feat: add the missing userId param docs for get-user API (#1698)

* Add roles to SAML response

* Fix: Add back missing get-user userId param doc.

Signed-off-by: zzjin <tczzjin@gmail.com>

* Update user.go

---------

Signed-off-by: zzjin <tczzjin@gmail.com>
Co-authored-by: Yang Luo <hsluoyz@qq.com>

controllers/user.go

@@ -84,6 +84,7 @@ func (c *ApiController) GetUsers() {
 // @Param   owner  query    string  false        "The owner of the user"
 // @Param   email  query    string  false 	     "The email of the user"
 // @Param   phone  query    string  false 	     "The phone of the user"
+// @Param   userId query    string  false 	     "The userId of the user"
 // @Success 200 {object} object.User The Response object
 // @router /get-user [get]
 func (c *ApiController) GetUser() {

idp/casdoor.go

@@ -108,8 +108,8 @@ func (idp *CasdoorIdProvider) GetToken(code string) (*oauth2.Token, error) {
 
 type CasdoorUserInfo struct {
 	Id          string `json:"sub"`
-	Name        string `json:"name"`
-	DisplayName string `json:"preferred_username"`
+	Name        string `json:"preferred_username,omitempty"`
+	DisplayName string `json:"name"`
 	Email       string `json:"email"`
 	AvatarUrl   string `json:"picture"`
 	Status      string `json:"status"`

idp/custom.go

@@ -61,8 +61,8 @@ func (idp *CustomIdProvider) GetToken(code string) (*oauth2.Token, error) {
 
 type CustomUserInfo struct {
 	Id          string `json:"sub"`
-	Name        string `json:"name"`
-	DisplayName string `json:"preferred_username"`
+	Name        string `json:"preferred_username,omitempty"`
+	DisplayName string `json:"name"`
 	Email       string `json:"email"`
 	AvatarUrl   string `json:"picture"`
 	Status      string `json:"status"`

object/saml_idp.go

@@ -86,19 +86,30 @@ func NewSamlResponse(user *User, host string, certificate string, destination st
 	authnStatement.CreateElement("saml:AuthnContext").CreateElement("saml:AuthnContextClassRef").SetText("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport")
 
 	attributes := assertion.CreateElement("saml:AttributeStatement")
+
 	email := attributes.CreateElement("saml:Attribute")
 	email.CreateAttr("Name", "Email")
 	email.CreateAttr("NameFormat", "urn:oasis:names:tc:SAML:2.0:attrname-format:basic")
 	email.CreateElement("saml:AttributeValue").CreateAttr("xsi:type", "xs:string").Element().SetText(user.Email)
+
 	name := attributes.CreateElement("saml:Attribute")
 	name.CreateAttr("Name", "Name")
 	name.CreateAttr("NameFormat", "urn:oasis:names:tc:SAML:2.0:attrname-format:basic")
 	name.CreateElement("saml:AttributeValue").CreateAttr("xsi:type", "xs:string").Element().SetText(user.Name)
+
 	displayName := attributes.CreateElement("saml:Attribute")
 	displayName.CreateAttr("Name", "DisplayName")
 	displayName.CreateAttr("NameFormat", "urn:oasis:names:tc:SAML:2.0:attrname-format:basic")
 	displayName.CreateElement("saml:AttributeValue").CreateAttr("xsi:type", "xs:string").Element().SetText(user.DisplayName)
 
+	roles := attributes.CreateElement("saml:Attribute")
+	roles.CreateAttr("Name", "Roles")
+	roles.CreateAttr("NameFormat", "urn:oasis:names:tc:SAML:2.0:attrname-format:basic")
+	ExtendUserWithRolesAndPermissions(user)
+	for _, role := range user.Roles {
+		roles.CreateElement("saml:AttributeValue").CreateAttr("xsi:type", "xs:string").Element().SetText(role.Name)
+	}
+
 	return samlResponse, nil
 }
 

object/token.go

@@ -51,7 +51,7 @@ type Token struct {
 	Organization string `xorm:"varchar(100)" json:"organization"`
 	User         string `xorm:"varchar(100)" json:"user"`
 
-	Code          string `xorm:"varchar(100)" json:"code"`
+	Code          string `xorm:"varchar(100) index" json:"code"`
 	AccessToken   string `xorm:"mediumtext" json:"accessToken"`
 	RefreshToken  string `xorm:"mediumtext" json:"refreshToken"`
 	ExpiresIn     int    `json:"expiresIn"`
@@ -362,7 +362,8 @@ func GetOAuthToken(grantType string, clientId string, clientSecret string, code
 	}
 
 	token.CodeIsUsed = true
-	updateUsedByCode(token)
+	go updateUsedByCode(token)
+
 	tokenWrapper := &TokenWrapper{
 		AccessToken:  token.AccessToken,
 		IdToken:      token.AccessToken,

swagger/swagger.json

@@ -2171,6 +2171,12 @@
                         "name": "phone",
                         "description": "The phone of the user",
                         "type": "string"
+                    },
+                    {
+                        "in": "query",
+                        "name": "userId",
+                        "description": "The userId of the user",
+                        "type": "string"
                     }
                 ],
                 "responses": {
@@ -3638,11 +3644,11 @@
         }
     },
     "definitions": {
-        "2306.0xc0000a7410.false": {
+        "2306.0xc0003a4480.false": {
             "title": "false",
             "type": "object"
         },
-        "2340.0xc0000a7440.false": {
+        "2340.0xc0003a44b0.false": {
             "title": "false",
             "type": "object"
         },
@@ -3776,10 +3782,10 @@
             "type": "object",
             "properties": {
                 "data": {
-                    "$ref": "#/definitions/2306.0xc0000a7410.false"
+                    "$ref": "#/definitions/2306.0xc0003a4480.false"
                 },
                 "data2": {
-                    "$ref": "#/definitions/2340.0xc0000a7440.false"
+                    "$ref": "#/definitions/2340.0xc0003a44b0.false"
                 },
                 "msg": {
                     "type": "string"

swagger/swagger.yml

@@ -1417,6 +1417,10 @@ paths:
         name: phone
         description: The phone of the user
         type: string
+      - in: query
+        name: userId
+        description: The userId of the user
+        type: string
       responses:
         "200":
           description: The Response object
@@ -2381,10 +2385,10 @@ paths:
           schema:
             $ref: '#/definitions/Response'
 definitions:
-  2306.0xc0000a7410.false:
+  2306.0xc0003a4480.false:
     title: "false"
     type: object
-  2340.0xc0000a7440.false:
+  2340.0xc0003a44b0.false:
     title: "false"
     type: object
   LaravelResponse:
@@ -2476,9 +2480,9 @@ definitions:
     type: object
     properties:
       data:
-        $ref: '#/definitions/2306.0xc0000a7410.false'
+        $ref: '#/definitions/2306.0xc0003a4480.false'
       data2:
-        $ref: '#/definitions/2340.0xc0000a7440.false'
+        $ref: '#/definitions/2340.0xc0003a44b0.false'
       msg:
         type: string
       name:

web/src/auth/SignupPage.js

@@ -386,11 +386,11 @@ class SignupPage extends React.Component {
                   },
                   ({getFieldValue}) => ({
                     validator: (_, value) => {
-                      if (!required && value === "") {
+                      if (!required && !value) {
                         return Promise.resolve();
                       }
 
-                      if (value !== "" && !Setting.isValidPhone(value, getFieldValue("countryCode"))) {
+                      if (value && !Setting.isValidPhone(value, getFieldValue("countryCode"))) {
                         this.setState({validPhone: false});
                         return Promise.reject(i18next.t("signup:The input is not valid Phone!"));
                       }