fix: crowdin kept deleting translations (#843 )

Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>
fix: Update Crowdin link (#841 )
2025-07-23 06:23:22 +08:00 · 2022-07-01 10:51:40 +08:00 · 2022-06-30 22:05:20 +08:00 · 2022-06-30 21:29:02 +08:00 · 2022-06-29 23:21:18 +08:00 · 2022-06-29 22:01:38 +08:00
55 changed files with 2004 additions and 405 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -114,6 +114,7 @@ jobs:
        uses: docker/build-push-action@v2
        if: github.repository == 'casdoor/casdoor' && github.event_name == 'push' && steps.should_push.outputs.push=='true'
        with:
+          target: STANDARD
          push: true
          tags: casbin/casdoor:${{steps.get-current-tag.outputs.tag }},casbin/casdoor:latest

--- a/62
+++ b/62
@ -1,8 +1,3 @@
-FROM golang:1.17.5 AS BACK
-WORKDIR /go/src/casdoor
-COPY . .
-RUN ./build.sh && apt update && apt install wait-for-it && chmod +x /usr/bin/wait-for-it
-
 FROM node:16.13.0 AS FRONT
 WORKDIR /web
 COPY ./web .
@ -10,28 +5,43 @@ RUN yarn config set registry https://registry.npmmirror.com
 RUN yarn install && yarn run build


-FROM debian:latest AS ALLINONE
-RUN apt update
-RUN apt install -y ca-certificates && update-ca-certificates
-RUN apt install -y mariadb-server mariadb-client && mkdir -p web/build && chmod 777 /tmp
-LABEL MAINTAINER="https://casdoor.org/"
-COPY --from=BACK /go/src/casdoor/ ./
-COPY --from=BACK /usr/bin/wait-for-it ./
-COPY --from=FRONT /web/build /web/build
-CMD chmod 777 /tmp && service mariadb start&&\
-if [ "${MYSQL_ROOT_PASSWORD}" = "" ] ;then MYSQL_ROOT_PASSWORD=123456 ; fi&&\
-mysqladmin -u root password ${MYSQL_ROOT_PASSWORD} &&\
-./wait-for-it localhost:3306 -- ./server --createDatabase=true
+FROM golang:1.17.5 AS BACK
+WORKDIR /go/src/casdoor
+COPY . .
+RUN ./build.sh


-FROM alpine:latest
-RUN sed -i 's/https/http/' /etc/apk/repositories
-RUN apk add curl
-RUN apk add ca-certificates && update-ca-certificates
+FROM alpine:latest AS STANDARD
 LABEL MAINTAINER="https://casdoor.org/"

-COPY --from=BACK /go/src/casdoor/ ./
-COPY --from=BACK /usr/bin/wait-for-it ./
-RUN mkdir -p web/build && apk add --no-cache bash coreutils
-COPY --from=FRONT /web/build /web/build
-CMD  ./server
+WORKDIR /app
+COPY --from=BACK /go/src/casdoor/server ./server
+COPY --from=BACK /go/src/casdoor/swagger ./swagger
+COPY --from=BACK /go/src/casdoor/conf/app.conf ./conf/app.conf
+COPY --from=FRONT /web/build ./web/build
+VOLUME /app/files /app/logs
+ENTRYPOINT ["/app/server"]
+
+
+FROM debian:latest AS db
+RUN apt update \
+    && apt install -y \
+        mariadb-server \
+        mariadb-client \
+    && rm -rf /var/lib/apt/lists/*
+
+
+FROM db AS ALLINONE
+LABEL MAINTAINER="https://casdoor.org/"
+
+ENV MYSQL_ROOT_PASSWORD=123456
+
+WORKDIR /app
+COPY --from=BACK /go/src/casdoor/server ./server
+COPY --from=BACK /go/src/casdoor/swagger ./swagger
+COPY --from=BACK /go/src/casdoor/docker-entrypoint.sh /docker-entrypoint.sh
+COPY --from=BACK /go/src/casdoor/conf/app.conf ./conf/app.conf
+COPY --from=FRONT /web/build ./web/build
+
+ENTRYPOINT ["/bin/bash"]
+CMD ["/docker-entrypoint.sh"]
--- a/README.md
+++ b/README.md
@ -98,7 +98,7 @@ For casdoor, if you have any questions, you can give Issues, or you can also dir

 ### I18n translation

-If you are contributing to casdoor, please note that we use [Crowdin](https://crowdin.com/project/casdoor-web) as translating platform and i18next as translating tool. When you add some words using i18next in the ```web/``` directory, please remember to add what you have added to the ```web/src/locales/en/data.json``` file.
+If you are contributing to casdoor, please note that we use [Crowdin](https://crowdin.com/project/casdoor-site) as translating platform and i18next as translating tool. When you add some words using i18next in the ```web/``` directory, please remember to add what you have added to the ```web/src/locales/en/data.json``` file.



--- a/captcha/aliyun.go
+++ b/captcha/aliyun.go
@ -0,0 +1,105 @@
+// Copyright 2022 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package captcha
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"sort"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/casdoor/casdoor/util"
+)
+
+const AliyunCaptchaVerifyUrl = "http://afs.aliyuncs.com"
+
+type AliyunCaptchaProvider struct {
+}
+
+func NewAliyunCaptchaProvider() *AliyunCaptchaProvider {
+	captcha := &AliyunCaptchaProvider{}
+	return captcha
+}
+
+func contentEscape(str string) string {
+	str = strings.Replace(str, " ", "%20", -1)
+	str = url.QueryEscape(str)
+	return str
+}
+
+func (captcha *AliyunCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool, error) {
+	pathData, err := url.ParseQuery(token)
+	if err != nil {
+		return false, err
+	}
+
+	pathData["Action"] = []string{"AuthenticateSig"}
+	pathData["Format"] = []string{"json"}
+	pathData["SignatureMethod"] = []string{"HMAC-SHA1"}
+	pathData["SignatureNonce"] = []string{strconv.FormatInt(time.Now().UnixNano(), 10)}
+	pathData["SignatureVersion"] = []string{"1.0"}
+	pathData["Timestamp"] = []string{time.Now().UTC().Format("2006-01-02T15:04:05Z")}
+	pathData["Version"] = []string{"2018-01-12"}
+
+	var keys []string
+	for k := range pathData {
+		keys = append(keys, k)
+	}
+	sort.Strings(keys)
+
+	sortQuery := ""
+	for _, k := range keys {
+		sortQuery += k + "=" + contentEscape(pathData[k][0]) + "&"
+	}
+	sortQuery = strings.TrimSuffix(sortQuery, "&")
+
+	stringToSign := fmt.Sprintf("GET&%s&%s", url.QueryEscape("/"), url.QueryEscape(sortQuery))
+
+	signature := util.GetHmacSha1(clientSecret+"&", stringToSign)
+
+	resp, err := http.Get(fmt.Sprintf("%s?%s&Signature=%s", AliyunCaptchaVerifyUrl, sortQuery, url.QueryEscape(signature)))
+	if err != nil {
+		return false, err
+	}
+
+	defer resp.Body.Close()
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		return false, err
+	}
+
+	type captchaResponse struct {
+		Code int    `json:"Code"`
+		Msg  string `json:"Msg"`
+	}
+	captchaResp := &captchaResponse{}
+
+	err = json.Unmarshal(body, captchaResp)
+	if err != nil {
+		return false, err
+	}
+
+	if captchaResp.Code != 100 {
+		return false, errors.New(captchaResp.Msg)
+	}
+
+	return true, nil
+}
--- a/captcha/hcaptcha.go
+++ b/captcha/hcaptcha.go
@ -16,9 +16,11 @@ package captcha

 import (
 	"encoding/json"
+	"errors"
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"strings"
 )

 const HCaptchaVerifyUrl = "https://hcaptcha.com/siteverify"
@ -48,7 +50,8 @@ func (captcha *HCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool
 	}

 	type captchaResponse struct {
-		Success bool `json:"success"`
+		Success    bool     `json:"success"`
+		ErrorCodes []string `json:"error-codes"`
 	}
 	captchaResp := &captchaResponse{}
 	err = json.Unmarshal(body, captchaResp)
@ -56,5 +59,9 @@ func (captcha *HCaptchaProvider) VerifyCaptcha(token, clientSecret string) (bool
 		return false, err
 	}

+	if len(captchaResp.ErrorCodes) > 0 {
+		return false, errors.New(strings.Join(captchaResp.ErrorCodes, ","))
+	}
+
 	return captchaResp.Success, nil
 }
--- a/captcha/provider.go
+++ b/captcha/provider.go
@ -25,6 +25,8 @@ func GetCaptchaProvider(captchaType string) CaptchaProvider {
 		return NewReCaptchaProvider()
 	} else if captchaType == "hCaptcha" {
 		return NewHCaptchaProvider()
+	} else if captchaType == "Aliyun Captcha" {
+		return NewAliyunCaptchaProvider()
 	}
 	return nil
 }
--- a/captcha/recaptcha.go
+++ b/captcha/recaptcha.go
@ -16,9 +16,11 @@ package captcha

 import (
 	"encoding/json"
+	"errors"
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"strings"
 )

 const ReCaptchaVerifyUrl = "https://recaptcha.net/recaptcha/api/siteverify"
@ -48,7 +50,8 @@ func (captcha *ReCaptchaProvider) VerifyCaptcha(token, clientSecret string) (boo
 	}

 	type captchaResponse struct {
-		Success bool `json:"success"`
+		Success    bool     `json:"success"`
+		ErrorCodes []string `json:"error-codes"`
 	}
 	captchaResp := &captchaResponse{}
 	err = json.Unmarshal(body, captchaResp)
@ -56,5 +59,9 @@ func (captcha *ReCaptchaProvider) VerifyCaptcha(token, clientSecret string) (boo
 		return false, err
 	}

+	if len(captchaResp.ErrorCodes) > 0 {
+		return false, errors.New(strings.Join(captchaResp.ErrorCodes, ","))
+	}
+
 	return captchaResp.Success, nil
 }
--- a/controllers/account.go
+++ b/controllers/account.go
@ -76,13 +76,16 @@ type Response struct {
 }

 type Captcha struct {
-	Type         string `json:"type"`
-	AppKey       string `json:"appKey"`
-	Scene        string `json:"scene"`
-	CaptchaId    string `json:"captchaId"`
-	CaptchaImage []byte `json:"captchaImage"`
-	ClientId     string `json:"clientId"`
-	ClientSecret string `json:"clientSecret"`
+	Type          string `json:"type"`
+	AppKey        string `json:"appKey"`
+	Scene         string `json:"scene"`
+	CaptchaId     string `json:"captchaId"`
+	CaptchaImage  []byte `json:"captchaImage"`
+	ClientId      string `json:"clientId"`
+	ClientSecret  string `json:"clientSecret"`
+	ClientId2     string `json:"clientId2"`
+	ClientSecret2 string `json:"clientSecret2"`
+	SubType       string `json:"subType"`
 }

 // Signup
@ -307,13 +310,23 @@ func (c *ApiController) GetCaptcha() {
 		return
 	}

-	if captchaProvider.Type == "Default" {
-		id, img := object.GetCaptcha()
-		c.ResponseOk(Captcha{Type: captchaProvider.Type, CaptchaId: id, CaptchaImage: img})
-		return
-	} else if captchaProvider.Type != "" {
-		c.ResponseOk(Captcha{Type: captchaProvider.Type, ClientId: captchaProvider.ClientId, ClientSecret: captchaProvider.ClientSecret})
-		return
+	if captchaProvider != nil {
+		if captchaProvider.Type == "Default" {
+			id, img := object.GetCaptcha()
+			c.ResponseOk(Captcha{Type: captchaProvider.Type, CaptchaId: id, CaptchaImage: img})
+			return
+		} else if captchaProvider.Type != "" {
+			c.ResponseOk(Captcha{
+				Type:          captchaProvider.Type,
+				SubType:       captchaProvider.SubType,
+				ClientId:      captchaProvider.ClientId,
+				ClientSecret:  captchaProvider.ClientSecret,
+				ClientId2:     captchaProvider.ClientId2,
+				ClientSecret2: captchaProvider.ClientSecret2,
+			})
+			return
+		}
 	}
+
 	c.ResponseOk(Captcha{Type: "none"})
 }
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -133,7 +133,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
 // @Param   redirectUri    query    string  true        "redirect uri"
 // @Param   scope    query    string  true        "scope"
 // @Param   state    query    string  true        "state"
-// @Success 200 {object} controllers.api_controller.Response The Response object
+// @Success 200 {object}  Response The Response object
 // @router /get-app-login [get]
 func (c *ApiController) GetApplicationLogin() {
 	clientId := c.Input().Get("clientId")
@ -163,9 +163,16 @@ func setHttpClient(idProvider idp.IdProvider, providerType string) {
 // @Title Login
 // @Tag Login API
 // @Description login
-// @Param   oAuthParams     query    string  true        "oAuth parameters"
-// @Param   body    body   RequestForm  true        "Login information"
-// @Success 200 {object} controllers.api_controller.Response The Response object
+// @Param clientId        query    string  true clientId
+// @Param responseType    query    string  true responseType
+// @Param redirectUri     query    string  true redirectUri
+// @Param scope     query    string  false  scope
+// @Param state     query    string  false  state
+// @Param nonce     query    string  false nonce
+// @Param code_challenge_method   query    string  false code_challenge_method
+// @Param code_challenge          query    string  false code_challenge
+// @Param   form   body   controllers.RequestForm  true        "Login information"
+// @Success 200 {object} Response The Response object
 // @router /login [post]
 func (c *ApiController) Login() {
 	resp := &Response{}
--- a/controllers/oidc_discovery.go
+++ b/controllers/oidc_discovery.go
@ -18,6 +18,8 @@ import "github.com/casdoor/casdoor/object"

 // @Title GetOidcDiscovery
 // @Tag OIDC API
+// @Description Get Oidc Discovery
+// @Success 200 {object} object.OidcDiscovery
 // @router /.well-known/openid-configuration [get]
 func (c *RootController) GetOidcDiscovery() {
 	host := c.Ctx.Request.Host
@ -27,6 +29,7 @@ func (c *RootController) GetOidcDiscovery() {

 // @Title GetJwks
 // @Tag OIDC API
+// @Success 200 {object} jose.JSONWebKey
 // @router /.well-known/jwks [get]
 func (c *RootController) GetJwks() {
 	jwks, err := object.GetJsonWebKeySet()
--- a/controllers/record.go
+++ b/controllers/record.go
@ -26,7 +26,7 @@ import (
 // @Description get all records
 // @Param   pageSize     query    string  true        "The size of each page"
 // @Param   p     query    string  true        "The number of the page"
-// @Success 200 {array} object.Records The Response object
+// @Success 200 {object} object.Record The Response object
 // @router /get-records [get]
 func (c *ApiController) GetRecords() {
 	limit := c.Input().Get("pageSize")
@ -50,8 +50,8 @@ func (c *ApiController) GetRecords() {
 // @Tag Record API
 // @Title GetRecordsByFilter
 // @Description get records by filter
-// @Param   body    body   object.Records  true  "filter Record message"
-// @Success 200 {array} object.Records The Response object
+// @Param   filter  body string     true  "filter Record message"
+// @Success 200 {object} object.Record The Response object
 // @router /get-records-filter [post]
 func (c *ApiController) GetRecordsByFilter() {
 	body := string(c.Ctx.Input.RequestBody)
--- a/controllers/service.go
+++ b/controllers/service.go
@ -25,33 +25,61 @@ import (
 	"github.com/casdoor/casdoor/util"
 )

+type EmailForm struct {
+	Title     string   `json:"title"`
+	Content   string   `json:"content"`
+	Sender    string   `json:"sender"`
+	Receivers []string `json:"receivers"`
+	Provider  string   `json:"provider"`
+}
+
+type SmsForm struct {
+	Content   string   `json:"content"`
+	Receivers []string `json:"receivers"`
+	OrgId     string   `json:"organizationId"` // e.g. "admin/built-in"
+}
+
 // SendEmail
 // @Title SendEmail
 // @Tag Service API
 // @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
 // @Param   clientId    query    string  true        "The clientId of the application"
 // @Param   clientSecret    query    string  true    "The clientSecret of the application"
-// @Param   body    body   emailForm    true         "Details of the email request"
+// @Param   from    body   controllers.EmailForm    true         "Details of the email request"
 // @Success 200 {object}  Response object
 // @router /api/send-email [post]
 func (c *ApiController) SendEmail() {
-	provider, _, ok := c.GetProviderFromContext("Email")
-	if !ok {
-		return
-	}
+	var emailForm EmailForm

-	var emailForm struct {
-		Title     string   `json:"title"`
-		Content   string   `json:"content"`
-		Sender    string   `json:"sender"`
-		Receivers []string `json:"receivers"`
-	}
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &emailForm)
 	if err != nil {
 		c.ResponseError(err.Error())
 		return
 	}

+	var provider *object.Provider
+	if emailForm.Provider != "" {
+		// called by frontend's TestEmailWidget, provider name is set by frontend
+		provider = object.GetProvider(fmt.Sprintf("admin/%s", emailForm.Provider))
+	} else {
+		// called by Casdoor SDK via Client ID & Client Secret, so the used Email provider will be the application' Email provider or the default Email provider
+		var ok bool
+		provider, _, ok = c.GetProviderFromContext("Email")
+		if !ok {
+			return
+		}
+	}
+
+	// when receiver is the reserved keyword: "TestSmtpServer", it means to test the SMTP server instead of sending a real Email
+	if len(emailForm.Receivers) == 1 && emailForm.Receivers[0] == "TestSmtpServer" {
+		err := object.DailSmtpServer(provider)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}
+		c.ResponseOk()
+	}
+
 	if util.IsStrsEmpty(emailForm.Title, emailForm.Content, emailForm.Sender) {
 		c.ResponseError(fmt.Sprintf("Empty parameters for emailForm: %v", emailForm))
 		return
@ -86,7 +114,7 @@ func (c *ApiController) SendEmail() {
 // @Description This API is not for Casdoor frontend to call, it is for Casdoor SDKs.
 // @Param   clientId    query    string  true        "The clientId of the application"
 // @Param   clientSecret    query    string  true    "The clientSecret of the application"
-// @Param   body    body   smsForm    true           "Details of the sms request"
+// @Param   from    body   controllers.SmsForm    true           "Details of the sms request"
 // @Success 200 {object}  Response object
 // @router /api/send-sms [post]
 func (c *ApiController) SendSms() {
@ -95,11 +123,7 @@ func (c *ApiController) SendSms() {
 		return
 	}

-	var smsForm struct {
-		Content   string   `json:"content"`
-		Receivers []string `json:"receivers"`
-		OrgId     string   `json:"organizationId"` // e.g. "admin/built-in"
-	}
+	var smsForm SmsForm
 	err := json.Unmarshal(c.Ctx.Input.RequestBody, &smsForm)
 	if err != nil {
 		c.ResponseError(err.Error())
--- a/controllers/verification.go
+++ b/controllers/verification.go
@ -54,25 +54,23 @@ func (c *ApiController) SendVerificationCode() {
 		return
 	}

-	provider := captcha.GetCaptchaProvider(checkType)
-	if provider == nil {
-		c.ResponseError("Invalid captcha provider.")
-		return
-	}
+	captchaProvider := captcha.GetCaptchaProvider(checkType)

-	if checkKey == "" {
-		c.ResponseError("Missing parameter: checkKey.")
-		return
-	}
-	isHuman, err := provider.VerifyCaptcha(checkKey, checkId)
-	if err != nil {
-		c.ResponseError("Failed to verify captcha: %v", err)
-		return
-	}
+	if captchaProvider != nil {
+		if checkKey == "" {
+			c.ResponseError("Missing parameter: checkKey.")
+			return
+		}
+		isHuman, err := captchaProvider.VerifyCaptcha(checkKey, checkId)
+		if err != nil {
+			c.ResponseError(err.Error())
+			return
+		}

-	if !isHuman {
-		c.ResponseError("Turing test failed.")
-		return
+		if !isHuman {
+			c.ResponseError("Turing test failed.")
+			return
+		}
 	}

 	user := c.getCurrentUser()
@ -211,7 +209,7 @@ func (c *ApiController) VerifyCaptcha() {

 	isValid, err := provider.VerifyCaptcha(captchaToken, clientSecret)
 	if err != nil {
-		c.ResponseError("Failed to verify captcha: %v", err)
+		c.ResponseError(err.Error())
 		return
 	}

--- a/cred/md5-user-salt.go
+++ b/cred/md5-user-salt.go
@ -38,8 +38,10 @@ func NewMd5UserSaltCredManager() *Md5UserSaltCredManager {
 }

 func (cm *Md5UserSaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	hash := getMd5HexDigest(password)
-	res := getMd5HexDigest(hash + userSalt)
+	res := getMd5HexDigest(password)
+	if userSalt != "" {
+		res = getMd5HexDigest(res + userSalt)
+	}
 	return res
 }

--- a/cred/sha256-salt.go
+++ b/cred/sha256-salt.go
@ -38,8 +38,10 @@ func NewSha256SaltCredManager() *Sha256SaltCredManager {
 }

 func (cm *Sha256SaltCredManager) GetHashedPassword(password string, userSalt string, organizationSalt string) string {
-	hash := getSha256HexDigest(password)
-	res := getSha256HexDigest(hash + organizationSalt)
+	res := getSha256HexDigest(password)
+	if organizationSalt != "" {
+		res = getSha256HexDigest(res + organizationSalt)
+	}
 	return res
 }

--- a/cred/sha256-salt_test.go
+++ b/cred/sha256-salt_test.go
@ -25,3 +25,10 @@ func TestGetSaltedPassword(t *testing.T) {
 	cm := NewSha256SaltCredManager()
 	fmt.Printf("%s -> %s\n", password, cm.GetHashedPassword(password, "", salt))
 }
+
+func TestGetPassword(t *testing.T) {
+	password := "123456"
+	cm := NewSha256SaltCredManager()
+	// https://passwordsgenerator.net/sha256-hash-generator/
+	fmt.Printf("%s -> %s\n", "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", cm.GetHashedPassword(password, "", ""))
+}
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -5,6 +5,7 @@ services:
    build:
      context: ./
      dockerfile: Dockerfile
+      target: STANDARD
    entrypoint: /bin/sh -c './server --createDatabase=true'
    ports:
      - "8000:8000"
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -0,0 +1,7 @@
+#!/bin/bash
+
+service mariadb start
+
+mysqladmin -u root password ${MYSQL_ROOT_PASSWORD}
+
+exec /app/server --createDatabase=true
--- a/main.go
+++ b/main.go
@ -51,6 +51,7 @@ func main() {
 	// https://studygolang.com/articles/2303
 	beego.InsertFilter("*", beego.BeforeRouter, routers.StaticFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.AutoSigninFilter)
+	beego.InsertFilter("*", beego.BeforeRouter, routers.CorsFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.AuthzFilter)
 	beego.InsertFilter("*", beego.BeforeRouter, routers.RecordMessage)

--- a/object/application.go
+++ b/object/application.go
@ -16,6 +16,7 @@ package object

 import (
 	"fmt"
+	"net/url"
 	"strings"

 	"github.com/casdoor/casdoor/util"
@ -45,6 +46,7 @@ type Application struct {
 	EnableSignUp        bool            `json:"enableSignUp"`
 	EnableSigninSession bool            `json:"enableSigninSession"`
 	EnableCodeSignin    bool            `json:"enableCodeSignin"`
+	EnableSamlCompress  bool            `json:"enableSamlCompress"`
 	Providers           []*ProviderItem `xorm:"mediumtext" json:"providers"`
 	SignupItems         []*SignupItem   `xorm:"varchar(1000)" json:"signupItems"`
 	GrantTypes          []string        `xorm:"varchar(1000)" json:"grantTypes"`
@ -319,3 +321,39 @@ func CheckRedirectUriValid(application *Application, redirectUri string) bool {
 	}
 	return validUri
 }
+
+func IsAllowOrigin(origin string) bool {
+	allowOrigin := false
+	originUrl, err := url.Parse(origin)
+	if err != nil {
+		return false
+	}
+
+	rows, err := adapter.Engine.Cols("redirect_uris").Rows(&Application{})
+	if err != nil {
+		panic(err)
+	}
+
+	application := Application{}
+	for rows.Next() {
+		err := rows.Scan(&application)
+		if err != nil {
+			panic(err)
+		}
+		for _, tmpRedirectUri := range application.RedirectUris {
+			u1, err := url.Parse(tmpRedirectUri)
+			if err != nil {
+				continue
+			}
+			if u1.Scheme == originUrl.Scheme && u1.Host == originUrl.Host {
+				allowOrigin = true
+				break
+			}
+		}
+		if allowOrigin {
+			break
+		}
+	}
+
+	return allowOrigin
+}
--- a/object/email.go
+++ b/object/email.go
@ -29,3 +29,16 @@ func SendEmail(provider *Provider, title string, content string, dest string, se

 	return dialer.DialAndSend(message)
 }
+
+// DailSmtpServer Dail Smtp server
+func DailSmtpServer(provider *Provider) error {
+	dialer := gomail.NewDialer(provider.Host, provider.Port, provider.ClientId, provider.ClientSecret)
+
+	sender, err := dialer.Dial()
+	if err != nil {
+		return err
+	}
+	defer sender.Close()
+
+	return nil
+}
--- a/object/init.go
+++ b/object/init.go
@ -23,6 +23,7 @@ import (
 func InitDb() {
 	existed := initBuiltInOrganization()
 	if !existed {
+		initBuiltInProvider()
 		initBuiltInUser()
 		initBuiltInApplication()
 		initBuiltInCert()
@ -103,7 +104,7 @@ func initBuiltInUser() {
 		IsGlobalAdmin:     true,
 		IsForbidden:       false,
 		IsDeleted:         false,
-		SignupApplication: "built-in-app",
+		SignupApplication: "app-built-in",
 		CreatedIp:         "127.0.0.1",
 		Properties:        make(map[string]string),
 	}
@ -127,7 +128,9 @@ func initBuiltInApplication() {
 		Cert:           "cert-built-in",
 		EnablePassword: true,
 		EnableSignUp:   true,
-		Providers:      []*ProviderItem{},
+		Providers: []*ProviderItem{
+			{Name: "provider_captcha_default", CanSignUp: false, CanSignIn: false, CanUnlink: false, Prompted: false, AlertType: "None", Provider: nil},
+		},
 		SignupItems: []*SignupItem{
 			{Name: "ID", Visible: false, Required: true, Prompted: false, Rule: "Random"},
 			{Name: "Username", Visible: true, Required: true, Prompted: false, Rule: "None"},
@ -201,3 +204,20 @@ func initBuiltInLdap() {
 	}
 	AddLdap(ldap)
 }
+
+func initBuiltInProvider() {
+	provider := GetProvider("admin/provider_captcha_default")
+	if provider != nil {
+		return
+	}
+
+	provider = &Provider{
+		Owner:       "admin",
+		Name:        "provider_captcha_default",
+		CreatedTime: util.GetCurrentTime(),
+		DisplayName: "Captcha Default",
+		Category:    "Captcha",
+		Type:        "Default",
+	}
+	AddProvider(provider)
+}
--- a/object/product_test.go
+++ b/object/product_test.go
@ -32,10 +32,10 @@ func TestProduct(t *testing.T) {
 	cert := getCert(product.Owner, "cert-pay-alipay")
 	pProvider := pp.GetPaymentProvider(provider.Type, provider.ClientId, provider.ClientSecret, provider.Host, cert.PublicKey, cert.PrivateKey, cert.AuthorityPublicKey, cert.AuthorityRootPublicKey)

-	paymentId := util.GenerateTimeId()
+	paymentName := util.GenerateTimeId()
 	returnUrl := ""
 	notifyUrl := ""
-	payUrl, err := pProvider.Pay(product.DisplayName, product.Name, provider.Name, paymentId, product.Price, returnUrl, notifyUrl)
+	payUrl, err := pProvider.Pay(provider.Name, product.Name, "alice", paymentName, product.DisplayName, product.Price, returnUrl, notifyUrl)
 	if err != nil {
 		panic(err)
 	}
--- a/object/provider.go
+++ b/object/provider.go
@ -257,5 +257,5 @@ func GetCaptchaProviderByApplication(applicationId, isCurrentProvider string) (*
 			return GetCaptchaProviderByOwnerName(fmt.Sprintf("%s/%s", provider.Provider.Owner, provider.Provider.Name))
 		}
 	}
-	return nil, fmt.Errorf("no captcha provider found")
+	return nil, nil
 }
--- a/object/saml_idp.go
+++ b/object/saml_idp.go
@ -36,7 +36,7 @@ import (
 )

 //returns a saml2 response
-func NewSamlResponse(user *User, host string, publicKey string, destination string, iss string, redirectUri []string) (*etree.Element, error) {
+func NewSamlResponse(user *User, host string, publicKey string, destination string, iss string, requestId string, redirectUri []string) (*etree.Element, error) {
 	samlResponse := &etree.Element{
 		Space: "samlp",
 		Tag:   "Response",
@ -51,7 +51,7 @@ func NewSamlResponse(user *User, host string, publicKey string, destination stri
 	samlResponse.CreateAttr("Version", "2.0")
 	samlResponse.CreateAttr("IssueInstant", now)
 	samlResponse.CreateAttr("Destination", destination)
-	samlResponse.CreateAttr("InResponseTo", fmt.Sprintf("_%s", arId))
+	samlResponse.CreateAttr("InResponseTo", requestId)
 	samlResponse.CreateElement("saml:Issuer").SetText(host)

 	samlResponse.CreateElement("samlp:Status").CreateElement("samlp:StatusCode").CreateAttr("Value", "urn:oasis:names:tc:SAML:2.0:status:Success")
@ -68,7 +68,7 @@ func NewSamlResponse(user *User, host string, publicKey string, destination stri
 	subjectConfirmation := subject.CreateElement("saml:SubjectConfirmation")
 	subjectConfirmation.CreateAttr("Method", "urn:oasis:names:tc:SAML:2.0:cm:bearer")
 	subjectConfirmationData := subjectConfirmation.CreateElement("saml:SubjectConfirmationData")
-	subjectConfirmationData.CreateAttr("InResponseTo", fmt.Sprintf("_%s", arId))
+	subjectConfirmationData.CreateAttr("InResponseTo", requestId)
 	subjectConfirmationData.CreateAttr("Recipient", destination)
 	subjectConfirmationData.CreateAttr("NotOnOrAfter", expireTime)
 	condition := assertion.CreateElement("saml:Conditions")
@ -225,14 +225,15 @@ func GetSamlMeta(application *Application, host string) (*IdpEntityDescriptor, e
 	return &d, nil
 }

-//GenerateSamlResponse generates a SAML2.0 response
-//parameter samlRequest is saml request in base64 format
+// GetSamlResponse generates a SAML2.0 response
+// parameter samlRequest is saml request in base64 format
 func GetSamlResponse(application *Application, user *User, samlRequest string, host string) (string, string, error) {
-	//decode samlRequest
+	// base64 decode
 	defated, err := base64.StdEncoding.DecodeString(samlRequest)
 	if err != nil {
 		return "", "", fmt.Errorf("err: %s", err.Error())
 	}
+	// decompress
 	var buffer bytes.Buffer
 	rdr := flate.NewReader(bytes.NewReader(defated))
 	io.Copy(&buffer, rdr)
@ -241,20 +242,21 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h
 	if err != nil {
 		return "", "", fmt.Errorf("err: %s", err.Error())
 	}
-	//verify samlRequest
+
+	// verify samlRequest
 	if valid := CheckRedirectUriValid(application, authnRequest.Issuer.Url); !valid {
 		return "", "", fmt.Errorf("err: invalid issuer url")
 	}

-	//get publickey string
+	// get public key string
 	cert := getCertByApplication(application)
 	block, _ := pem.Decode([]byte(cert.PublicKey))
 	publicKey := base64.StdEncoding.EncodeToString(block.Bytes)

 	_, originBackend := getOriginFromHost(host)

-	//build signedResponse
-	samlResponse, _ := NewSamlResponse(user, originBackend, publicKey, authnRequest.AssertionConsumerServiceURL, authnRequest.Issuer.Url, application.RedirectUris)
+	// build signedResponse
+	samlResponse, _ := NewSamlResponse(user, originBackend, publicKey, authnRequest.AssertionConsumerServiceURL, authnRequest.Issuer.Url, authnRequest.ID, application.RedirectUris)
 	randomKeyStore := &X509Key{
 		PrivateKey:      cert.PrivateKey,
 		X509Certificate: publicKey,
@ -270,15 +272,28 @@ func GetSamlResponse(application *Application, user *User, samlRequest string, h

 	doc := etree.NewDocument()
 	doc.SetRoot(samlResponse)
-	xmlStr, err := doc.WriteToString()
+	xmlBytes, err := doc.WriteToBytes()
 	if err != nil {
 		return "", "", fmt.Errorf("err: %s", err.Error())
 	}
-	res := base64.StdEncoding.EncodeToString([]byte(xmlStr))
+
+	// compress
+	if application.EnableSamlCompress {
+		flated := bytes.NewBuffer(nil)
+		writer, err := flate.NewWriter(flated, flate.DefaultCompression)
+		if err != nil {
+			return "", "", fmt.Errorf("err: %s", err.Error())
+		}
+		writer.Write(xmlBytes)
+		writer.Close()
+		xmlBytes = flated.Bytes()
+	}
+	// base64 encode
+	res := base64.StdEncoding.EncodeToString(xmlBytes)
 	return res, authnRequest.AssertionConsumerServiceURL, nil
 }

-//return a saml1.1 response(not 2.0)
+// NewSamlResponse11 return a saml1.1 response(not 2.0)
 func NewSamlResponse11(user *User, requestID string, host string) *etree.Element {
 	samlResponse := &etree.Element{
 		Space: "samlp",
--- a/object/storage.go
+++ b/object/storage.go
@ -56,6 +56,9 @@ func getUploadFileUrl(provider *Provider, fullFilePath string, hasTimestamp bool
 		// provider.Domain = "http://localhost:8000" or "https://door.casdoor.com"
 		host = util.UrlJoin(provider.Domain, "/files")
 	}
+	if provider.Type == "Azure Blob" {
+		host = fmt.Sprintf("%s/%s", host, provider.Bucket)
+	}

 	fileUrl := util.UrlJoin(host, objectKey)
 	if hasTimestamp {
--- a/proxy/proxy.go
+++ b/proxy/proxy.go
@ -76,7 +76,7 @@ func getProxyHttpClient() *http.Client {
 }

 func GetHttpClient(url string) *http.Client {
-	if strings.Contains(url, "githubusercontent.com") {
+	if strings.Contains(url, "githubusercontent.com") || strings.Contains(url, "googleusercontent.com") {
 		return ProxyHttpClient
 	} else {
 		return DefaultHttpClient
--- a/routers/cors_filter.go
+++ b/routers/cors_filter.go
@ -0,0 +1,49 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package routers
+
+import (
+	"net/http"
+
+	"github.com/astaxie/beego/context"
+	"github.com/casdoor/casdoor/conf"
+	"github.com/casdoor/casdoor/object"
+)
+
+const (
+	headerOrigin       = "Origin"
+	headerAllowOrigin  = "Access-Control-Allow-Origin"
+	headerAllowMethods = "Access-Control-Allow-Methods"
+	headerAllowHeaders = "Access-Control-Allow-Headers"
+)
+
+func CorsFilter(ctx *context.Context) {
+	origin := ctx.Input.Header(headerOrigin)
+	if origin != "" && origin != conf.GetConfigString("origin") {
+		if object.IsAllowOrigin(origin) {
+			ctx.Output.Header(headerAllowOrigin, origin)
+			ctx.Output.Header(headerAllowMethods, "POST, GET, OPTIONS")
+			ctx.Output.Header(headerAllowHeaders, "Content-Type, Authorization")
+		} else {
+			ctx.ResponseWriter.WriteHeader(http.StatusForbidden)
+			return
+		}
+
+		if ctx.Input.Method() == "OPTIONS" {
+			ctx.ResponseWriter.WriteHeader(http.StatusOK)
+			return
+		}
+	}
+}
--- a/swagger/swagger.json
+++ b/swagger/swagger.json
--- a/swagger/swagger.yml
+++ b/swagger/swagger.yml
@ -12,11 +12,22 @@ paths:
      tags:
      - OIDC API
      operationId: RootController.GetJwks
+      responses:
+        "200":
+          description: ""
+          schema:
+            $ref: '#/definitions/jose.JSONWebKey'
  /.well-known/openid-configuration:
    get:
      tags:
      - OIDC API
+      description: Get Oidc Discovery
      operationId: RootController.GetOidcDiscovery
+      responses:
+        "200":
+          description: ""
+          schema:
+            $ref: '#/definitions/object.OidcDiscovery'
  /api/add-application:
    post:
      tags:
@ -58,6 +69,24 @@ paths:
      tags:
      - Account API
      operationId: ApiController.AddLdap
+  /api/add-model:
+    post:
+      tags:
+      - Model API
+      description: add model
+      operationId: ApiController.AddModel
+      parameters:
+      - in: body
+        name: body
+        description: The details of the model
+        required: true
+        schema:
+          $ref: '#/definitions/object.Model'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
  /api/add-organization:
    post:
      tags:
@ -271,11 +300,11 @@ paths:
        required: true
        type: string
      - in: body
-        name: body
+        name: from
        description: Details of the email request
        required: true
        schema:
-          $ref: '#/definitions/emailForm'
+          $ref: '#/definitions/controllers.EmailForm'
      responses:
        "200":
          description: object
@ -299,11 +328,11 @@ paths:
        required: true
        type: string
      - in: body
-        name: body
+        name: from
        description: Details of the sms request
        required: true
        schema:
-          $ref: '#/definitions/smsForm'
+          $ref: '#/definitions/controllers.SmsForm'
      responses:
        "200":
          description: object
@ -382,6 +411,24 @@ paths:
      tags:
      - Account API
      operationId: ApiController.DeleteLdap
+  /api/delete-model:
+    post:
+      tags:
+      - Model API
+      description: delete model
+      operationId: ApiController.DeleteModel
+      parameters:
+      - in: body
+        name: body
+        description: The details of the model
+        required: true
+        schema:
+          $ref: '#/definitions/object.Model'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
  /api/delete-organization:
    post:
      tags:
@ -578,6 +625,43 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/controllers.Response'
+  /api/get-app-login:
+    get:
+      tags:
+      - Login API
+      description: get application login
+      operationId: ApiController.GetApplicationLogin
+      parameters:
+      - in: query
+        name: clientId
+        description: client id
+        required: true
+        type: string
+      - in: query
+        name: responseType
+        description: response type
+        required: true
+        type: string
+      - in: query
+        name: redirectUri
+        description: redirect uri
+        required: true
+        type: string
+      - in: query
+        name: scope
+        description: scope
+        required: true
+        type: string
+      - in: query
+        name: state
+        description: state
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/Response'
  /api/get-application:
    get:
      tags:
@ -700,6 +784,42 @@ paths:
      tags:
      - Account API
      operationId: ApiController.GetLdaps
+  /api/get-model:
+    get:
+      tags:
+      - Model API
+      description: get model
+      operationId: ApiController.GetModel
+      parameters:
+      - in: query
+        name: id
+        description: The id of the model
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/object.Model'
+  /api/get-models:
+    get:
+      tags:
+      - Model API
+      description: get models
+      operationId: ApiController.GetModels
+      parameters:
+      - in: query
+        name: owner
+        description: The owner of models
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            type: array
+            items:
+              $ref: '#/definitions/object.Model'
  /api/get-organization:
    get:
      tags:
@ -901,9 +1021,7 @@ paths:
        "200":
          description: The Response object
          schema:
-            type: array
-            items:
-              $ref: '#/definitions/object.Records'
+            $ref: '#/definitions/object.Record'
  /api/get-records-filter:
    post:
      tags:
@ -912,18 +1030,17 @@ paths:
      operationId: ApiController.GetRecordsByFilter
      parameters:
      - in: body
-        name: body
+        name: filter
        description: filter Record message
        required: true
        schema:
-          $ref: '#/definitions/object.Records'
+          type: string
+        type: string
      responses:
        "200":
          description: The Response object
          schema:
-            type: array
-            items:
-              $ref: '#/definitions/object.Records'
+            $ref: '#/definitions/object.Record'
  /api/get-resource:
    get:
      tags:
@ -1216,6 +1333,23 @@ paths:
            type: array
            items:
              $ref: '#/definitions/object.Webhook'
+  /api/invoice-payment:
+    post:
+      tags:
+      - Payment API
+      description: invoice payment
+      operationId: ApiController.InvoicePayment
+      parameters:
+      - in: query
+        name: id
+        description: The id of the payment
+        required: true
+        type: string
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
  /api/login:
    post:
      tags:
@ -1224,21 +1358,51 @@ paths:
      operationId: ApiController.Login
      parameters:
      - in: query
-        name: oAuthParams
-        description: oAuth parameters
+        name: clientId
+        description: clientId
        required: true
        type: string
+      - in: query
+        name: responseType
+        description: responseType
+        required: true
+        type: string
+      - in: query
+        name: redirectUri
+        description: redirectUri
+        required: true
+        type: string
+      - in: query
+        name: scope
+        description: scope
+        type: string
+      - in: query
+        name: state
+        description: state
+        type: string
+      - in: query
+        name: nonce
+        description: nonce
+        type: string
+      - in: query
+        name: code_challenge_method
+        description: code_challenge_method
+        type: string
+      - in: query
+        name: code_challenge
+        description: code_challenge
+        type: string
      - in: body
-        name: body
+        name: form
        description: Login information
        required: true
        schema:
-          $ref: '#/definitions/RequestForm'
+          $ref: '#/definitions/controllers.RequestForm'
      responses:
        "200":
          description: The Response object
          schema:
-            $ref: '#/definitions/controllers.api_controller.Response'
+            $ref: '#/definitions/Response'
  /api/login/oauth/access_token:
    post:
      tags:
@ -1424,6 +1588,24 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/controllers.Response'
+  /api/run-syncer:
+    get:
+      tags:
+      - Syncer API
+      description: run syncer
+      operationId: ApiController.RunSyncer
+      parameters:
+      - in: body
+        name: body
+        description: The details of the syncer
+        required: true
+        schema:
+          $ref: '#/definitions/object.Syncer'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
  /api/send-verification-code:
    post:
      tags:
@ -1493,42 +1675,6 @@ paths:
      tags:
      - Login API
  /api/update-application:
-    get:
-      tags:
-      - Login API
-      description: get application login
-      operationId: ApiController.GetApplicationLogin
-      parameters:
-      - in: query
-        name: clientId
-        description: client id
-        required: true
-        type: string
-      - in: query
-        name: responseType
-        description: response type
-        required: true
-        type: string
-      - in: query
-        name: redirectUri
-        description: redirect uri
-        required: true
-        type: string
-      - in: query
-        name: scope
-        description: scope
-        required: true
-        type: string
-      - in: query
-        name: state
-        description: state
-        required: true
-        type: string
-      responses:
-        "200":
-          description: The Response object
-          schema:
-            $ref: '#/definitions/controllers.api_controller.Response'
    post:
      tags:
      - Application API
@ -1579,6 +1725,29 @@ paths:
      tags:
      - Account API
      operationId: ApiController.UpdateLdap
+  /api/update-model:
+    post:
+      tags:
+      - Model API
+      description: update model
+      operationId: ApiController.UpdateModel
+      parameters:
+      - in: query
+        name: id
+        description: The id of the model
+        required: true
+        type: string
+      - in: body
+        name: body
+        description: The details of the model
+        required: true
+        schema:
+          $ref: '#/definitions/object.Model'
+      responses:
+        "200":
+          description: The Response object
+          schema:
+            $ref: '#/definitions/controllers.Response'
  /api/update-organization:
    post:
      tags:
@ -1830,27 +1999,97 @@ paths:
          description: The Response object
          schema:
            $ref: '#/definitions/object.Userinfo'
+  /api/verify-captcha:
+    post:
+      tags:
+      - Verification API
+      operationId: ApiController.VerifyCaptcha
 definitions:
-  2127.0xc00036c600.false:
+  2200.0xc0003c4b70.false:
    title: "false"
    type: object
-  2161.0xc00036c630.false:
+  2235.0xc0003c4ba0.false:
    title: "false"
    type: object
-  RequestForm:
-    title: RequestForm
-    type: object
  Response:
    title: Response
    type: object
+  controllers.EmailForm:
+    title: EmailForm
+    type: object
+    properties:
+      content:
+        type: string
+      receivers:
+        type: array
+        items:
+          type: string
+      sender:
+        type: string
+      title:
+        type: string
+  controllers.RequestForm:
+    title: RequestForm
+    type: object
+    properties:
+      affiliation:
+        type: string
+      application:
+        type: string
+      autoSignin:
+        type: boolean
+      code:
+        type: string
+      email:
+        type: string
+      emailCode:
+        type: string
+      firstName:
+        type: string
+      idCard:
+        type: string
+      lastName:
+        type: string
+      method:
+        type: string
+      name:
+        type: string
+      organization:
+        type: string
+      password:
+        type: string
+      phone:
+        type: string
+      phoneCode:
+        type: string
+      phonePrefix:
+        type: string
+      provider:
+        type: string
+      redirectUri:
+        type: string
+      region:
+        type: string
+      relayState:
+        type: string
+      samlRequest:
+        type: string
+      samlResponse:
+        type: string
+      state:
+        type: string
+      type:
+        type: string
+      username:
+        type: string
  controllers.Response:
    title: Response
    type: object
    properties:
      data:
-        $ref: '#/definitions/2127.0xc00036c600.false'
+        $ref: '#/definitions/2200.0xc0003c4b70.false'
      data2:
-        $ref: '#/definitions/2161.0xc00036c630.false'
+        $ref: '#/definitions/2235.0xc0003c4ba0.false'
      msg:
        type: string
      name:
@ -1859,25 +2098,33 @@ definitions:
        type: string
      sub:
        type: string
-  controllers.api_controller.Response:
-    title: Response
+  controllers.SmsForm:
+    title: SmsForm
    type: object
    properties:
-      data:
-        $ref: '#/definitions/2127.0xc00036c600.false'
-      data2:
-        $ref: '#/definitions/2161.0xc00036c630.false'
-      msg:
+      content:
+        type: string
+      organizationId:
+        type: string
+      receivers:
+        type: array
+        items:
+          type: string
+  jose.JSONWebKey:
+    title: JSONWebKey
+    type: object
+  object.AccountItem:
+    title: AccountItem
+    type: object
+    properties:
+      modifyRule:
        type: string
      name:
        type: string
-      status:
+      viewRule:
        type: string
-      sub:
-        type: string
-  emailForm:
-    title: emailForm
-    type: object
+      visible:
+        type: boolean
  object.Adapter:
    title: Adapter
    type: object
@ -2037,10 +2284,80 @@ definitions:
        type: string
      username:
        type: string
+  object.Model:
+    title: Model
+    type: object
+    properties:
+      createdTime:
+        type: string
+      displayName:
+        type: string
+      isEnabled:
+        type: boolean
+      modelText:
+        type: string
+      name:
+        type: string
+      owner:
+        type: string
+  object.OidcDiscovery:
+    title: OidcDiscovery
+    type: object
+    properties:
+      authorization_endpoint:
+        type: string
+      claims_supported:
+        type: array
+        items:
+          type: string
+      grant_types_supported:
+        type: array
+        items:
+          type: string
+      id_token_signing_alg_values_supported:
+        type: array
+        items:
+          type: string
+      introspection_endpoint:
+        type: string
+      issuer:
+        type: string
+      jwks_uri:
+        type: string
+      request_object_signing_alg_values_supported:
+        type: array
+        items:
+          type: string
+      request_parameter_supported:
+        type: boolean
+      response_modes_supported:
+        type: array
+        items:
+          type: string
+      response_types_supported:
+        type: array
+        items:
+          type: string
+      scopes_supported:
+        type: array
+        items:
+          type: string
+      subject_types_supported:
+        type: array
+        items:
+          type: string
+      token_endpoint:
+        type: string
+      userinfo_endpoint:
+        type: string
  object.Organization:
    title: Organization
    type: object
    properties:
+      accountItems:
+        type: array
+        items:
+          $ref: '#/definitions/object.AccountItem'
      createdTime:
        type: string
      defaultAvatar:
@ -2051,6 +2368,8 @@ definitions:
        type: boolean
      favicon:
        type: string
+      isProfilePublic:
+        type: boolean
      masterPassword:
        type: string
      name:
@ -2081,6 +2400,16 @@ definitions:
        type: string
      displayName:
        type: string
+      invoiceRemark:
+        type: string
+      invoiceTaxId:
+        type: string
+      invoiceTitle:
+        type: string
+      invoiceType:
+        type: string
+      invoiceUrl:
+        type: string
      message:
        type: string
      name:
@ -2091,6 +2420,14 @@ definitions:
        type: string
      payUrl:
        type: string
+      personEmail:
+        type: string
+      personIdCard:
+        type: string
+      personName:
+        type: string
+      personPhone:
+        type: string
      price:
        type: number
        format: double
@ -2126,6 +2463,8 @@ definitions:
        type: string
      isEnabled:
        type: boolean
+      model:
+        type: string
      name:
        type: string
      owner:
@ -2205,6 +2544,16 @@ definitions:
        type: string
      createdTime:
        type: string
+      customAuthUrl:
+        type: string
+      customLogo:
+        type: string
+      customScope:
+        type: string
+      customTokenUrl:
+        type: string
+      customUserInfoUrl:
+        type: string
      displayName:
        type: string
      domain:
@ -2264,9 +2613,35 @@ definitions:
        type: boolean
      provider:
        $ref: '#/definitions/object.Provider'
-  object.Records:
-    title: Records
+  object.Record:
+    title: Record
    type: object
+    properties:
+      action:
+        type: string
+      clientIp:
+        type: string
+      createdTime:
+        type: string
+      extendedUser:
+        $ref: '#/definitions/object.User'
+      id:
+        type: integer
+        format: int64
+      isTriggered:
+        type: boolean
+      method:
+        type: string
+      name:
+        type: string
+      organization:
+        type: string
+      owner:
+        type: string
+      requestUri:
+        type: string
+      user:
+        type: string
  object.Role:
    title: Role
    type: object
@ -2442,6 +2817,8 @@ definitions:
        type: string
      baidu:
        type: string
+      bilibili:
+        type: string
      bio:
        type: string
      birthday:
@ -2452,10 +2829,14 @@ definitions:
        type: string
      createdTime:
        type: string
+      custom:
+        type: string
      dingtalk:
        type: string
      displayName:
        type: string
+      douyin:
+        type: string
      education:
        type: string
      email:
@ -2521,6 +2902,8 @@ definitions:
        type: string
      name:
        type: string
+      okta:
+        type: string
      owner:
        type: string
      password:
@ -2558,6 +2941,8 @@ definitions:
        type: string
      type:
        type: string
+      unionId:
+        type: string
      updatedTime:
        type: string
      wechat:
@ -2618,9 +3003,6 @@ definitions:
        type: string
      url:
        type: string
-  smsForm:
-    title: smsForm
-    type: object
  xorm.Engine:
    title: Engine
    type: object
--- a/util/crypto.go
+++ b/util/crypto.go
@ -0,0 +1,30 @@
+// Copyright 2022 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package util
+
+import (
+	"crypto/hmac"
+	"crypto/sha1"
+	"encoding/base64"
+)
+
+func GetHmacSha1(keyStr, value string) string {
+	key := []byte(keyStr)
+	mac := hmac.New(sha1.New, key)
+	mac.Write([]byte(value))
+	res := base64.StdEncoding.EncodeToString(mac.Sum(nil))
+
+	return res
+}
--- a/web/src/ApplicationEditPage.js
+++ b/web/src/ApplicationEditPage.js
@ -474,6 +474,16 @@ class ApplicationEditPage extends React.Component {
            </Select>
          </Col>
        </Row>
+        <Row style={{marginTop: '20px'}} >
+          <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 19 : 2}>
+            {Setting.getLabel(i18next.t("application:Enable SAML compress"), i18next.t("application:Enable SAML compress - Tooltip"))} :
+          </Col>
+          <Col span={1} >
+            <Switch checked={this.state.application.enableSamlCompress} onChange={checked => {
+              this.updateApplicationField('enableSamlCompress', checked);
+            }} />
+          </Col>
+        </Row>
        <Row style={{marginTop: '20px'}} >
          <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
            {Setting.getLabel(i18next.t("application:SAML metadata"), i18next.t("application:SAML metadata - Tooltip"))} :
@ -484,6 +494,14 @@ class ApplicationEditPage extends React.Component {
              options={{mode: 'xml', theme: 'default'}}
              onBeforeChange={(editor, data, value) => {}}
            />
+            <br/>
+            <Button style={{marginBottom: "10px"}} type="primary" shape="round" icon={<CopyOutlined />} onClick={() => {
+              copy(`${window.location.origin}/api/saml/metadata?application=admin/${encodeURIComponent(this.state.applicationName)}`);
+              Setting.showMessage("success", i18next.t("application:SAML metadata URL copied to clipboard successfully"));
+            }}
+            >
+              {i18next.t("application:Copy SAML metadata URL")}
+            </Button>
          </Col>
        </Row>
        <Row style={{marginTop: '20px'}} >
--- a/web/src/ApplicationListPage.js
+++ b/web/src/ApplicationListPage.js
@ -23,7 +23,6 @@ import i18next from "i18next";
 import BaseListPage from "./BaseListPage";

 class ApplicationListPage extends BaseListPage {
-
  newApplication() {
    const randomName = Setting.getRandomName();
    return {
@ -36,7 +35,10 @@ class ApplicationListPage extends BaseListPage {
      enableSignUp: true,
      enableSigninSession: false,
      enableCodeSignin: false,
-      providers: [],
+      enableSamlCompress: false,
+      providers: [
+        {name: "provider_captcha_default", canSignUp: false, canSignIn: false, canUnlink: false, prompted: false, alertType: "None"},
+      ],
      signupItems: [
        {name: "ID", visible: false, required: true, rule: "Random"},
        {name: "Username", visible: true, required: true, rule: "None"},
--- a/web/src/CertListPage.js
+++ b/web/src/CertListPage.js
@ -22,7 +22,6 @@ import i18next from "i18next";
 import BaseListPage from "./BaseListPage";

 class CertListPage extends BaseListPage {
-
  newCert() {
    const randomName = Setting.getRandomName();
    return {
--- a/web/src/OrganizationListPage.js
+++ b/web/src/OrganizationListPage.js
@ -22,7 +22,6 @@ import i18next from "i18next";
 import BaseListPage from "./BaseListPage";

 class OrganizationListPage extends BaseListPage {
-
  newOrganization() {
    const randomName = Setting.getRandomName();
    return {
--- a/web/src/PermissionListPage.js
+++ b/web/src/PermissionListPage.js
@ -93,7 +93,7 @@ class PermissionListPage extends BaseListPage {
        ...this.getColumnSearchProps('name'),
        render: (text, record, index) => {
          return (
-            <Link to={`/permissions/${text}`}>
+            <Link to={`/permissions/${record.owner}/${text}`}>
              {text}
            </Link>
          )
--- a/web/src/ProviderEditPage.js
+++ b/web/src/ProviderEditPage.js
@ -19,6 +19,7 @@ import * as ProviderBackend from "./backend/ProviderBackend";
 import * as Setting from "./Setting";
 import i18next from "i18next";
 import { authConfig } from "./auth/Auth";
+import * as ProviderEditTestEmail from "./TestEmailWidget";
 import copy from 'copy-to-clipboard';
 import { CaptchaPreview } from "./common/CaptchaPreview";

@ -33,6 +34,7 @@ class ProviderEditPage extends React.Component {
      providerName: props.match.params.providerName,
      provider: null,
      mode: props.location.mode !== undefined ? props.location.mode : "edit",
+      testEmail: this.props.account["email"] !== undefined ? this.props.account["email"] : "",
    };
  }

@ -79,7 +81,11 @@ class ProviderEditPage extends React.Component {
          return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
        }
      case "Captcha":
-        return Setting.getLabel(i18next.t("provider:Site key"), i18next.t("provider:Site key - Tooltip"));
+        if (this.state.provider.type === "Aliyun Captcha") {
+          return Setting.getLabel(i18next.t("provider:Access key"), i18next.t("provider:Access key - Tooltip"));
+        } else {
+          return Setting.getLabel(i18next.t("provider:Site key"), i18next.t("provider:Site key - Tooltip"));
+        }
      default:
        return Setting.getLabel(i18next.t("provider:Client ID"), i18next.t("provider:Client ID - Tooltip"));
    }
@ -98,7 +104,11 @@ class ProviderEditPage extends React.Component {
          return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip"));
        }
      case "Captcha":
-        return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip"));
+        if (this.state.provider.type === "Aliyun Captcha") {
+          return Setting.getLabel(i18next.t("provider:Secret access key"), i18next.t("provider:SecretAccessKey - Tooltip"));
+        } else {
+          return Setting.getLabel(i18next.t("provider:Secret key"), i18next.t("provider:Secret key - Tooltip"));
+        }
      default:
        return Setting.getLabel(i18next.t("provider:Client secret"), i18next.t("provider:Client secret - Tooltip"));
    }
@ -240,7 +250,7 @@ class ProviderEditPage extends React.Component {
          </Col>
        </Row>
        {
-          this.state.provider.type !== "WeCom" && this.state.provider.type !== "Infoflow" ? null : (
+          this.state.provider.type !== "WeCom" && this.state.provider.type !== "Infoflow" && this.state.provider.type !== "Aliyun Captcha" ? null : (
            <React.Fragment>
              <Row style={{marginTop: '20px'}} >
                <Col style={{marginTop: '5px'}} span={2}>
@ -257,7 +267,7 @@ class ProviderEditPage extends React.Component {
                </Col>
              </Row>
              {
-                this.state.provider.type !== "WeCom"  ? null : (    
+                this.state.provider.type !== "WeCom"  ? null : (
                  <Row style={{marginTop: '20px'}} >
                    <Col style={{marginTop: '5px'}} span={2}>
                      {Setting.getLabel(i18next.t("provider:Method"), i18next.t("provider:Method - Tooltip"))} :
@ -350,36 +360,39 @@ class ProviderEditPage extends React.Component {
          )
        }
        {
-          this.state.provider.type !== "Default" && 
-          <>
-            <Row style={{marginTop: '20px'}} >
-              <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
-                {this.getClientIdLabel()}
-              </Col>
-              <Col span={22} >
-                <Input value={this.state.provider.clientId} onChange={e => {
-                  this.updateProviderField('clientId', e.target.value);
-                }} />
-              </Col>
-            </Row>
-            <Row style={{marginTop: '20px'}} >
-              <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
-                {this.getClientSecretLabel()}
-              </Col>
-              <Col span={22} >
-                <Input value={this.state.provider.clientSecret} onChange={e => {
-                  this.updateProviderField('clientSecret', e.target.value);
-                }} />
-              </Col>
-            </Row>
-          </>
-        }
-        {
-          this.state.provider.type !== "WeChat" ? null : (
+          this.state.provider.category === "Captcha" && this.state.provider.type === "Default" ? null : (
            <React.Fragment>
              <Row style={{marginTop: '20px'}} >
                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {Setting.getLabel(i18next.t("provider:Client ID 2"), i18next.t("provider:Client ID 2 - Tooltip"))}
+                  {this.getClientIdLabel()}
+                </Col>
+                <Col span={22} >
+                  <Input value={this.state.provider.clientId} onChange={e => {
+                    this.updateProviderField('clientId', e.target.value);
+                  }} />
+                </Col>
+              </Row>
+              <Row style={{marginTop: '20px'}} >
+                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {this.getClientSecretLabel()}
+                </Col>
+                <Col span={22} >
+                  <Input value={this.state.provider.clientSecret} onChange={e => {
+                    this.updateProviderField('clientSecret', e.target.value);
+                  }} />
+                </Col>
+              </Row>
+            </React.Fragment>
+          )
+        }
+        {
+          this.state.provider.type !== "WeChat" && this.state.provider.type !== "Aliyun Captcha" ? null : (
+            <React.Fragment>
+              <Row style={{marginTop: '20px'}} >
+                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {this.state.provider.type === "Aliyun Captcha"
+                    ? Setting.getLabel(i18next.t("provider:Scene"), i18next.t("provider:Scene - Tooltip"))
+                    : Setting.getLabel(i18next.t("provider:Client ID 2"), i18next.t("provider:Client ID 2 - Tooltip"))}
                </Col>
                <Col span={22} >
                  <Input value={this.state.provider.clientId2} onChange={e => {
@ -389,7 +402,9 @@ class ProviderEditPage extends React.Component {
              </Row>
              <Row style={{marginTop: '20px'}} >
                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
-                  {Setting.getLabel(i18next.t("provider:Client secret 2"), i18next.t("provider:Client secret 2 - Tooltip"))}
+                  {this.state.provider.type === "Aliyun Captcha"
+                    ? Setting.getLabel(i18next.t("provider:App key"), i18next.t("provider:App key - Tooltip"))
+                    : Setting.getLabel(i18next.t("provider:Client secret 2"), i18next.t("provider:Client secret 2 - Tooltip"))}
                </Col>
                <Col span={22} >
                  <Input value={this.state.provider.clientSecret2} onChange={e => {
@ -513,6 +528,27 @@ class ProviderEditPage extends React.Component {
                  }} />
                </Col>
              </Row>
+              <Row style={{marginTop: '20px'}} >
+                <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
+                  {Setting.getLabel(i18next.t("provider:Test Email"), i18next.t("provider:Test Email - Tooltip"))} :
+                </Col>
+                <Col span={4} >
+                  <Input value={this.state.testEmail}
+                         placeHolder = {i18next.t("user:Input your email")}
+                         onChange={e => {
+                    this.setState({testEmail: e.target.value})
+                  }} />
+                </Col>
+                <Button style={{marginLeft: '10px', marginBottom: "5px"}} type="primary"
+                        onClick={() => ProviderEditTestEmail.connectSmtpServer(this.state.provider)} >
+                  {i18next.t("provider:Test Connection")}
+                </Button>
+                <Button style={{marginLeft: '10px', marginBottom: "5px"}} type="primary"
+                        disabled={!Setting.isValidEmail(this.state.testEmail)}
+                        onClick={() => ProviderEditTestEmail.sendTestEmail(this.state.provider, this.state.testEmail)} >
+                  {i18next.t("provider:Send Test Email")}
+                </Button>
+              </Row>
            </React.Fragment>
          ) : this.state.provider.category === "SMS" ? (
            <React.Fragment>
@ -640,38 +676,39 @@ class ProviderEditPage extends React.Component {
          ) : null
        }
        {this.getAppIdRow()}
+        <Row style={{marginTop: '20px'}} >
+          <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
+            {Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} :
+          </Col>
+          <Col span={22} >
+            <Input prefix={<LinkOutlined/>} value={this.state.provider.providerUrl} onChange={e => {
+              this.updateProviderField('providerUrl', e.target.value);
+            }} />
+          </Col>
+        </Row>
        {
-          this.state.provider.type !== "Default" &&
-          <Row style={{marginTop: '20px'}} >
-            <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
-              {Setting.getLabel(i18next.t("provider:Provider URL"), i18next.t("provider:Provider URL - Tooltip"))} :
-            </Col>
-            <Col span={22} >
-              <Input prefix={<LinkOutlined/>} value={this.state.provider.providerUrl} onChange={e => {
-                this.updateProviderField('providerUrl', e.target.value);
-              }} />
-            </Col>
-          </Row>
-        }
-        {
-          this.state.provider.category === "Captcha" && 
-          <Row style={{marginTop: '20px'}} >
-            <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
-              {Setting.getLabel(i18next.t("general:Preview"), i18next.t("general:Preview - Tooltip"))} :
-            </Col>
-            <Col span={22} >
-              <CaptchaPreview 
-                provider={this.state.provider}
-                providerName={this.state.providerName}
-                clientSecret={this.state.provider.clientSecret}
-                captchaType={this.state.provider.type}
-                owner={this.state.provider.owner}
-                clientId={this.state.provider.clientId}
-                name={this.state.provider.name}
-                providerUrl={this.state.provider.providerUrl}
-              />
-            </Col>
-          </Row>
+          this.state.provider.category !== "Captcha" ? null : (
+            <Row style={{marginTop: '20px'}} >
+              <Col style={{marginTop: '5px'}} span={(Setting.isMobile()) ? 22 : 2}>
+                {Setting.getLabel(i18next.t("general:Preview"), i18next.t("general:Preview - Tooltip"))} :
+              </Col>
+              <Col span={22} >
+                <CaptchaPreview
+                  provider={this.state.provider}
+                  providerName={this.state.providerName}
+                  clientSecret={this.state.provider.clientSecret}
+                  captchaType={this.state.provider.type}
+                  subType={this.state.provider.subType}
+                  owner={this.state.provider.owner}
+                  clientId={this.state.provider.clientId}
+                  name={this.state.provider.name}
+                  providerUrl={this.state.provider.providerUrl}
+                  clientId2={this.state.provider.clientId2}
+                  clientSecret2={this.state.provider.clientSecret2}
+                />
+              </Col>
+            </Row>
+          )
        }
      </Card>
    )
--- a/web/src/ProviderListPage.js
+++ b/web/src/ProviderListPage.js
@ -23,7 +23,6 @@ import i18next from "i18next";
 import BaseListPage from "./BaseListPage";

 class ProviderListPage extends BaseListPage {
-
  newProvider() {
    const randomName = Setting.getRandomName();
    return {
--- a/web/src/RecordListPage.js
+++ b/web/src/RecordListPage.js
@ -22,7 +22,6 @@ import moment from "moment";
 import BaseListPage from "./BaseListPage";

 class RecordListPage extends BaseListPage {
-
  UNSAFE_componentWillMount() {
    this.state.pagination.pageSize = 20;
    const { pagination } = this.state;
--- a/web/src/Setting.js
+++ b/web/src/Setting.js
@ -118,6 +118,10 @@ export const OtherProviderInfo = {
    "hCaptcha": {
      logo: `${StaticBaseUrl}/img/social_hcaptcha.png`,
      url: "https://www.hcaptcha.com",
+    },
+    "Aliyun Captcha": {
+      logo: `${StaticBaseUrl}/img/social_aliyun.png`,
+      url: "https://help.aliyun.com/product/28308.html",
    }
  }
 };
@ -614,6 +618,7 @@ export function getProviderTypeOptions(category) {
      {id: 'Default', name: 'Default'},
      {id: 'reCAPTCHA', name: 'reCAPTCHA'},
      {id: 'hCaptcha', name: 'hCaptcha'},
+      {id: 'Aliyun Captcha', name: 'Aliyun Captcha'},
    ]);
  } else {
    return [];
@ -628,6 +633,11 @@ export function getProviderSubTypeOptions(type) {
        {id: 'Third-party', name: 'Third-party'},
      ]
    );
+  } else if (type === "Aliyun Captcha") {
+    return [
+      {id: 'nc', name: 'Sliding Validation'},
+      {id: 'ic', name: 'Intelligent Validation'},
+    ];
  } else {
    return [];
  }
--- a/web/src/SyncerListPage.js
+++ b/web/src/SyncerListPage.js
@ -22,7 +22,6 @@ import i18next from "i18next";
 import BaseListPage from "./BaseListPage";

 class SyncerListPage extends BaseListPage {
-
  newSyncer() {
    const randomName = Setting.getRandomName();
    return {
--- a/web/src/TestEmailWidget.js
+++ b/web/src/TestEmailWidget.js
@ -0,0 +1,59 @@
+// Copyright 2021 The Casdoor Authors. All Rights Reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+import * as Setting from "./Setting";
+
+export function sendTestEmail(provider, email) {
+  testEmailProvider(provider, email)
+    .then((res) => {
+      if (res.msg === "") {
+        Setting.showMessage("success", `Successfully send email`);
+      } else {
+        Setting.showMessage("error", res.msg);
+      }
+    })
+    .catch(error => {
+      Setting.showMessage("error", `Failed to connect to server: ${error}`);
+    });
+}
+
+export function connectSmtpServer(provider) {
+  testEmailProvider(provider)
+    .then((res) => {
+      if (res.msg === "") {
+        Setting.showMessage("success", `Successfully connecting smtp server`);
+      } else {
+        Setting.showMessage("error", res.msg);
+      }
+    })
+    .catch(error => {
+      Setting.showMessage("error", `Failed to connect to server: ${error}`);
+    });
+}
+
+function testEmailProvider(provider, email = "") {
+  let emailForm = {
+    title: provider.title,
+    content: provider.content,
+    sender: provider.displayName,
+    receivers: email === "" ? ["TestSmtpServer"] : [email],
+    provider: provider.name,
+  }
+
+  return fetch(`${Setting.ServerUrl}/api/send-email`, {
+    method: "POST",
+    credentials: "include",
+    body: JSON.stringify(emailForm)
+  }).then(res => res.json());
+}
--- a/web/src/TokenListPage.js
+++ b/web/src/TokenListPage.js
@ -22,7 +22,6 @@ import i18next from "i18next";
 import BaseListPage from "./BaseListPage";

 class TokenListPage extends BaseListPage {
-
  newToken() {
    const randomName = Setting.getRandomName();
    return {
--- a/web/src/UserEditPage.js
+++ b/web/src/UserEditPage.js
@ -129,9 +129,17 @@ class UserEditPage extends React.Component {
      return null;
    }

-    const isSelf = this.state.user.id === this.props.account;
+    const isSelf = this.state.user.id === this.props.account?.id;
    const isAdmin = Setting.isAdminUser(this.props.account);

+    // return (
+    //   <div>
+    //     {
+    //       JSON.stringify({accountItem: accountItem, isSelf: isSelf, isAdmin: isAdmin})
+    //     }
+    //   </div>
+    // )
+
    if (accountItem.viewRule === "Self") {
      if (!isSelf && !isAdmin) {
        return null;
@ -522,7 +530,15 @@ class UserEditPage extends React.Component {
        </div>
      } style={(Setting.isMobile())? {margin: '5px'}:{}} type="inner">
        {
-          this.state.application?.organizationObj.accountItems?.map(accountItem => this.renderAccountItem(accountItem))
+          this.state.application?.organizationObj.accountItems?.map(accountItem => {
+            return (
+              <React.Fragment key={accountItem.name}>
+                {
+                  this.renderAccountItem(accountItem)
+                }
+              </React.Fragment>
+            )
+          })
        }
      </Card>
    )
@ -571,7 +587,7 @@ class UserEditPage extends React.Component {
    return (
      <div>
      {
-        this.state.loading ? <Spin loading={this.state.loading} size="large" /> : (
+        this.state.loading ? <Spin size="large" /> : (
          this.state.user !== null ? this.renderUser() :
            <Result
              status="404"
--- a/web/src/auth/SignupPage.js
+++ b/web/src/auth/SignupPage.js
@ -98,7 +98,10 @@ class SignupPage extends React.Component {
        this.setState({
          application: application,
        });
-        this.getTermsofuseContent(application.termsOfUse);
+
+        if (application !== null && application !== undefined) {
+            this.getTermsofuseContent(application.termsOfUse);
+        }
      });
  }

--- a/web/src/common/CaptchaPreview.js
+++ b/web/src/common/CaptchaPreview.js
@ -20,18 +20,27 @@ import * as ProviderBackend from "../backend/ProviderBackend";
 import { SafetyOutlined } from "@ant-design/icons";
 import { CaptchaWidget } from "./CaptchaWidget";

-export const CaptchaPreview = ({ provider, providerName, clientSecret, captchaType, owner, clientId, name, providerUrl }) => {
+export const CaptchaPreview = ({
+  provider,
+  providerName,
+  clientSecret,
+  captchaType,
+  subType,
+  owner,
+  clientId,
+  name,
+  providerUrl,
+  clientId2,
+  clientSecret2,
+}) => {
  const [visible, setVisible] = React.useState(false);
  const [captchaImg, setCaptchaImg] = React.useState("");
  const [captchaToken, setCaptchaToken] = React.useState("");
  const [secret, setSecret] = React.useState(clientSecret);
+  const [secret2, setSecret2] = React.useState(clientSecret2);

  const handleOk = () => {
-    UserBackend.verifyCaptcha(
-      captchaType,
-      captchaToken,
-      secret
-    ).then(() => {
+    UserBackend.verifyCaptcha(captchaType, captchaToken, secret).then(() => {
      setCaptchaToken("");
      setVisible(false);
    });
@ -48,9 +57,10 @@ export const CaptchaPreview = ({ provider, providerName, clientSecret, captchaTy
        setCaptchaImg(res.captchaImage);
      } else {
        setSecret(res.clientSecret);
+        setSecret2(res.clientSecret2);
      }
    });
-  }
+  };

  const clickPreview = () => {
    setVisible(true);
@ -100,24 +110,50 @@ export const CaptchaPreview = ({ provider, providerName, clientSecret, captchaTy
    setCaptchaToken(token);
  };

-
  const renderCheck = () => {
    if (captchaType === "Default") {
      return renderDefaultCaptcha();
    } else {
      return (
-        <CaptchaWidget
-          captchaType={captchaType}
-          siteKey={clientId}
-          onChange={onSubmit}
-        />
+        <Col>
+          <Row>
+            <CaptchaWidget
+              captchaType={captchaType}
+              subType={subType}
+              siteKey={clientId}
+              clientSecret={secret}
+              onChange={onSubmit}
+              clientId2={clientId2}
+              clientSecret2={secret2}
+            />
+          </Row>
+        </Col>
      );
    }
  };

+  const getButtonDisabled = () => {
+    if (captchaType !== "Default") {
+      if (!clientId || !clientSecret) {
+        return true;
+      }
+      if (captchaType === "Aliyun Captcha") {
+        if (!subType || !clientId2 || !clientSecret2) {
+          return true;
+        }
+      }
+    }
+    return false;
+  };
+
  return (
    <React.Fragment>
-      <Button style={{ fontSize: 14 }} type={"primary"} onClick={clickPreview}>
+      <Button
+        style={{ fontSize: 14 }}
+        type={"primary"}
+        onClick={clickPreview}
+        disabled={getButtonDisabled()}
+      >
        {i18next.t("general:Preview")}
      </Button>
      <Modal
--- a/web/src/common/CaptchaWidget.js
+++ b/web/src/common/CaptchaWidget.js
@ -14,7 +14,7 @@

 import React, { useEffect } from "react";

-export const CaptchaWidget = ({ captchaType, siteKey, onChange }) => {
+export const CaptchaWidget = ({ captchaType, subType, siteKey, clientSecret, onChange, clientId2, clientSecret2 }) => {
  const loadScript = (src) => {
    var tag = document.createElement("script");
    tag.async = false;
@ -30,7 +30,7 @@ export const CaptchaWidget = ({ captchaType, siteKey, onChange }) => {
          if (!window.grecaptcha) {
            loadScript("https://recaptcha.net/recaptcha/api.js");
          }
-          if (window.grecaptcha) {
+          if (window.grecaptcha && window.grecaptcha.render) {
            window.grecaptcha.render("captcha", {
              sitekey: siteKey,
              callback: onChange,
@ -44,7 +44,7 @@ export const CaptchaWidget = ({ captchaType, siteKey, onChange }) => {
          if (!window.hcaptcha) {
            loadScript("https://js.hcaptcha.com/1/api.js");
          }
-          if (window.hcaptcha) {
+          if (window.hcaptcha && window.hcaptcha.render) {
            window.hcaptcha.render("captcha", {
              sitekey: siteKey,
              callback: onChange,
@ -53,10 +53,34 @@ export const CaptchaWidget = ({ captchaType, siteKey, onChange }) => {
          }
        }, 300);
        break;
+      case "Aliyun Captcha":
+        const AWSCTimer = setInterval(() => {
+          if (!window.AWSC) {
+            loadScript("https://g.alicdn.com/AWSC/AWSC/awsc.js");
+          }
+
+          if (window.AWSC) {
+            if (clientSecret2 && clientSecret2 !== "***") {
+              window.AWSC.use(subType, function (state, module) {
+                module.init({
+                  appkey: clientSecret2,
+                  scene: clientId2,
+                  renderTo: "captcha",
+                  success: function (data) {
+                    onChange(`SessionId=${data.sessionId}&AccessKeyId=${siteKey}&Scene=${clientId2}&AppKey=${clientSecret2}&Token=${data.token}&Sig=${data.sig}&RemoteIp=192.168.0.1`);
+                  },
+                });
+              });
+            }
+            clearInterval(AWSCTimer);
+          }
+        }, 300);
+        break;
      default:
        break;
    }
-  }, [captchaType, siteKey]);
+    // eslint-disable-next-line react-hooks/exhaustive-deps
+  }, [captchaType, subType, siteKey, clientSecret, clientId2, clientSecret2]);

  return <div id="captcha"></div>;
 };
--- a/web/src/common/CountDownInput.js
+++ b/web/src/common/CountDownInput.js
@ -14,7 +14,6 @@

 import {Button, Col, Input, Modal, Row} from "antd";
 import React from "react";
-import * as Setting from "../Setting";
 import i18next from "i18next";
 import * as UserBackend from "../backend/UserBackend";
 import {SafetyOutlined} from "@ant-design/icons";
@ -34,6 +33,9 @@ export const CountDownInput = (props) => {
  const [buttonLoading, setButtonLoading] = React.useState(false);
  const [buttonDisabled, setButtonDisabled] = React.useState(true);
  const [clientId, setClientId] = React.useState("");
+  const [subType, setSubType] = React.useState("");
+  const [clientId2, setClientId2] = React.useState("");
+  const [clientSecret2, setClientSecret2] = React.useState("");

  const handleCountDown = (leftTime = 60) => {
    let leftTimeSecond = leftTime
@ -69,19 +71,24 @@ export const CountDownInput = (props) => {
  const loadCaptcha = () => {
    UserBackend.getCaptcha("admin", authConfig.appName, false).then(res => {
      if (res.type === "none") {
-        UserBackend.sendCode("none", "", "", ...onButtonClickArgs);
+        UserBackend.sendCode("none", "", "", ...onButtonClickArgs).then(res => {
+          if (res) {
+            handleCountDown(60);
+          }
+        });
      } else if (res.type === "Default") {
        setCheckId(res.captchaId);
        setCaptchaImg(res.captchaImage);
        setCheckType("Default");
        setVisible(true);
-      } else if (res.type === "reCAPTCHA" || res.type === "hCaptcha") {
+      } else {
        setCheckType(res.type);
        setClientId(res.clientId);
        setCheckId(res.clientSecret);
        setVisible(true);
-      } else {
-        Setting.showMessage("error", i18next.t("signup:Unknown Check Type"));
+        setSubType(res.subType);
+        setClientId2(res.clientId2);
+        setClientSecret2(res.clientSecret2);
      }
    })
  }
@ -119,8 +126,12 @@ export const CountDownInput = (props) => {
      return (
        <CaptchaWidget
          captchaType={checkType}
+          subType={subType}
          siteKey={clientId}
+          clientSecret={checkId}
          onChange={onSubmit}
+          clientId2={clientId2}
+          clientSecret2={clientSecret2}
        />
      );
    }
--- a/web/src/locales/de/data.json
+++ b/web/src/locales/de/data.json
@ -6,10 +6,13 @@
    "Sign Up": "Registrieren"
  },
  "application": {
+    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
    "Copy signin page URL": "Copy signin page URL",
    "Copy signup page URL": "Copy signup page URL",
    "Edit Application": "Anwendung bearbeiten",
+    "Enable SAML compress": "Enable SAML compress",
+    "Enable SAML compress - Tooltip": "Enable SAML compress - Tooltip",
    "Enable code signin": "Code-Anmeldung aktivieren",
    "Enable code signin - Tooltip": "Aktiviere Codeanmeldung - Tooltip",
    "Enable signin session - Tooltip": "Aktiviere Anmeldesession - Tooltip",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "Aktualisierungs-Token läuft ab - Tooltip",
    "SAML metadata": "SAML metadata",
    "SAML metadata - Tooltip": "SAML metadata - Tooltip",
+    "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser",
    "Signin session": "Anmeldesitzung",
    "Signup items": "Artikel registrieren",
@ -407,7 +411,7 @@
    "Domain": "Domäne",
    "Domain - Tooltip": "Storage endpoint custom domain",
    "Edit Provider": "Anbieter bearbeiten",
-    "Email Content": "Email Content",
+    "Email Content": "Email content",
    "Email Content - Tooltip": "Unique string-style identifier",
    "Email Title": "E-Mail-Titel",
    "Email Title - Tooltip": "Unique string-style identifier",
@ -442,12 +446,15 @@
    "SP ACS URL": "SP-ACS-URL",
    "SP ACS URL - Tooltip": "SP ACS URL - Tooltip",
    "SP Entity ID": "SP Entity ID",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - Tooltip",
    "Secret access key": "Geheimer Zugangsschlüssel",
    "Secret key": "Secret key",
    "Secret key - Tooltip": "Secret key - Tooltip",
    "SecretAccessKey - Tooltip": "SecretAccessKey - Tooltip",
+    "Send Test Email": "Send Test Email",
    "Sign Name": "Schild Name",
    "Sign Name - Tooltip": "Unique string-style identifier",
    "Sign request": "Signaturanfrage",
@ -466,6 +473,9 @@
    "Template Code - Tooltip": "Unique string-style identifier",
    "Terms of Use": "Nutzungsbedingungen",
    "Terms of Use - Tooltip": "Nutzungsbedingungen - Tooltip",
+    "Test Connection": "Test Smtp Connection",
+    "Test Email": "Test email config",
+    "Test Email - Tooltip": "Email Address",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - Tooltip",
    "Type": "Typ",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "The input is not invoice title!",
    "The input is not valid Email!": "Die Eingabe ist ungültig!",
    "The input is not valid Phone!": "Die Eingabe ist nicht gültig!",
-    "Unknown Check Type": "Unbekannter Schecktyp",
    "Username": "Benutzername",
    "Username - Tooltip": "Benutzername - Tooltip",
    "Your account has been created!": "Ihr Konto wurde erstellt!",
--- a/web/src/locales/en/data.json
+++ b/web/src/locales/en/data.json
@ -6,10 +6,13 @@
    "Sign Up": "Sign Up"
  },
  "application": {
+    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
    "Copy signin page URL": "Copy signin page URL",
    "Copy signup page URL": "Copy signup page URL",
    "Edit Application": "Edit Application",
+    "Enable SAML compress": "Enable SAML compress",
+    "Enable SAML compress - Tooltip": "Enable SAML compress - Tooltip",
    "Enable code signin": "Enable code signin",
    "Enable code signin - Tooltip": "Enable code signin - Tooltip",
    "Enable signin session - Tooltip": "Enable signin session - Tooltip",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "Refresh token expire - Tooltip",
    "SAML metadata": "SAML metadata",
    "SAML metadata - Tooltip": "SAML metadata - Tooltip",
+    "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
@ -442,12 +446,15 @@
    "SP ACS URL": "SP ACS URL",
    "SP ACS URL - Tooltip": "SP ACS URL - Tooltip",
    "SP Entity ID": "SP Entity ID",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - Tooltip",
    "Secret access key": "Secret access key",
    "Secret key": "Secret key",
    "Secret key - Tooltip": "Secret key - Tooltip",
    "SecretAccessKey - Tooltip": "SecretAccessKey - Tooltip",
+    "Send Test Email": "Send Test Email",
    "Sign Name": "Sign Name",
    "Sign Name - Tooltip": "Sign Name - Tooltip",
    "Sign request": "Sign request",
@ -466,6 +473,9 @@
    "Template Code - Tooltip": "Template Code - Tooltip",
    "Terms of Use": "Terms of Use",
    "Terms of Use - Tooltip": "Terms of Use - Tooltip",
+    "Test Connection": "Test Connection",
+    "Test Email": "Test Email",
+    "Test Email - Tooltip": "Test Email - Tooltip",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - Tooltip",
    "Type": "Type",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "The input is not invoice title!",
    "The input is not valid Email!": "The input is not valid Email!",
    "The input is not valid Phone!": "The input is not valid Phone!",
-    "Unknown Check Type": "Unknown Check Type",
    "Username": "Username",
    "Username - Tooltip": "Username - Tooltip",
    "Your account has been created!": "Your account has been created!",
--- a/web/src/locales/fr/data.json
+++ b/web/src/locales/fr/data.json
@ -6,10 +6,13 @@
    "Sign Up": "S'inscrire"
  },
  "application": {
+    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
    "Copy signin page URL": "Copy signin page URL",
    "Copy signup page URL": "Copy signup page URL",
    "Edit Application": "Modifier l'application",
+    "Enable SAML compress": "Enable SAML compress",
+    "Enable SAML compress - Tooltip": "Enable SAML compress - Tooltip",
    "Enable code signin": "Activer la connexion au code",
    "Enable code signin - Tooltip": "Activer la connexion au code - infobulle",
    "Enable signin session - Tooltip": "Activer la session de connexion - infobulle",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "Expiration du jeton d'actualisation - infobulle",
    "SAML metadata": "SAML metadata",
    "SAML metadata - Tooltip": "SAML metadata - Tooltip",
+    "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser",
    "Signin session": "Connexion à la session",
    "Signup items": "Inscrire des éléments",
@ -407,7 +411,7 @@
    "Domain": "Domaine",
    "Domain - Tooltip": "Storage endpoint custom domain",
    "Edit Provider": "Modifier le fournisseur",
-    "Email Content": "Email Content",
+    "Email Content": "Email content",
    "Email Content - Tooltip": "Unique string-style identifier",
    "Email Title": "Titre de l'e-mail",
    "Email Title - Tooltip": "Unique string-style identifier",
@ -442,12 +446,15 @@
    "SP ACS URL": "URL du SP ACS",
    "SP ACS URL - Tooltip": "URL SP ACS - infobulle",
    "SP Entity ID": "ID de l'entité SP",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - Tooltip",
    "Secret access key": "Clé d'accès secrète",
    "Secret key": "Secret key",
    "Secret key - Tooltip": "Secret key - Tooltip",
    "SecretAccessKey - Tooltip": "SecretAccessKey - Infobulle",
+    "Send Test Email": "Send Test Email",
    "Sign Name": "Nom du panneau",
    "Sign Name - Tooltip": "Unique string-style identifier",
    "Sign request": "Demande de signature",
@ -466,6 +473,9 @@
    "Template Code - Tooltip": "Unique string-style identifier",
    "Terms of Use": "Conditions d'utilisation",
    "Terms of Use - Tooltip": "Conditions d'utilisation - Info-bulle",
+    "Test Connection": "Test Smtp Connection",
+    "Test Email": "Test email config",
+    "Test Email - Tooltip": "Email Address",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - Tooltip",
    "Type": "Type de texte",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "The input is not invoice title!",
    "The input is not valid Email!": "L'entrée n'est pas un email valide !",
    "The input is not valid Phone!": "L'entrée n'est pas un téléphone valide !",
-    "Unknown Check Type": "Type de vérification inconnu",
    "Username": "Nom d'utilisateur",
    "Username - Tooltip": "Nom d'utilisateur - Info-bulle",
    "Your account has been created!": "Votre compte a été créé !",
--- a/web/src/locales/ja/data.json
+++ b/web/src/locales/ja/data.json
@ -6,10 +6,13 @@
    "Sign Up": "新規登録"
  },
  "application": {
+    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
    "Copy signin page URL": "Copy signin page URL",
    "Copy signup page URL": "Copy signup page URL",
    "Edit Application": "アプリケーションを編集",
+    "Enable SAML compress": "Enable SAML compress",
+    "Enable SAML compress - Tooltip": "Enable SAML compress - Tooltip",
    "Enable code signin": "コードサインインを有効にする",
    "Enable code signin - Tooltip": "Enable code signin - Tooltip",
    "Enable signin session - Tooltip": "Enable signin session - Tooltip",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "トークンの有効期限を更新する - ツールチップ",
    "SAML metadata": "SAML metadata",
    "SAML metadata - Tooltip": "SAML metadata - Tooltip",
+    "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser",
    "Signin session": "サインインセッション",
    "Signup items": "アイテムの登録",
@ -407,7 +411,7 @@
    "Domain": "ドメイン",
    "Domain - Tooltip": "Storage endpoint custom domain",
    "Edit Provider": "プロバイダーを編集",
-    "Email Content": "Email Content",
+    "Email Content": "Email content",
    "Email Content - Tooltip": "Unique string-style identifier",
    "Email Title": "メールタイトル",
    "Email Title - Tooltip": "Unique string-style identifier",
@ -442,12 +446,15 @@
    "SP ACS URL": "SP ACS URL",
    "SP ACS URL - Tooltip": "SP ACS URL - ツールチップ",
    "SP Entity ID": "SP ID",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - Tooltip",
    "Secret access key": "シークレットアクセスキー",
    "Secret key": "Secret key",
    "Secret key - Tooltip": "Secret key - Tooltip",
    "SecretAccessKey - Tooltip": "シークレットアクセスキー - ツールチップ",
+    "Send Test Email": "Send Test Email",
    "Sign Name": "署名名",
    "Sign Name - Tooltip": "Unique string-style identifier",
    "Sign request": "サインリクエスト",
@ -466,6 +473,9 @@
    "Template Code - Tooltip": "Unique string-style identifier",
    "Terms of Use": "利用規約",
    "Terms of Use - Tooltip": "利用規約 - ツールチップ",
+    "Test Connection": "Test Smtp Connection",
+    "Test Email": "Test email config",
+    "Test Email - Tooltip": "Email Address",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - Tooltip",
    "Type": "タイプ",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "The input is not invoice title!",
    "The input is not valid Email!": "入力されたメールアドレスが無効です！",
    "The input is not valid Phone!": "入力された電話番号が正しくありません！",
-    "Unknown Check Type": "不明なチェックタイプ",
    "Username": "ユーザー名",
    "Username - Tooltip": "ユーザー名 - ツールチップ",
    "Your account has been created!": "あなたのアカウントが作成されました！",
--- a/web/src/locales/ko/data.json
+++ b/web/src/locales/ko/data.json
@ -6,10 +6,13 @@
    "Sign Up": "Sign Up"
  },
  "application": {
+    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
    "Copy signin page URL": "Copy signin page URL",
    "Copy signup page URL": "Copy signup page URL",
    "Edit Application": "Edit Application",
+    "Enable SAML compress": "Enable SAML compress",
+    "Enable SAML compress - Tooltip": "Enable SAML compress - Tooltip",
    "Enable code signin": "Enable code signin",
    "Enable code signin - Tooltip": "Enable code signin - Tooltip",
    "Enable signin session - Tooltip": "Enable signin session - Tooltip",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "Refresh token expire - Tooltip",
    "SAML metadata": "SAML metadata",
    "SAML metadata - Tooltip": "SAML metadata - Tooltip",
+    "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser",
    "Signin session": "Signin session",
    "Signup items": "Signup items",
@ -407,9 +411,9 @@
    "Domain": "Domain",
    "Domain - Tooltip": "Storage endpoint custom domain",
    "Edit Provider": "Edit Provider",
-    "Email Content": "Email Content",
+    "Email Content": "Email content",
    "Email Content - Tooltip": "Unique string-style identifier",
-    "Email Title": "Email Title",
+    "Email Title": "Email title",
    "Email Title - Tooltip": "Unique string-style identifier",
    "Endpoint": "Endpoint",
    "Endpoint (Intranet)": "Endpoint (Intranet)",
@ -442,12 +446,15 @@
    "SP ACS URL": "SP ACS URL",
    "SP ACS URL - Tooltip": "SP ACS URL - Tooltip",
    "SP Entity ID": "SP Entity ID",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - Tooltip",
    "Secret access key": "Secret access key",
    "Secret key": "Secret key",
    "Secret key - Tooltip": "Secret key - Tooltip",
    "SecretAccessKey - Tooltip": "SecretAccessKey - Tooltip",
+    "Send Test Email": "Send Test Email",
    "Sign Name": "Sign Name",
    "Sign Name - Tooltip": "Unique string-style identifier",
    "Sign request": "Sign request",
@ -466,6 +473,9 @@
    "Template Code - Tooltip": "Unique string-style identifier",
    "Terms of Use": "Terms of Use",
    "Terms of Use - Tooltip": "Terms of Use - Tooltip",
+    "Test Connection": "Test Smtp Connection",
+    "Test Email": "Test email config",
+    "Test Email - Tooltip": "Email Address",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - Tooltip",
    "Type": "Type",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "The input is not invoice title!",
    "The input is not valid Email!": "The input is not valid Email!",
    "The input is not valid Phone!": "The input is not valid Phone!",
-    "Unknown Check Type": "Unknown Check Type",
    "Username": "Username",
    "Username - Tooltip": "Username - Tooltip",
    "Your account has been created!": "Your account has been created!",
--- a/web/src/locales/ru/data.json
+++ b/web/src/locales/ru/data.json
@ -6,10 +6,13 @@
    "Sign Up": "Регистрация"
  },
  "application": {
+    "Copy SAML metadata URL": "Copy SAML metadata URL",
    "Copy prompt page URL": "Copy prompt page URL",
    "Copy signin page URL": "Copy signin page URL",
    "Copy signup page URL": "Copy signup page URL",
    "Edit Application": "Изменить приложение",
+    "Enable SAML compress": "Enable SAML compress",
+    "Enable SAML compress - Tooltip": "Enable SAML compress - Tooltip",
    "Enable code signin": "Включить кодовый вход",
    "Enable code signin - Tooltip": "Включить вход с кодом - Tooltip",
    "Enable signin session - Tooltip": "Включить сеанс входа - Подсказка",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "Срок обновления токена истекает - Подсказка",
    "SAML metadata": "SAML metadata",
    "SAML metadata - Tooltip": "SAML metadata - Tooltip",
+    "SAML metadata URL copied to clipboard successfully": "SAML metadata URL copied to clipboard successfully",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser",
    "Signin session": "Сессия входа",
    "Signup items": "Элементы регистрации",
@ -407,7 +411,7 @@
    "Domain": "Домен",
    "Domain - Tooltip": "Storage endpoint custom domain",
    "Edit Provider": "Изменить провайдера",
-    "Email Content": "Email Content",
+    "Email Content": "Email content",
    "Email Content - Tooltip": "Unique string-style identifier",
    "Email Title": "Заголовок письма",
    "Email Title - Tooltip": "Unique string-style identifier",
@ -442,12 +446,15 @@
    "SP ACS URL": "SP ACS URL",
    "SP ACS URL - Tooltip": "SP ACS URL - Подсказка",
    "SP Entity ID": "Идентификатор сущности SP",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - Tooltip",
    "Secret access key": "Секретный ключ доступа",
    "Secret key": "Secret key",
    "Secret key - Tooltip": "Secret key - Tooltip",
    "SecretAccessKey - Tooltip": "SecretAccessKey - Подсказка",
+    "Send Test Email": "Send Test Email",
    "Sign Name": "Имя подписи",
    "Sign Name - Tooltip": "Unique string-style identifier",
    "Sign request": "Запрос на подпись",
@ -466,6 +473,9 @@
    "Template Code - Tooltip": "Unique string-style identifier",
    "Terms of Use": "Условия использования",
    "Terms of Use - Tooltip": "Условия использования - Tooltip",
+    "Test Connection": "Test Smtp Connection",
+    "Test Email": "Test email config",
+    "Test Email - Tooltip": "Email Address",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - Tooltip",
    "Type": "Тип",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "The input is not invoice title!",
    "The input is not valid Email!": "Ввод не является допустимым Email!",
    "The input is not valid Phone!": "Введен неверный телефон!",
-    "Unknown Check Type": "Неизвестный тип проверки",
    "Username": "Имя пользователя",
    "Username - Tooltip": "Имя пользователя - Подсказка",
    "Your account has been created!": "Ваша учетная запись была создана!",
--- a/web/src/locales/zh/data.json
+++ b/web/src/locales/zh/data.json
@ -6,10 +6,13 @@
    "Sign Up": "注册"
  },
  "application": {
+    "Copy SAML metadata URL": "复制SAML元数据URL",
    "Copy prompt page URL": "复制提醒页面URL",
    "Copy signin page URL": "复制登录页面URL",
    "Copy signup page URL": "复制注册页面URL",
    "Edit Application": "编辑应用",
+    "Enable SAML compress": "压缩SAML响应",
+    "Enable SAML compress - Tooltip": "Casdoor作为SAML idp时，是否压缩SAML响应信息",
    "Enable code signin": "启用验证码登录",
    "Enable code signin - Tooltip": "是否允许用手机或邮箱验证码登录",
    "Enable signin session - Tooltip": "从应用登录Casdoor后，Casdoor是否保持会话",
@ -30,6 +33,7 @@
    "Refresh token expire - Tooltip": "Refresh Token过期时间",
    "SAML metadata": "SAML元数据",
    "SAML metadata - Tooltip": "SAML协议的元数据（Metadata）信息",
+    "SAML metadata URL copied to clipboard successfully": "SAML元数据URL已成功复制到剪贴板",
    "Signin page URL copied to clipboard successfully, please paste it into the incognito window or another browser": "登录页面URL已成功复制到剪贴板，请粘贴到当前浏览器的隐身模式窗口或另一个浏览器访问",
    "Signin session": "保持登录会话",
    "Signup items": "注册项",
@ -442,12 +446,15 @@
    "SP ACS URL": "SP ACS URL",
    "SP ACS URL - Tooltip": "SP ACS URL - 工具提示",
    "SP Entity ID": "SP 实体 ID",
+    "Scene": "Scene",
+    "Scene - Tooltip": "Scene - Tooltip",
    "Scope": "Scope",
    "Scope - Tooltip": "Scope - 工具提示",
    "Secret access key": "秘密访问密钥",
-    "Secret key": "服务端密钥",
-    "Secret key - Tooltip": "服务端密钥",
+    "Secret key": "Secret key",
+    "Secret key - Tooltip": "用于服务端调用验证码提供商API进行验证",
    "SecretAccessKey - Tooltip": "访问密钥-工具提示",
+    "Send Test Email": "发送测试邮件",
    "Sign Name": "签名名称",
    "Sign Name - Tooltip": "签名名称",
    "Sign request": "签名请求",
@ -458,14 +465,17 @@
    "Signup HTML": "注册页面HTML",
    "Signup HTML - Edit": "注册页面HTML - 编辑",
    "Signup HTML - Tooltip": "自定义HTML，用于替换默认的注册页面样式",
-    "Site key": "客户端密钥",
-    "Site key - Tooltip": "客户端密钥",
+    "Site key": "Site key",
+    "Site key - Tooltip": "用于前端嵌入页面",
    "Sub type": "子类型",
    "Sub type - Tooltip": "子类型",
    "Template Code": "模板代码",
    "Template Code - Tooltip": "模板代码",
    "Terms of Use": "使用条款",
    "Terms of Use - Tooltip": "使用条款 - 工具提示",
+    "Test Connection": "测试Smtp连接",
+    "Test Email": "测试Email配置",
+    "Test Email - Tooltip": "邮箱地址",
    "Token URL": "Token URL",
    "Token URL - Tooltip": "Token URL - 工具提示",
    "Type": "类型",
@ -529,7 +539,6 @@
    "The input is not invoice title!": "您输入的发票抬头有误！",
    "The input is not valid Email!": "您输入的电子邮箱格式有误！",
    "The input is not valid Phone!": "您输入的手机号格式有误！",
-    "Unknown Check Type": "未知的验证码类型",
    "Username": "用户名",
    "Username - Tooltip": "允许字符包括字母、数字、下划线，不得以数字开头",
    "Your account has been created!": "您的账号已创建！",
Author	SHA1	Message	Date
Yixiang Zhao	aa5078de15	fix: crowdin kept deleting translations (#843 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-07-01 10:51:40 +08:00
YunShu	9a324b2cca	fix: Update Crowdin link (#841 )	2022-06-30 22:05:20 +08:00
aecra	919eaf1df4	fix: fix CORS error after sucessful OPTION (#838 )	2022-06-30 21:29:02 +08:00
Atom Pi	cd902a21ba	fix: some minor bugs and make Dockerfile more productive. (#831 ) * fix: some minor bugs and make Dockerfile more productive. * fix: make GitHub CI configuration support build image with STANDARD target. * fix: Naming the base stage in multi-stage builds with lowercase letters to support various operating systems. * fix: copy swagger to the image as well.	2022-06-29 23:21:18 +08:00
Gucheng Wang	fe0ab0aa6f	Fix downloadFile()'s google proxy.	2022-06-29 22:01:38 +08:00
Resulte Lee	a0e11cc8a0	feat: add aliyun captcha (#833 ) * feat: add aliyun captcha provider * Rename App key * fix typo * Rename HMACSHA1 & Reused clientId2 and clientSecret2 * Update ProviderEditPage.js * Delete unused import Co-authored-by: Gucheng <85475922+nomeguy@users.noreply.github.com>	2022-06-29 11:31:32 +08:00
Yixiang Zhao	8a66448365	feat: support casdoor as saml idp to connect keycloak (#832 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-06-28 22:05:02 +08:00
Resulte Lee	477d386f3c	fix: captcha preview panic when clientId or clientSecret is empty (#824 ) * fix: captcha preview panic when clientId or clientSecret is empty * return original errors from captcha	2022-06-26 22:09:57 +08:00
Gucheng Wang	339c6c2dd0	Fix null bug in getTermsofuseContent().	2022-06-26 09:34:01 +08:00
aecra	7c9370ef90	feat: add CORS filter to fix OPTION request failure (#826 )	2022-06-26 01:28:33 +08:00
Ryao	31b586e391	feat: Add email config test on provider edit page (#819 ) * feat: Add email config test on provider edit page * Re-use send-email API * Optimize code Optimize code * Update service.go * Update service.go Co-authored-by: Gucheng <85475922+nomeguy@users.noreply.github.com>	2022-06-24 01:47:10 +08:00
Gucheng Wang	249f83e764	Fix TestProduct() compile error.	2022-06-23 00:54:31 +08:00
Yixiang Zhao	16f5569e50	fix: encryption without salt (#821 ) Signed-off-by: Yixiang Zhao <seriouszyx@foxmail.com>	2022-06-22 22:30:27 +08:00
Resulte Lee	f99c1f44e8	fix: don't trigger countdown if failed to send verification code (#815 ) * feat: add countdown when no captcha provider found * fix: add countdown when sent code successfully	2022-06-22 22:22:40 +08:00
Gucheng Wang	c8c4dfbfb8	Fix bug and i18n issue in captcha provider edit page.	2022-06-22 21:54:25 +08:00
Resulte Lee	d9c6ff2507	fix: captcha widget JS warnings (#820 )	2022-06-22 18:31:18 +08:00
Gucheng Wang	e1664f2f60	Fix newApplication() to add provider.	2022-06-22 00:08:46 +08:00
Resulte Lee	460a4d4969	fix: init default captcha provider (#810 ) * feat: init built in provider * Update built-in provider in application * Delete unnecessary judge * Update init.go Co-authored-by: Gucheng <85475922+nomeguy@users.noreply.github.com>	2022-06-22 00:03:55 +08:00
leoshine	376bac15dc	fix: improve swagger Api docunment (#812 )	2022-06-21 23:11:29 +08:00
Gucheng Wang	8d0e92edef	Fix missing items in renderAccountItem().	2022-06-21 17:08:08 +08:00
Gucheng Wang	0075b7af52	Fix JS warnings.	2022-06-21 15:26:58 +08:00
Resulte Lee	2c57bece39	feat: fix stuck error when no captcha provider found (#808 )	2022-06-21 12:22:46 +08:00