785a97a4c8
DEV: Update CI workflows ( #49 )
...
Co-authored-by: davidtaylorhq <davidtaylorhq@users.noreply.github.com>
2021-07-02 16:40:15 +02:00
3e3c2ae44d
DEV: Skip test that is resetting state of other plugins. ( #48 )
...
Follow-up to d1a912ebc8
2021-07-02 16:16:03 +08:00
d1a912ebc8
FEATURE: Fetch custom attributes from the user details. ( #47 )
...
Other plugins can tell the authenticator to traverse the user details JSON using custom paths and store the values in the user associated account extra field.
2021-07-01 18:23:27 -03:00
6ee31f6b02
Bump glob-parent from 5.1.1 to 5.1.2 ( #46 )
...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent ) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases )
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2 )
---
updated-dependencies:
- dependency-name: glob-parent
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-12 13:58:46 +02:00
c3404ed877
Update translations ( #45 )
2021-06-01 15:11:22 +02:00
50aca4050f
Update translations ( #44 )
2021-05-25 15:26:44 +02:00
ed3255fea0
Bump lodash from 4.17.20 to 4.17.21 ( #43 )
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-10 13:39:55 -04:00
60a8ba05c2
Bump rexml from 3.2.4 to 3.2.5 ( #42 )
...
Bumps [rexml](https://github.com/ruby/rexml ) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/ruby/rexml/releases )
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md )
- [Commits](https://github.com/ruby/rexml/compare/v3.2.4...v3.2.5 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-02 17:07:53 +02:00
60eeb0d338
Hide the `oauth2_disable_csrf` setting ( #41 )
...
It can be useful for homegrown CSRF setups or while debugging but it is
not secure and should only be used if you really know what you're doing.
2021-04-21 13:30:28 -04:00
f45cd3edf9
FEATURE: Handle invalid email_verified data from identity provider ( #40 )
...
Some identity providers send email_verfied as a 'true'/'false' string, not a boolean. (e.g. this bug in Auth0: https://community.auth0.com/t/27553 )
This commit adds automatic handling for this case, so that the string is automatically converted into a real boolean.
2021-04-21 11:16:25 +01:00
76eeb5a35d
Update translations ( #39 )
2021-04-20 15:30:18 +02:00
cef99620a1
Allow to disable CSRF check during the oauth login. ( #38 )
...
* Ignore CSRF check.
* Ignore CSRF check as a plugin setting.
Co-authored-by: Kalach, Dmitry <d.kalach@itransition.com>
2021-04-19 12:39:45 -04:00
f025ed03f2
Bump y18n from 4.0.0 to 4.0.1 ( #37 )
...
Bumps [y18n](https://github.com/yargs/y18n ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-01 09:56:39 +02:00
59c3d9aa5e
DEV: Clean up plugin.rb ( #36 )
...
- Remove Faraday version check - all versions of Discourse now have Faraday 1.0
- Remove custom button CSS. Core now takes care of styling login buttons
- Remove deprecated `message` parameter from auth_provider registration
2021-03-30 11:29:22 +01:00
aaf3044043
Update translations ( #35 )
2021-03-16 15:45:23 +01:00
a9ad67c4c6
FEATURE: Allow using a different authorize_url for signup ( #34 )
...
If specified, the oauth2_authorize_signup_url will be used when the user starts the auth flow via the 'sign up' buttons in the UI. If not specified, the regular authorize_url continues to be used.
2021-03-10 12:29:58 +00:00
b0c42536f6
DEV: Update CI workflows ( #32 )
...
Co-authored-by: CvX <CvX@users.noreply.github.com>
2021-03-10 13:10:36 +01:00
96a0bde0aa
FEATURE: Allow JSON paths with literal dots in the keys ( #33 )
...
This is achieved by surrounding a key with double quotes, or by escaping
the dot character with a backslash.
For example, given the JSON
```
{ "www.example.com/uid": "myuid" }
```
Previously, there was no way to access this value. The dots would make
the parser try to access `json["www"]["example"]["com/uid"]`.
Now, this value can be accessed by using a `oauth2_json_user_id_path` like:
```
www\.example\.com/uid
```
or alternatively:
```
"www.example.com/uid"
```
2021-03-10 11:48:58 +00:00
0be01f0afd
Update translations ( #31 )
2021-02-09 14:47:52 +01:00
df0b2c5460
Update translations ( #30 )
2021-01-26 14:48:54 +01:00
b3abeec4ca
DEV: Update CI workflows ( #28 )
...
Co-authored-by: justindirose <justindirose@users.noreply.github.com>
2021-01-04 14:18:20 -06:00
66b0d391ef
Update translations ( #27 )
2020-12-22 14:46:10 +01:00
820a6f856f
Update translations ( #26 )
2020-12-15 15:23:29 +01:00
29e828fccf
Update translations ( #25 )
2020-11-24 17:22:12 +01:00
485aec9148
DEV: Update CI workflows
2020-11-15 16:09:42 +00:00
80d7ea85a5
DEV: Update CI workflows
2020-10-14 16:27:52 +00:00
d9c7312be6
DEV: Update CI workflows
2020-10-12 08:16:48 +00:00
c1f4e63063
DEV: Update CI workflows
2020-10-09 19:03:13 +00:00
005457ccf8
DEV: Apply coding standards ( #24 )
2020-10-09 13:50:54 -05:00
365cfbc209
DEV: Update CI workflows
2020-10-09 16:15:04 +00:00
d025d1f186
DEV: Update CI workflows
2020-10-09 15:09:49 +00:00
db84540470
Update translations
2020-10-06 15:19:21 +02:00
13ed44486a
Update translations
2020-09-22 13:05:19 +00:00
1f6eced849
Update translations
2020-09-16 10:19:28 +00:00
d2cb7e9470
Update translations
2020-08-18 13:03:21 +00:00
399685ee83
Update translations
2020-08-11 13:05:09 +00:00
3c3aa6e0b0
Update translations
2020-08-05 13:29:14 +00:00
16543fad72
DEV: Switch from Transifex to Crowdin
2020-07-16 14:01:06 +02:00
c6245de6fb
Update translations
2020-06-24 11:41:41 -04:00
6dc9131fb9
Update translations
2020-05-27 16:54:50 -04:00
e045df91d7
Update translations
2020-05-04 10:50:16 -04:00
56e32d9bf6
DEV: Move to rubocop-discourse.
2020-05-04 10:34:14 +08:00
5984e52dc6
DEV: Fix rubocop offences
2020-04-30 18:49:15 +01:00
be136eacb4
FEATURE: Allow disabling request_body authentication for token endpoint
...
By default we include both authentication data in both the Authorization header, and in the request body. This provides maximum compatibility, although is technically a breach of the OAuth2 specification. This commit introduces a new site setting `oauth2_send_auth_body`, which allows the behavior to be controlled.
2020-04-30 17:28:22 +01:00
d8a8724f2b
FEATURE: Add detailed OAuth2 request and response logs
...
This makes use of Faraday middleware to log precise details about all requests made by the OAuth2 gem. This should make it easier to debug configuration issues
2020-04-30 17:15:35 +01:00
ca5f555750
FEATURE: Allow using array indexes in json paths ( #22 )
2020-04-21 14:46:42 +01:00
1b9937b27d
DEV: Remove deprecated use of full_screen_login_setting
2020-04-20 14:20:02 +01:00
47a8211d9a
DEV: Correct OAuth2BasicAuthenticator namespace, remove spec workarounds
2020-04-14 21:32:35 +01:00
72d655bc44
UX: Update copy for site settings
2020-04-09 11:40:45 +01:00
879dca616d
Update translations
2020-02-25 10:33:50 -05:00
discoursebot
Alan Guo Xiang Tan
Roman Rizzi
dependabot[bot]
Discourse Translator Bot
Robin Ward
David Taylor
babayotakun
Discourse CI
Justin DiRose
Neil Lalonde
Josh Kerxhalli-Kleinfield