discourse
/
discourse-oauth2-basic
mirror of https://github.com/discourse/discourse-oauth2-basic.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
143 Commits 4 Branches 0 Tags 941 KiB
Commit Graph

143 Commits

Author SHA1 Message Date
discoursebot 60c3a6e02a
DEV: Update CI workflows (#52) 
Co-authored-by: CvX <CvX@users.noreply.github.com>
 2021-09-15 19:58:40 +02:00
dependabot[bot] 5663d1ff9e
Bump path-parse from 1.0.6 to 1.0.7 (#51) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-13 00:52:20 +02:00
Roman Rizzi 96d815c56c
DEV: Restos skipped test. Plugins can reset a single registry now. follow-up to 3e3c2ae (#50) 2021-07-02 13:38:59 -03:00
discoursebot 785a97a4c8
DEV: Update CI workflows (#49) 
Co-authored-by: davidtaylorhq <davidtaylorhq@users.noreply.github.com>
 2021-07-02 16:40:15 +02:00
Alan Guo Xiang Tan 3e3c2ae44d
DEV: Skip test that is resetting state of other plugins. (#48) 
Follow-up to d1a912ebc8
 2021-07-02 16:16:03 +08:00
Roman Rizzi d1a912ebc8
FEATURE: Fetch custom attributes from the user details. (#47) 
Other plugins can tell the authenticator to traverse the user details JSON using custom paths and store the values in the user associated account extra field.
 2021-07-01 18:23:27 -03:00
dependabot[bot] 6ee31f6b02
Bump glob-parent from 5.1.1 to 5.1.2 (#46) 
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-12 13:58:46 +02:00
Discourse Translator Bot c3404ed877
Update translations (#45) 2021-06-01 15:11:22 +02:00
Discourse Translator Bot 50aca4050f
Update translations (#44) 2021-05-25 15:26:44 +02:00
dependabot[bot] ed3255fea0
Bump lodash from 4.17.20 to 4.17.21 (#43) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-10 13:39:55 -04:00
dependabot[bot] 60a8ba05c2
Bump rexml from 3.2.4 to 3.2.5 (#42) 
Bumps [rexml](https://github.com/ruby/rexml) from 3.2.4 to 3.2.5.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](https://github.com/ruby/rexml/compare/v3.2.4...v3.2.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-05-02 17:07:53 +02:00
Robin Ward 60eeb0d338
Hide the `oauth2_disable_csrf` setting (#41) 
It can be useful for homegrown CSRF setups or while debugging but it is
not secure and should only be used if you really know what you're doing.
 2021-04-21 13:30:28 -04:00
David Taylor f45cd3edf9
FEATURE: Handle invalid email_verified data from identity provider (#40) 
Some identity providers send email_verfied as a 'true'/'false' string, not a boolean. (e.g. this bug in Auth0: https://community.auth0.com/t/27553)

This commit adds automatic handling for this case, so that the string is automatically converted into a real boolean.
 2021-04-21 11:16:25 +01:00
Discourse Translator Bot 76eeb5a35d
Update translations (#39) 2021-04-20 15:30:18 +02:00
babayotakun cef99620a1
Allow to disable CSRF check during the oauth login. (#38) 
* Ignore CSRF check.

* Ignore CSRF check as a plugin setting.

Co-authored-by: Kalach, Dmitry <d.kalach@itransition.com>
 2021-04-19 12:39:45 -04:00
dependabot[bot] f025ed03f2
Bump y18n from 4.0.0 to 4.0.1 (#37) 
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-01 09:56:39 +02:00
David Taylor 59c3d9aa5e
DEV: Clean up plugin.rb (#36) 
- Remove Faraday version check - all versions of Discourse now have Faraday 1.0
- Remove custom button CSS. Core now takes care of styling login buttons
- Remove deprecated `message` parameter from auth_provider registration
 2021-03-30 11:29:22 +01:00
Discourse Translator Bot aaf3044043
Update translations (#35) 2021-03-16 15:45:23 +01:00
David Taylor a9ad67c4c6
FEATURE: Allow using a different authorize_url for signup (#34) 
If specified, the oauth2_authorize_signup_url will be used when the user starts the auth flow via the 'sign up' buttons in the UI. If not specified, the regular authorize_url continues to be used.
 2021-03-10 12:29:58 +00:00
discoursebot b0c42536f6
DEV: Update CI workflows (#32) 
Co-authored-by: CvX <CvX@users.noreply.github.com>
 2021-03-10 13:10:36 +01:00
David Taylor 96a0bde0aa
FEATURE: Allow JSON paths with literal dots in the keys (#33) 
This is achieved by surrounding a key with double quotes, or by escaping
the dot character with a backslash.

For example, given the JSON

```
{ "www.example.com/uid": "myuid" }
```

Previously, there was no way to access this value. The dots would make
the parser try to access `json["www"]["example"]["com/uid"]`.

Now, this value can be accessed by using a `oauth2_json_user_id_path` like:

```
www\.example\.com/uid
```
or alternatively:
```
"www.example.com/uid"
```
 2021-03-10 11:48:58 +00:00
Discourse Translator Bot 0be01f0afd
Update translations (#31) 2021-02-09 14:47:52 +01:00
Discourse Translator Bot df0b2c5460
Update translations (#30) 2021-01-26 14:48:54 +01:00
discoursebot b3abeec4ca
DEV: Update CI workflows (#28) 
Co-authored-by: justindirose <justindirose@users.noreply.github.com>
 2021-01-04 14:18:20 -06:00
Discourse Translator Bot 66b0d391ef
Update translations (#27) 2020-12-22 14:46:10 +01:00
Discourse Translator Bot 820a6f856f
Update translations (#26) 2020-12-15 15:23:29 +01:00
Discourse Translator Bot 29e828fccf
Update translations (#25) 2020-11-24 17:22:12 +01:00
Discourse CI 485aec9148 DEV: Update CI workflows 2020-11-15 16:09:42 +00:00
Discourse CI 80d7ea85a5 DEV: Update CI workflows 2020-10-14 16:27:52 +00:00
Discourse CI d9c7312be6 DEV: Update CI workflows 2020-10-12 08:16:48 +00:00
Discourse CI c1f4e63063 DEV: Update CI workflows 2020-10-09 19:03:13 +00:00
Justin DiRose 005457ccf8
DEV: Apply coding standards (#24) 2020-10-09 13:50:54 -05:00
Discourse CI 365cfbc209 DEV: Update CI workflows 2020-10-09 16:15:04 +00:00
Discourse CI d025d1f186 DEV: Update CI workflows 2020-10-09 15:09:49 +00:00
Discourse Translator Bot db84540470 Update translations 2020-10-06 15:19:21 +02:00
Discourse Translator Bot 13ed44486a Update translations 2020-09-22 13:05:19 +00:00
Discourse Translator Bot 1f6eced849 Update translations 2020-09-16 10:19:28 +00:00
Discourse Translator Bot d2cb7e9470 Update translations 2020-08-18 13:03:21 +00:00
Discourse Translator Bot 399685ee83 Update translations 2020-08-11 13:05:09 +00:00
Discourse Translator Bot 3c3aa6e0b0 Update translations 2020-08-05 13:29:14 +00:00
Discourse Translator Bot 16543fad72 DEV: Switch from Transifex to Crowdin 2020-07-16 14:01:06 +02:00
Neil Lalonde c6245de6fb
Update translations 2020-06-24 11:41:41 -04:00
Neil Lalonde 6dc9131fb9
Update translations 2020-05-27 16:54:50 -04:00
Neil Lalonde e045df91d7
Update translations 2020-05-04 10:50:16 -04:00
Guo Xiang Tan 56e32d9bf6
DEV: Move to rubocop-discourse. 2020-05-04 10:34:14 +08:00
David Taylor 5984e52dc6
DEV: Fix rubocop offences 2020-04-30 18:49:15 +01:00
David Taylor be136eacb4
FEATURE: Allow disabling request_body authentication for token endpoint 
By default we include both authentication data in both the Authorization header, and in the request body. This provides maximum compatibility, although is technically a breach of the OAuth2 specification. This commit introduces a new site setting `oauth2_send_auth_body`, which allows the behavior to be controlled.
 2020-04-30 17:28:22 +01:00
David Taylor d8a8724f2b
FEATURE: Add detailed OAuth2 request and response logs 
This makes use of Faraday middleware to log precise details about all requests made by the OAuth2 gem. This should make it easier to debug configuration issues
 2020-04-30 17:15:35 +01:00
Josh Kerxhalli-Kleinfield ca5f555750
FEATURE: Allow using array indexes in json paths (#22) 2020-04-21 14:46:42 +01:00
David Taylor 1b9937b27d
DEV: Remove deprecated use of full_screen_login_setting 2020-04-20 14:20:02 +01:00