| #
fe49fd82 |
| 01-Sep-2025 |
Andreas Gohr <gohr@cosmocode.de> |
option to enforce oauth for some users
|
| #
290e9b1f |
| 05-Mar-2024 |
Andreas Gohr <andi@splitbrain.org> |
automatic style fixes and new workflows
|
| #
bfebac18 |
| 25-Oct-2022 |
Andreas Gohr <andi@splitbrain.org> |
fix user comparison and skip update on protected users
The farmer lets us know when a user is protected and can't be written,
so we can actually skip the update completely. fixes #132 for good
|
| #
d209a58c |
| 25-Oct-2022 |
Andreas Gohr <andi@splitbrain.org> |
Only update local user cache when userdata has changed
There is no need to update the local user on every login when nothing
has changed.
This should fix most instances of #132 - if the oAuth provi
Only update local user cache when userdata has changed
There is no need to update the local user on every login when nothing
has changed.
This should fix most instances of #132 - if the oAuth provider data has
actually updated, the user would have to log into the farmer to update
the data though.
show more ...
|
| #
f81e58d4 |
| 12-Oct-2022 |
Andreas Gohr <andi@splitbrain.org> |
Fix overwrite-groups config
This is a new implementation of the group handling introduced in #125
The previous implementation failed to preserve provider groups
properly. This also adds tests for t
Fix overwrite-groups config
This is a new implementation of the group handling introduced in #125
The previous implementation failed to preserve provider groups
properly. This also adds tests for the behaviour.
show more ...
|
| #
8e75897c |
| 28-Mar-2022 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Keep user groups set by different OAuth adapter plugins
|
| #
ad56356c |
| 24-Mar-2022 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Smarter merge of user groups
|
| #
1e4efa57 |
| 23-Mar-2022 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Update local user data with info from provider
|
| #
a1fa007a |
| 19-Dec-2021 |
Naoto Kobayashi <naoto.kobayashi4c@gmail.com> |
Enable oauth service plugins to implement their own procedures on logout
Although some oauth services need their own procedures on logout
(e.g. Keycloak needs to access the logout endpoint), there i
Enable oauth service plugins to implement their own procedures on logout
Although some oauth services need their own procedures on logout
(e.g. Keycloak needs to access the logout endpoint), there is no way to
implement them. Fix it.
Signed-off-by: Naoto Kobayashi <naoto.kobayashi4c@gmail.com>
show more ...
|
| #
d1826331 |
| 15-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
better translation handling on exceptions
|
| #
39730c7e |
| 15-Dec-2021 |
Anna Dabrowska <dabrowska@cosmocode.de> |
Fix check of valid email domains
|
| #
1a5ede3e |
| 15-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
improved user validation, added tests
|
| #
e261c7e8 |
| 13-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
lowercase mail
|
| #
28002081 |
| 13-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
drop concept of GUID and introduce storageID
Previously we created a new GUID for any user trying to login via oauth.
That GUID was used to store the token states. This polluted the cache
area but e
drop concept of GUID and introduce storageID
Previously we created a new GUID for any user trying to login via oauth.
That GUID was used to store the token states. This polluted the cache
area but even worse, it made it impossible to stay logged in on multiple
devices when the IdP invalidated onld access tokens when issuing a new
one (like google does).
Now a session storage is used for the initial login. Permanent storage
is only initialized after a successful login (based on the user's email
address).
show more ...
|
| #
9cbef4d7 |
| 11-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
moved token refresh to adapter class
This also takes care of saving the refresh token for when it's not
renewed on refresh (like Google doesn't).
|
| #
c82ad624 |
| 06-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
use refresh token when AccessToken is about to expire
|
| #
04a78b87 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
renamed our Service to Adapter to avoid confusion
Also added a mechanism to register Services from an adapter
|
| #
31039e80 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
restore proper ID context after login
|
| #
e170f465 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
removed lots of now unused code
|
| #
6d9a8a49 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
make cookie login work, some more cleanup
|
| #
74b4d4a4 |
| 03-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
another major refactoring
The new OAuthManager is now the main flow manager and should make it
easier to follow the flow. The Session class encapsulates all session
and cookie accesses. A new guid p
another major refactoring
The new OAuthManager is now the main flow manager and should make it
easier to follow the flow. The Session class encapsulates all session
and cookie accesses. A new guid paradigma should make invisible relogins
possible when the session expired. Needs all major cleanup but a first
login worked.
show more ...
|