github/penpot
1
0
Fork 0
mirror of https://github.com/penpot/penpot.git synced 2026-05-07 00:58:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
14,562 Commits 221 Branches 275 Tags
Commit Graph

61 Commits

Author SHA1 Message Date
Andrey Antukh
452aabdec6 🐛 Don't send user props on auth token after oidc login 2024-09-10 12:39:54 +02:00
Alejandro Alonso
9344fb958a Merge remote-tracking branch 'origin/staging' into develop 2024-08-08 07:43:10 +02:00
Andrey Antukh
ea7ad2aaa0 Add flag oidc-registration for switch on/off registration with oidc 2024-08-06 11:51:26 +02:00
Andrey Antukh
025034cb71 Merge remote-tracking branch 'origin/staging' into develop 2024-07-25 11:23:42 +02:00
Andrey Antukh
69b432eb0e 📎 Fix audit event type naming on oidc 2024-07-24 21:25:55 +02:00
Andrey Antukh
343f3feed3 Improve ip-addr parsing 2024-07-24 21:07:11 +02:00
Andrey Antukh
a100d1d11a Merge remote-tracking branch 'origin/staging' into develop 2024-07-24 08:20:36 +02:00
Andrey Antukh
8dfc97d875 Add jwks loading on gitlab oidc provider 2024-07-12 14:03:48 +02:00
Andrey Antukh
3b48be808c 💄 Add minor naming change on calling logging on oidc ns 2024-07-12 13:39:32 +02:00
Andrey Antukh
f4b59cc5a0 Normalize external-session-id parsing from request 2024-07-12 13:38:46 +02:00
Andrey Antukh
d52f2b18a5 Add context to OIDC errors 2024-07-12 13:38:46 +02:00
Alejandro
73fb95976c
Merge pull request #4863 from penpot/niwinz-refactor-backend-config 
♻️ Refactor configuration validation
 2024-07-11 12:27:59 +02:00
Andrey Antukh
9174bb140b ♻️ Refactor configuration validation 
Replace spec with schema
 2024-07-10 15:16:28 +02:00
Andrey Antukh
0ae8cb4979 🐛 Do not report explicit user reject as error on oidc auth process 2024-07-09 13:57:48 +02:00
Andrey Antukh
6a253871b0 Improve internal handling of external-session-id 2024-06-19 16:15:48 +02:00
Andrey Antukh
5aa62ef1dd Add email blacklist mechanism 2024-06-04 10:45:55 +02:00
AzazelN28
47804429c0 Merge branch 'staging' into develop 2024-04-25 11:32:28 +02:00
AzazelN28
17fb5283cc 📎 Add provider to validate uri 2024-04-22 13:13:42 +02:00
Andrey Antukh
81b52d7170 Disable oidc registration when registration flag is disabled 2024-04-18 09:52:24 +02:00
Andrey Antukh
a969550aa4 Trust oidc providers which provides email_verified claim 2024-04-18 09:52:24 +02:00
Andrey Antukh
ce790d83fd Improve internal registration flow 2024-04-18 09:52:24 +02:00
Andrey Antukh
ef632bcae7 Trigger email verification on OIDC register process 
This will happen only if:
- the oidc provider properly reports that user has a non-verified email
- the oidc does not provides any way to know the email verification
  status
 2024-04-18 09:52:24 +02:00
Andrey Antukh
91118bec70 Improve internal naming of setup/props 
This reverts commit a6f70c77cbe72875875ab83587d5dcd9cfc61e34.
 2024-03-14 10:48:23 +01:00
alonso.torres
a6f70c77cb Revert " Improve internal naming of setup/props" 
This reverts commit f525c6df5e9785df9b534b6de1b5308084627699.
 2024-03-13 16:21:12 +01:00
Andrey Antukh
eabec6be20 🔥 Remove not needed events 2024-03-13 11:40:16 +01:00
Andrey Antukh
f525c6df5e Improve internal naming of setup/props 2024-03-13 11:39:53 +01:00
Andrey Antukh
d2626ead0b Add better email cleaning mechanism 
This commit separates the email cleaning mechanism to a separated
function, and enables a proper cleaning of `mailto:` prefix, usually
found on invitations because users just copy and paste from external
source.
 2024-02-07 09:14:07 +01:00
Andrey Antukh
87615ce221 💄 Fix format issues on backend module 2023-11-29 12:55:58 +01:00
Andrey Antukh
bb5a4c0fa5 Update yetti and adapt for ring-2.0 2023-11-27 14:25:12 +01:00
Andrey Antukh
da62a6809c Stop report oidc failed operations as exceptions 2023-08-14 12:13:31 +02:00
Andrey Antukh
c39702fbf7 Improve get-user-info implementation (oidc) 2023-08-07 15:55:54 +02:00
Andrey Antukh
8cda8924df Add the ability to select user info source 
using the PENPOT_OIDC_USER_INFO_SOURCE environment variable
with two possible values: token and userinfo
 2023-07-03 10:46:29 +02:00
Andrey Antukh
dda67af5cc Update oidc impl with latest buddy-sign improvements 2023-07-03 10:46:25 +02:00
Andrey Antukh
6339b07fba Add the ability to parse OIDC JWT token 
If jwks-uri is provided or properly discovered, they will be used
for unsign JWT token and get use info data from that token instead
of making an additional call to the userinfo endpoint
 2023-06-28 00:25:48 +02:00
Andrey Antukh
f166fe1926 🐛 Add proper validation of registration domain whitelist on oidc 
Fixes #3348
 2023-06-26 18:14:56 +02:00
Andrey Antukh
5026bfa6c1 📎 Fix linter issues introduced in previous merge 2023-04-25 13:35:26 +02:00
Andrey Antukh
b37a92aaf7 Merge remote-tracking branch 'origin/staging' into develop 2023-04-25 13:34:28 +02:00
Andrey Antukh
c0ccc4a5c5 Improve OICD attrs lookup mechanism 2023-04-25 12:18:06 +02:00
Andrey Antukh
6af783ea91 Merge remote-tracking branch 'origin/staging' into develop 2023-04-24 16:55:18 +02:00
Andrey Antukh
c31eb2df42 🐛 Fix OICD auth provider roles checking mechanism 2023-04-24 15:13:24 +02:00
Andrey Antukh
aafbf6bc15 ♻️ Refactor cocurrency model on backend 
Mainly the followin changes:

- Pass majority of code to the old and plain synchronous style
  and start using virtual threads for the RPC (and partially some
  HTTP server middlewares).
- Make some improvements on how CLIMIT is handled, simplifying code
- Improve considerably performance reducing the reflection and
  unnecesary funcion calls on the whole stack-trace of an RPC call.
- Improve efficiency reducing considerably the total threads number.
 2023-03-14 12:30:27 +01:00
Andrey Antukh
1d21ee7089 Merge remote-tracking branch 'origin/staging' into develop 2023-02-24 18:30:05 +01:00
Andrey Antukh
f0c0e5e43a Add proper audit log for invitations 2023-02-24 10:28:07 +01:00
Andrey Antukh
64f2d874fe Merge remote-tracking branch 'origin/staging' into develop 2023-02-07 18:16:37 +01:00
Andrey Antukh
220b80799d Add more logging to OIDC providers 2023-02-07 14:49:12 +01:00
Andrey Antukh
58668c11f3 Merge remote-tracking branch 'origin/staging' into develop 2023-02-07 14:46:18 +01:00
Andrey Antukh
aaf332ed18 🐛 Fix issue with oidc autodiscover 2023-02-06 14:20:57 +01:00
Andrey Antukh
d8faff47a8 ♻️ Move profile queries and mutations to commands 2023-01-18 10:51:58 +01:00
Andrey Antukh
db689d151e ♻️ Refactor profile and session handling 
- makes the profile access more efficient (replace in-app joins to a
  simple select query on profile table
- add partial support for access-tokens (still missing some RPC methods)
- move router definitions to specific modules and simplify the main http
  module definitions to simple includes
- simplifiy authentication code related to access-tokens and sessions
- normalize db parameters with proper namespaced props
- more work on convert all modules initialization to use proper specs
  with fully-qualified keyword config props
 2023-01-18 10:51:58 +01:00
Andrey Antukh
6cdf696fc4 🐛 Fix issues on ldap provider and rpc method 2023-01-09 11:57:13 +01:00