to sign up new account": "Aplikácia neumožňuje vytvoriť nový účet",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Formát prístupového tokenu",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Neočekávali ste, že uvidíte túto výzvu"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Prístupový kľúč",
     "Access secret": "Prístupové tajomstvo",
     "Access secret - Tooltip": "Prístupové tajomstvo",
+    "Access token is empty": "Access token is empty",
     "Action": "Akcia",
     "Adapter": "Adaptér",
     "Adapter - Tooltip": "Názov tabuľky úložiska pravidiel",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Poskytovatelia platieb na konfiguráciu, vrátane PayPal, Alipay, WeChat Pay atď.",
     "Providers": "Poskytovatelia",
     "Providers - Tooltip": "Poskytovatelia na konfiguráciu, vrátane prihlásenia cez tretie strany, ukladania objektov, overovacích kódov atď.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Skutočné meno",
     "Records": "Záznamy",
     "Request URI": "URI požiadavky",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Rozpoznávanie tváre",
     "Face recognition failed": "Zlyhalo rozpoznávanie tváre",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Nepodarilo sa získať autorizáciu MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Nepodarilo sa získať autorizáciu Web3-Onboard",
     "Forgot password?": "Zabudli ste heslo?",
@@ -831,6 +839,7 @@
     "Project Id": "ID projektu",
     "Project Id - Tooltip": "ID projektu",
     "Prompted": "Vyžiadané",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL poskytovateľa",
     "Provider URL - Tooltip": "URL na konfiguráciu poskytovateľa služby, toto pole sa používa len na referenciu a v Casdoor sa nepoužíva",
     "Public key": "Verejný kľúč",
@@ -950,6 +959,7 @@
     "Have account?": "Máte účet?",
     "Label": "Štítok",
     "Label HTML": "HTML štítok",
+    "Options": "Options",
     "Placeholder": "Miesto na vyplnenie",
     "Please accept the agreement!": "Prosím, akceptujte dohodu!",
     "Please click the below button to sign in": "Prosím, kliknite na nižšie uvedené tlačidlo na prihlásenie",

web/src/locales/sv/data.json

@@ -74,6 +74,7 @@
     "Left": "Left",
     "Logged in successfully": "Logged in successfully",
     "Logged out successfully": "Logged out successfully",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Real name",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Forgot password?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Have account?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Please accept the agreement!",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/tr/data.json

@@ -74,6 +74,7 @@
     "Left": "Sol",
     "Logged in successfully": "Başarıyla giriş yapıldı",
     "Logged out successfully": "Başarıyla çıkış yapıldı",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "New Application",
     "No verification": "No verification",
     "Normal": "Normal",
@@ -112,6 +113,7 @@
     "Signin session": "Signin session",
     "Signup items": "Signup items",
     "Signup items - Tooltip": "Items for users to fill in when registering new accounts",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "The application does not allow to sign up new account",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "The format of access token",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "You are unexpected to see this prompt page"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Action",
     "Adapter": "Adapter",
     "Adapter - Tooltip": "Table name of the policy store",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Payment providers to be configured, including PayPal, Alipay, WeChat Pay, etc.",
     "Providers": "Providers",
     "Providers - Tooltip": "Providers to be configured, including 3rd-party login, object storage, verification code, etc.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Gerçek isim",
     "Records": "Records",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Metamask yetkilendirmesi başarısız",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Şifrenizi mi unuttunuz?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Prompted",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Provider URL",
     "Provider URL - Tooltip": "URL for configuring the service provider, this field is only used for reference and is not used in Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Zaten bir hesabınız var mı?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Lütfen, kullanım koşullarını kabul ediniz",
     "Please click the below button to sign in": "Please click the below button to sign in",

web/src/locales/uk/data.json

@@ -74,6 +74,7 @@
     "Left": "Ліворуч",
     "Logged in successfully": "Успішно ввійшли",
     "Logged out successfully": "Успішно вийшов",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Нова заявка",
     "No verification": "Без підтвердження",
     "Normal": "нормальний",
@@ -112,6 +113,7 @@
     "Signin session": "Сеанс входу",
     "Signup items": "Пункти реєстрації",
     "Signup items - Tooltip": "Пункти, які користувачі повинні заповнити під час реєстрації нових облікових записів",
+    "Single Choice": "Single Choice",
     "Small icon": "Маленький значок",
     "Tags - Tooltip": "Увійти можуть лише користувачі з тегом, указаним у тегах програми",
     "The application does not allow to sign up new account": "Програма не дозволяє зареєструвати новий обліковий запис",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Формат маркера доступу",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Ви неочікувано побачите цю сторінку запиту"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Ключ доступу - підказка",
     "Access secret": "Секрет доступу",
     "Access secret - Tooltip": "Секрет доступу - підказка",
+    "Access token is empty": "Access token is empty",
     "Action": "Дія",
     "Adapter": "Перехідник",
     "Adapter - Tooltip": "Назва таблиці сховища полісів",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Платіжні постачальники, які потрібно налаштувати, зокрема PayPal, Alipay, WeChat Pay тощо.",
     "Providers": "Провайдери",
     "Providers - Tooltip": "Постачальники, які потрібно налаштувати, включаючи вхід сторонніх розробників, зберігання об’єктів, код підтвердження тощо.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Справжнє ім'я",
     "Records": "Записи",
     "Request URI": "URI запиту",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Розпізнавання обличчя",
     "Face recognition failed": "Помилка розпізнавання обличчя",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Не вдалося отримати авторизацію MetaMask",
     "Failed to obtain Web3-Onboard authorization": "Не вдалося отримати авторизацію Web3-Onboard",
     "Forgot password?": "Забули пароль?",
@@ -831,6 +839,7 @@
     "Project Id": "Ідентифікатор проекту",
     "Project Id - Tooltip": "Ідентифікатор проекту – підказка",
     "Prompted": "Запропоновано",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "URL-адреса постачальника",
     "Provider URL - Tooltip": "URL-адреса для налаштування постачальника послуг, це поле використовується лише для довідки та не використовується в Casdoor",
     "Public key": "Відкритий ключ",
@@ -950,6 +959,7 @@
     "Have account?": "Є акаунт?",
     "Label": "Мітка",
     "Label HTML": "Мітка HTML",
+    "Options": "Options",
     "Placeholder": "Заповнювач",
     "Please accept the agreement!": "Будь ласка, прийміть угоду!",
     "Please click the below button to sign in": "Натисніть кнопку нижче, щоб увійти",

web/src/locales/vi/data.json

@@ -74,6 +74,7 @@
     "Left": "Trái",
     "Logged in successfully": "Đăng nhập thành công",
     "Logged out successfully": "Đã đăng xuất thành công",
+    "Multiple Choices": "Multiple Choices",
     "New Application": "Ứng dụng mới",
     "No verification": "Không xác minh",
     "Normal": "Bình thường",
@@ -112,6 +113,7 @@
     "Signin session": "Phiên đăng nhập",
     "Signup items": "Các mục đăng ký",
     "Signup items - Tooltip": "Các thông tin cần được người dùng điền khi đăng ký tài khoản mới",
+    "Single Choice": "Single Choice",
     "Small icon": "Small icon",
     "Tags - Tooltip": "Only users with the tag that is listed in the application tags can login",
     "The application does not allow to sign up new account": "Ứng dụng không cho phép đăng ký tài khoản mới",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Định dạng của mã thông báo truy cập",
     "Token signing method": "Token signing method",
     "Token signing method - Tooltip": "Signing method of JWT token, needs to be the same algorithm as the certificate",
+    "Use Email as NameID": "Use Email as NameID",
+    "Use Email as NameID - Tooltip": "Use Email as NameID - Tooltip",
     "You are unexpected to see this prompt page": "Bạn không mong đợi thấy trang này hiện lên"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "Access key - Tooltip",
     "Access secret": "Access secret",
     "Access secret - Tooltip": "Access secret - Tooltip",
+    "Access token is empty": "Access token is empty",
     "Action": "Hành động",
     "Adapter": "Bộ chuyển đổi",
     "Adapter - Tooltip": "Tên bảng của kho lưu trữ chính sách",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "Cung cấp thanh toán được cấu hình, bao gồm PayPal, Alipay, WeChat Pay, vv.",
     "Providers": "Nhà cung cấp",
     "Providers - Tooltip": "Các nhà cung cấp phải được cấu hình, bao gồm đăng nhập bên thứ ba, lưu trữ đối tượng, mã xác minh, v.v.",
+    "QR Code": "QR Code",
+    "QR code is too large": "QR code is too large",
     "Real name": "Tên thật",
     "Records": "Hồ sơ",
     "Request URI": "Request URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "Face Recognition",
     "Face recognition failed": "Face recognition failed",
+    "Failed to log out": "Failed to log out",
     "Failed to obtain MetaMask authorization": "Failed to obtain MetaMask authorization",
     "Failed to obtain Web3-Onboard authorization": "Failed to obtain Web3-Onboard authorization",
     "Forgot password?": "Quên mật khẩu?",
@@ -831,6 +839,7 @@
     "Project Id": "Project Id",
     "Project Id - Tooltip": "Project Id - Tooltip",
     "Prompted": "Thúc đẩy",
+    "Provider - Tooltip": "Provider - Tooltip",
     "Provider URL": "Địa chỉ URL nhà cung cấp",
     "Provider URL - Tooltip": "URL để cấu hình nhà cung cấp dịch vụ, trường này chỉ được sử dụng để tham khảo và không được sử dụng trong Casdoor",
     "Public key": "Public key",
@@ -950,6 +959,7 @@
     "Have account?": "Có tài khoản không?",
     "Label": "Label",
     "Label HTML": "Label HTML",
+    "Options": "Options",
     "Placeholder": "Placeholder",
     "Please accept the agreement!": "Vui lòng chấp nhận thỏa thuận!",
     "Please click the below button to sign in": "Xin vui lòng nhấn vào nút bên dưới để đăng nhập",

web/src/locales/zh/data.json

@@ -74,6 +74,7 @@
     "Left": "居左",
     "Logged in successfully": "登录成功",
     "Logged out successfully": "登出成功",
+    "Multiple Choices": "多选",
     "New Application": "添加应用",
     "No verification": "不校验",
     "Normal": "标准",
@@ -112,6 +113,7 @@
     "Signin session": "保持登录会话",
     "Signup items": "注册项",
     "Signup items - Tooltip": "注册用户注册时需要填写的项目",
+    "Single Choice": "单选",
     "Small icon": "小图标",
     "Tags - Tooltip": "用户的标签在应用的标签集合中时，用户才可以登录该应用",
     "The application does not allow to sign up new account": "该应用不允许注册新账户",
@@ -123,6 +125,8 @@
     "Token format - Tooltip": "Access Token格式",
     "Token signing method": "Token签名算法",
     "Token signing method - Tooltip": "JWT token的签名算法，需要与证书算法相匹配",
+    "Use Email as NameID": "使用邮箱作为NameID",
+    "Use Email as NameID - Tooltip": "使用邮箱作为NameID - Tooltip",
     "You are unexpected to see this prompt page": "错误：该提醒页面不应出现"
   },
   "cert": {
@@ -179,6 +183,7 @@
     "Access key - Tooltip": "访问密钥",
     "Access secret": "访问密码",
     "Access secret - Tooltip": "访问密码",
+    "Access token is empty": "Access token为空",
     "Action": "操作",
     "Adapter": "适配器",
     "Adapter - Tooltip": "策略存储的表名",
@@ -334,6 +339,8 @@
     "Provider - Tooltip": "需要配置的支付提供商，包括PayPal、支付宝、微信支付等",
     "Providers": "提供商",
     "Providers - Tooltip": "需要配置的提供商，包括第三方登录、对象存储、验证码等",
+    "QR Code": "QR Code",
+    "QR code is too large": "二维码过大",
     "Real name": "姓名",
     "Records": "日志",
     "Request URI": "请求URI",
@@ -478,6 +485,7 @@
     "Face ID": "Face ID",
     "Face Recognition": "人脸识别",
     "Face recognition failed": "人脸识别失败",
+    "Failed to log out": "注销失败",
     "Failed to obtain MetaMask authorization": "获取MetaMask授权失败",
     "Failed to obtain Web3-Onboard authorization": "获取 Web3-Onboard 授权失败",
     "Forgot password?": "忘记密码？",
@@ -831,6 +839,7 @@
     "Project Id": "项目 Id",
     "Project Id - Tooltip": "项目 Id - 工具提示",
     "Prompted": "注册后提醒绑定",
+    "Provider - Tooltip": "提供商 - Tooltip",
     "Provider URL": "提供商URL",
     "Provider URL - Tooltip": "提供商网址配置对应的URL，该字段仅用来方便跳转，在Casdoor平台中未使用",
     "Public key": "公钥",
@@ -950,6 +959,7 @@
     "Have account?": "已有账号？",
     "Label": "标签",
     "Label HTML": "标签HTML",
+    "Options": "选项",
     "Placeholder": "占位符",
     "Please accept the agreement!": "请先同意用户协议！",
     "Please click the below button to sign in": "请点击下方按钮登录",

web/src/table/MfaAccountTable.js

@@ -14,7 +14,7 @@
 
 import React from "react";
 import {DeleteOutlined, DownOutlined, UpOutlined} from "@ant-design/icons";
-import {Button, Col, Image, Input, Row, Table, Tooltip} from "antd";
+import {Alert, Button, Col, Image, Input, Popover, QRCode, Row, Table, Tooltip} from "antd";
 import * as Setting from "../Setting";
 import i18next from "i18next";
 
@@ -23,6 +23,7 @@ class MfaAccountTable extends React.Component {
     super(props);
     this.state = {
       classes: props,
+      icon: this.props.icon,
       mfaAccounts: this.props.table !== null ? this.props.table.map((item, index) => {
         item.key = index;
         return item;
@@ -75,6 +76,42 @@ class MfaAccountTable extends React.Component {
     this.updateTable(table);
   }
 
+  getQrUrl() {
+    const {accessToken} = this.props;
+    let qrUrl = `casdoor-app://login?serverUrl=${window.location.origin}&accessToken=${accessToken}`;
+    let error = null;
+
+    if (!accessToken) {
+      qrUrl = "";
+      error = i18next.t("general:Access token is empty");
+    }
+
+    if (qrUrl.length >= 2000) {
+      qrUrl = "";
+      error = i18next.t("general:QR code is too large");
+    }
+
+    return {qrUrl, error};
+  }
+
+  renderQrCode() {
+    const {qrUrl, error} = this.getQrUrl();
+
+    if (error) {
+      return <Alert message={error} type="error" showIcon />;
+    } else {
+      return (
+        <QRCode
+          value={qrUrl}
+          icon={this.state.icon}
+          errorLevel="M"
+          size={230}
+          bordered={false}
+        />
+      );
+    }
+  }
+
   renderTable(table) {
     const columns = [
       {
@@ -157,7 +194,11 @@ class MfaAccountTable extends React.Component {
         title={() => (
           <div>
             {this.props.title}&nbsp;&nbsp;&nbsp;&nbsp;
-            <Button style={{marginRight: "5px"}} type="primary" size="small" onClick={() => this.addRow(table)}>{i18next.t("general:Add")}</Button>
+            <Button style={{marginRight: "10px"}} type="primary" size="small" onClick={() => this.addRow(table)}>{i18next.t("general:Add")}</Button>
+            <Popover trigger="focus" overlayInnerStyle={{padding: 0}}
+              content={this.renderQrCode()}>
+              <Button style={{marginLeft: "5px"}} type="primary" size="small">{i18next.t("general:QR Code")}</Button>
+            </Popover>
           </div>
         )}
       />

web/src/table/SigninMethodTable.js

@@ -136,6 +136,7 @@ class SigninMethodTable extends React.Component {
             options = [
               {id: "All", name: i18next.t("general:All")},
               {id: "Non-LDAP", name: i18next.t("general:Non-LDAP")},
+              {id: "Hide-Password", name: i18next.t("general:Hide-Password")},
             ];
           }
 

web/src/table/SignupTable.js

@@ -65,7 +65,7 @@ class SignupTable extends React.Component {
   }
 
   addRow(table) {
-    const row = {name: Setting.getNewRowNameForTable(table, "Please select a signup item"), visible: true, required: true, rule: "None", customCss: ""};
+    const row = {name: Setting.getNewRowNameForTable(table, "Please select a signup item"), visible: true, required: true, options: [], rule: "None", customCss: ""};
     if (table === undefined) {
       table = [];
     }
@@ -100,6 +100,10 @@ class SignupTable extends React.Component {
             {name: "ID", displayName: i18next.t("general:ID")},
             {name: "Display name", displayName: i18next.t("general:Display name")},
             {name: "Affiliation", displayName: i18next.t("user:Affiliation")},
+            {name: "Gender", displayName: i18next.t("user:Gender")},
+            {name: "Bio", displayName: i18next.t("user:Bio")},
+            {name: "Tag", displayName: i18next.t("user:Tag")},
+            {name: "Education", displayName: i18next.t("user:Education")},
             {name: "Country/Region", displayName: i18next.t("user:Country/Region")},
             {name: "ID card", displayName: i18next.t("user:ID card")},
             {name: "Password", displayName: i18next.t("general:Password")},
@@ -201,6 +205,25 @@ class SignupTable extends React.Component {
           );
         },
       },
+      {
+        title: i18next.t("provider:Type"),
+        dataIndex: "type",
+        key: "type",
+        width: "160px",
+        render: (text, record, index) => {
+          const options = [
+            {id: "Input", name: i18next.t("application:Input")},
+            {id: "Single Choice", name: i18next.t("application:Single Choice")},
+            {id: "Multiple Choices", name: i18next.t("application:Multiple Choices")},
+          ];
+
+          return (
+            <Select virtual={false} style={{width: "100%"}} value={text} onChange={(value => {
+              this.updateField(table, index, "type", value);
+            })} options={options.map(item => Setting.getOption(item.name, item.id))} />
+          );
+        },
+      },
       {
         title: i18next.t("signup:Label"),
         dataIndex: "label",
@@ -261,7 +284,7 @@ class SignupTable extends React.Component {
         title: i18next.t("signup:Placeholder"),
         dataIndex: "placeholder",
         key: "placeholder",
-        width: "200px",
+        width: "110px",
         render: (text, record, index) => {
           if (record.name.startsWith("Text ")) {
             return null;
@@ -274,6 +297,26 @@ class SignupTable extends React.Component {
           );
         },
       },
+      {
+        title: i18next.t("signup:Options"),
+        dataIndex: "options",
+        key: "options",
+        width: "180px",
+        render: (text, record, index) => {
+          if (record.type !== "Single Choice" && record.type !== "Multiple Choices") {
+            return null;
+          }
+
+          return (
+            <Select virtual={false} mode="tags" style={{width: "100%"}} value={text}
+              onChange={(value => {
+                this.updateField(table, index, "options", value);
+              })}
+              options={text?.map((option) => Setting.getOption(option, option))}
+            />
+          );
+        },
+      },
       {
         title: i18next.t("signup:Regex"),
         dataIndex: "regex",

web/src/utils/modelLinter.js

@@ -1,42 +0,0 @@
-import {newModel} from "casbin";
-import "codemirror/lib/codemirror.css";
-import "codemirror/addon/lint/lint.css";
-import "codemirror/addon/lint/lint";
-
-export const checkModelSyntax = (modelText) => {
-  try {
-    const model = newModel(modelText);
-    if (!model.model.get("r") || !model.model.get("p") || !model.model.get("e")) {
-      throw new Error("Model is missing one or more required sections (r, p, or e)");
-    }
-    return null;
-  } catch (e) {
-    return e.message;
-  }
-};
-
-export const createLinter = (CodeMirror) => {
-  CodeMirror.registerHelper("lint", "properties", (text) => {
-    const error = checkModelSyntax(text);
-    if (error) {
-      const lineMatch = error.match(/line (\d+)/);
-      if (lineMatch) {
-        const lineNumber = parseInt(lineMatch[1], 10) - 1;
-        return [{
-          from: CodeMirror.Pos(lineNumber, 0),
-          to: CodeMirror.Pos(lineNumber, text.split("\n")[lineNumber].length),
-          message: error,
-          severity: "error",
-        }];
-      } else {
-        return [{
-          from: CodeMirror.Pos(0, 0),
-          to: CodeMirror.Pos(text.split("\n").length - 1),
-          message: error,
-          severity: "error",
-        }];
-      }
-    }
-    return [];
-  });
-};

web/yarn.lock

@@ -1442,41 +1442,6 @@
   resolved "https://registry.yarnpkg.com/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz#75a2e8b51cb758a7553d6804a5932d7aace75c39"
   integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
 
-"@codemirror/language@^6.10.2":
-  version "6.10.2"
-  resolved "https://registry.yarnpkg.com/@codemirror/language/-/language-6.10.2.tgz#4056dc219619627ffe995832eeb09cea6060be61"
-  integrity sha512-kgbTYTo0Au6dCSc/TFy7fK3fpJmgHDv1sG1KNQKJXVi+xBTEeBPY/M30YXiU6mMXeH+YIDLsbrT4ZwNRdtF+SA==
-  dependencies:
-    "@codemirror/state" "^6.0.0"
-    "@codemirror/view" "^6.23.0"
-    "@lezer/common" "^1.1.0"
-    "@lezer/highlight" "^1.0.0"
-    "@lezer/lr" "^1.0.0"
-    style-mod "^4.0.0"
-
-"@codemirror/lint@^6.8.1":
-  version "6.8.1"
-  resolved "https://registry.yarnpkg.com/@codemirror/lint/-/lint-6.8.1.tgz#6427848815baaf68c08e98c7673b804d3d8c0e7f"
-  integrity sha512-IZ0Y7S4/bpaunwggW2jYqwLuHj0QtESf5xcROewY6+lDNwZ/NzvR4t+vpYgg9m7V8UXLPYqG+lu3DF470E5Oxg==
-  dependencies:
-    "@codemirror/state" "^6.0.0"
-    "@codemirror/view" "^6.0.0"
-    crelt "^1.0.5"
-
-"@codemirror/state@^6.0.0", "@codemirror/state@^6.4.0", "@codemirror/state@^6.4.1":
-  version "6.4.1"
-  resolved "https://registry.yarnpkg.com/@codemirror/state/-/state-6.4.1.tgz#da57143695c056d9a3c38705ed34136e2b68171b"
-  integrity sha512-QkEyUiLhsJoZkbumGZlswmAhA7CBU02Wrz7zvH4SrcifbsqwlXShVXg65f3v/ts57W3dqyamEriMhij1Z3Zz4A==
-
-"@codemirror/view@^6.0.0", "@codemirror/view@^6.23.0", "@codemirror/view@^6.33.0":
-  version "6.33.0"
-  resolved "https://registry.yarnpkg.com/@codemirror/view/-/view-6.33.0.tgz#51e270410fc3af92a6e38798e80ebf8add7dc3ec"
-  integrity sha512-AroaR3BvnjRW8fiZBalAaK+ZzB5usGgI014YKElYZvQdNH5ZIidHlO+cyf/2rWzyBFRkvG6VhiXeAEbC53P2YQ==
-  dependencies:
-    "@codemirror/state" "^6.4.0"
-    style-mod "^4.1.0"
-    w3c-keyname "^2.2.4"
-
 "@coinbase/wallet-sdk@^3.7.1":
   version "3.7.1"
   resolved "https://registry.yarnpkg.com/@coinbase/wallet-sdk/-/wallet-sdk-3.7.1.tgz#44b3b7a925ff5cc974e4cbf7a44199ffdcf03541"
@@ -3334,25 +3299,6 @@
   resolved "https://registry.yarnpkg.com/@leichtgewicht/ip-codec/-/ip-codec-2.0.4.tgz#b2ac626d6cb9c8718ab459166d4bb405b8ffa78b"
   integrity sha512-Hcv+nVC0kZnQ3tD9GVu5xSMR4VVYOteQIr/hwFPVEvPdlXqgGEuRjiheChHgdM+JyqdgNcmzZOX/tnl0JOiI7A==
 
-"@lezer/common@^1.0.0", "@lezer/common@^1.1.0":
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/@lezer/common/-/common-1.2.1.tgz#198b278b7869668e1bebbe687586e12a42731049"
-  integrity sha512-yemX0ZD2xS/73llMZIK6KplkjIjf2EvAHcinDi/TfJ9hS25G0388+ClHt6/3but0oOxinTcQHJLDXh6w1crzFQ==
-
-"@lezer/highlight@^1.0.0":
-  version "1.2.1"
-  resolved "https://registry.yarnpkg.com/@lezer/highlight/-/highlight-1.2.1.tgz#596fa8f9aeb58a608be0a563e960c373cbf23f8b"
-  integrity sha512-Z5duk4RN/3zuVO7Jq0pGLJ3qynpxUVsh7IbUbGj88+uV2ApSAn6kWg2au3iJb+0Zi7kKtqffIESgNcRXWZWmSA==
-  dependencies:
-    "@lezer/common" "^1.0.0"
-
-"@lezer/lr@^1.0.0":
-  version "1.4.2"
-  resolved "https://registry.yarnpkg.com/@lezer/lr/-/lr-1.4.2.tgz#931ea3dea8e9de84e90781001dae30dea9ff1727"
-  integrity sha512-pu0K1jCIdnQ12aWNaAVU5bzi7Bd1w54J3ECgANPmYLtQKP0HBj2cE/5coBD66MT10xbtIuUr7tg0Shbsvk0mDA==
-  dependencies:
-    "@lezer/common" "^1.0.0"
-
 "@metamask/eth-sig-util@^6.0.0":
   version "6.0.0"
   resolved "https://registry.yarnpkg.com/@metamask/eth-sig-util/-/eth-sig-util-6.0.0.tgz#083321dc7285a9aa6e066db7c49be6e94c5e03a3"
@@ -5174,11 +5120,6 @@ available-typed-arrays@^1.0.5:
   resolved "https://registry.yarnpkg.com/available-typed-arrays/-/available-typed-arrays-1.0.5.tgz#92f95616501069d07d10edb2fc37d3e1c65123b7"
   integrity sha512-DMD0KiN46eipeziST1LPP/STfDU0sufISXmjSgvVsoU2tqxctQeASejWcfNtxYKqETM1UxQ8sp2OrSBWpHY6sw==
 
-await-lock@^2.0.1:
-  version "2.2.2"
-  resolved "https://registry.yarnpkg.com/await-lock/-/await-lock-2.2.2.tgz#a95a9b269bfd2f69d22b17a321686f551152bcef"
-  integrity sha512-aDczADvlvTGajTDjcjpJMqRkOF6Qdz3YbPZm/PyW6tKPkx2hlYBzxMhEywM/tU72HrVZjgl5VCdRuMlA7pZ8Gw==
-
 aws-sign2@~0.7.0:
   version "0.7.0"
   resolved "https://registry.yarnpkg.com/aws-sign2/-/aws-sign2-0.7.0.tgz#b46e890934a9591f2d2f6f86d7e6a9f1b3fe76a8"
@@ -5682,17 +5623,6 @@ caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001464, caniuse-lite@^1.0.30001503:
   resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001507.tgz#fae53f6286e7564783eadea9b447819410a59534"
   integrity sha512-SFpUDoSLCaE5XYL2jfqe9ova/pbQHEmbheDf5r4diNwbAgR3qxM9NQtfsiSscjqoya5K7kFcHPUQ+VsUkIJR4A==
 
-casbin@^5.30.0:
-  version "5.30.0"
-  resolved "https://registry.yarnpkg.com/casbin/-/casbin-5.30.0.tgz#819019348ead1cfd923fbab93772ad188da342cd"
-  integrity sha512-GDc8sImStd+ddBVBfLpe5fJPBWRjeEaz7fkiAGuw0+LTHF2TVvVsMALIMOx+ofzQhm+EHCH7mfiJsrS1Kgef2w==
-  dependencies:
-    await-lock "^2.0.1"
-    buffer "^6.0.3"
-    csv-parse "^5.3.5"
-    expression-eval "^5.0.0"
-    minimatch "^7.4.2"
-
 case-sensitive-paths-webpack-plugin@^2.4.0:
   version "2.4.0"
   resolved "https://registry.yarnpkg.com/case-sensitive-paths-webpack-plugin/-/case-sensitive-paths-webpack-plugin-2.4.0.tgz#db64066c6422eed2e08cc14b986ca43796dbc6d4"
@@ -5881,10 +5811,10 @@ coa@^2.0.2:
     chalk "^2.4.1"
     q "^1.1.2"
 
-codemirror@5:
-  version "5.65.17"
-  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.65.17.tgz#00d71f34c3518471ae4c0de23a2f8bb39a6df6ca"
-  integrity sha512-1zOsUx3lzAOu/gnMAZkQ9kpIHcPYOc9y1Fbm2UVk5UBPkdq380nhkelG0qUwm1f7wPvTbndu9ZYlug35EwAZRQ==
+codemirror@^5.61.1:
+  version "5.65.13"
+  resolved "https://registry.yarnpkg.com/codemirror/-/codemirror-5.65.13.tgz#c098a6f409db8b5a7c5722788bd9fa3bb2367f2e"
+  integrity sha512-SVWEzKXmbHmTQQWaz03Shrh4nybG0wXx2MEu3FO4ezbPW8IbnZEd5iGHGEffSUaitKYa3i+pHpBsSvw8sPHtzg==
 
 collect-v8-coverage@^1.0.0:
   version "1.0.1"
@@ -6138,11 +6068,6 @@ create-require@^1.1.0:
   resolved "https://registry.yarnpkg.com/create-require/-/create-require-1.1.1.tgz#c1d7e8f1e5f6cfc9ff65f9cd352d37348756c333"
   integrity sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==
 
-crelt@^1.0.5:
-  version "1.0.6"
-  resolved "https://registry.yarnpkg.com/crelt/-/crelt-1.0.6.tgz#7cc898ea74e190fb6ef9dae57f8f81cf7302df72"
-  integrity sha512-VQ2MBenTq1fWZUH9DJNGti7kKv6EeAuYr3cLwxUWhIu1baTaXh4Ib5W2CqHVqib4/MqbYGJqiL3Zb8GJZr3l4g==
-
 cropperjs@^1.5.13:
   version "1.5.13"
   resolved "https://registry.yarnpkg.com/cropperjs/-/cropperjs-1.5.13.tgz#eb1682f01d17c70ed5244317091d745c9a249ef8"
@@ -6176,6 +6101,11 @@ crypto-es@^1.2.2:
   resolved "https://registry.yarnpkg.com/crypto-es/-/crypto-es-1.2.7.tgz#754a6d52319a94fb4eb1f119297f17196b360f88"
   integrity sha512-UUqiVJ2gUuZFmbFsKmud3uuLcNP2+Opt+5ysmljycFCyhA0+T16XJmo1ev/t5kMChMqWh7IEvURNCqsg+SjZGQ==
 
+crypto-js@^4.2.0:
+  version "4.2.0"
+  resolved "https://registry.yarnpkg.com/crypto-js/-/crypto-js-4.2.0.tgz#4d931639ecdfd12ff80e8186dba6af2c2e856631"
+  integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==
+
 crypto-random-string@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-2.0.0.tgz#ef2a7a966ec11083388369baa02ebead229b30d5"
@@ -6405,11 +6335,6 @@ csstype@^3.0.10, csstype@^3.0.2:
   resolved "https://registry.yarnpkg.com/csstype/-/csstype-3.1.2.tgz#1d4bf9d572f11c14031f0436e1c10bc1f571f50b"
   integrity sha512-I7K1Uu0MBPzaFKg4nI5Q7Vs2t+3gWWW648spaF+Rg7pI9ds18Ugn+lvg4SHczUdKlHI5LWBXyqfS8+DufyBsgQ==
 
-csv-parse@^5.3.5:
-  version "5.5.6"
-  resolved "https://registry.yarnpkg.com/csv-parse/-/csv-parse-5.5.6.tgz#0d726d58a60416361358eec291a9f93abe0b6b1a"
-  integrity sha512-uNpm30m/AGSkLxxy7d9yRXpJQFrZzVWLFBkS+6ngPcZkw/5k3L/jjFuj7tVnEpRn+QgmiXr21nDlhCiUK4ij2A==
-
 cypress@^12.5.1:
   version "12.15.0"
   resolved "https://registry.yarnpkg.com/cypress/-/cypress-12.15.0.tgz#06103529583c41f39712c6cfa6d9d09a01731760"
@@ -7781,13 +7706,6 @@ express@^4.17.3:
     utils-merge "1.0.1"
     vary "~1.1.2"
 
-expression-eval@^5.0.0:
-  version "5.0.1"
-  resolved "https://registry.yarnpkg.com/expression-eval/-/expression-eval-5.0.1.tgz#845758fa9ba64d9edc7b6804ae404934a6cfee6b"
-  integrity sha512-7SL4miKp19lI834/F6y156xlNg+i9Q41tteuGNCq9C06S78f1bm3BXuvf0+QpQxv369Pv/P2R7Hb17hzxLpbDA==
-  dependencies:
-    jsep "^0.3.0"
-
 ext@^1.1.2:
   version "1.7.0"
   resolved "https://registry.yarnpkg.com/ext/-/ext-1.7.0.tgz#0ea4383c0103d60e70be99e9a7f11027a33c4f5f"
@@ -9823,11 +9741,6 @@ jsdom@^16.6.0:
     ws "^7.4.6"
     xml-name-validator "^3.0.0"
 
-jsep@^0.3.0:
-  version "0.3.5"
-  resolved "https://registry.yarnpkg.com/jsep/-/jsep-0.3.5.tgz#3fd79ebd92f6f434e4857d5272aaeef7d948264d"
-  integrity sha512-AoRLBDc6JNnKjNcmonituEABS5bcfqDhQAWWXNTFrqu6nVXBpBAGfcoTGZMFlIrh9FjmE1CQyX9CTNwZrXMMDA==
-
 jsesc@^2.5.1:
   version "2.5.2"
   resolved "https://registry.yarnpkg.com/jsesc/-/jsesc-2.5.2.tgz#80564d2e483dacf6e8ef209650a67df3f0c283a4"
@@ -10463,13 +10376,6 @@ minimatch@^5.0.1:
   dependencies:
     brace-expansion "^2.0.1"
 
-minimatch@^7.4.2:
-  version "7.4.6"
-  resolved "https://registry.yarnpkg.com/minimatch/-/minimatch-7.4.6.tgz#845d6f254d8f4a5e4fd6baf44d5f10c8448365fb"
-  integrity sha512-sBz8G/YjVniEz6lKPNpKxXwazJe4c19fEfV2GDMX6AjFz+MX9uDWIZW8XreVhkFW3fkIdTv/gxWr/Kks5FFAVw==
-  dependencies:
-    brace-expansion "^2.0.1"
-
 minimist-options@4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/minimist-options/-/minimist-options-4.1.0.tgz#c0655713c53a8a2ebd77ffa247d342c40f010619"
@@ -13778,11 +13684,6 @@ style-loader@^3.3.1:
   resolved "https://registry.yarnpkg.com/style-loader/-/style-loader-3.3.3.tgz#bba8daac19930169c0c9c96706749a597ae3acff"
   integrity sha512-53BiGLXAcll9maCYtZi2RCQZKa8NQQai5C4horqKyRmHj9H7QmcUyucrH+4KW/gBQbXM2AsB0axoEcFZPlfPcw==
 
-style-mod@^4.0.0, style-mod@^4.1.0:
-  version "4.1.2"
-  resolved "https://registry.yarnpkg.com/style-mod/-/style-mod-4.1.2.tgz#ca238a1ad4786520f7515a8539d5a63691d7bf67"
-  integrity sha512-wnD1HyVqpJUI2+eKZ+eo1UwghftP6yuFheBqqe+bWCotBjC2K1YnteJILRMs3SM4V/0dLEW1SC27MWP5y+mwmw==
-
 style-search@^0.1.0:
   version "0.1.0"
   resolved "https://registry.yarnpkg.com/style-search/-/style-search-0.1.0.tgz#7958c793e47e32e07d2b5cafe5c0bf8e12e77902"
@@ -14690,11 +14591,6 @@ w3c-hr-time@^1.0.2:
   dependencies:
     browser-process-hrtime "^1.0.0"
 
-w3c-keyname@^2.2.4:
-  version "2.2.8"
-  resolved "https://registry.yarnpkg.com/w3c-keyname/-/w3c-keyname-2.2.8.tgz#7b17c8c6883d4e8b86ac8aba79d39e880f8869c5"
-  integrity sha512-dpojBhNsCNN7T82Tm7k26A6G9ML3NkhDsnw9n/eoxSRlVBB4CEtIQ/KTCLI2Fwf3ataSXRhYFkQi3SlnFwPvPQ==
-
 w3c-xmlserializer@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/w3c-xmlserializer/-/w3c-xmlserializer-2.0.0.tgz#3e7104a05b75146cc60f564380b7f683acf1020a"