Commit graph

54 commits

Author SHA1 Message Date
Son NK
085dec069b allow any redirect_uri if the app isn't approved 2021-04-01 18:04:45 +02:00
Son NK
e6d8815ac5 take into account nonce in openid 2021-04-01 12:49:23 +02:00
Son NK
da17f51778 add AuthorizationCode.nonce 2021-04-01 12:35:21 +02:00
Son NK
33dd6083c7 rename available_suffixes_more_info -> get_available_suffixes 2020-12-31 14:27:04 +01:00
Son NK
5a3b79b4cf replace available_suffixes by available_suffixes_more_info 2020-12-31 14:25:44 +01:00
Renaud Boyer
7e1a474875 linting 2020-12-06 18:02:47 +01:00
Son NK
5b9dc88c67 make sure alias prefix cannot be more than 40 chars 2020-11-18 10:38:35 +01:00
Son NK
a890557c7f Use check_alias_prefix() to check alias prefix 2020-11-03 10:39:08 +01:00
Son NK
2d395f99bb make sure to remove whitespace in alias 2020-09-02 09:56:16 +02:00
Son NK
9237f43c19 use warning log level for tampered alias 2020-08-24 19:58:21 +02:00
Son NK
6437ee46e0 use LOG.exception instead of LOG.error to provide stacktrace 2020-07-17 12:59:07 +02:00
Son NK
8f17cda794 use warning error for alias expiration error 2020-07-13 20:40:26 +02:00
Son NK
1a22d0cf9b fix domain can be null in self-hosting
# Conflicts:
#	app/api/views/new_custom_alias.py
#	app/dashboard/views/custom_alias.py
2020-06-15 15:58:05 +02:00
Son NK
adce27b88b Add DomainDeletedAlias.get_by check when creating custom alias 2020-05-23 19:49:40 +02:00
Son NK
b95b758692 Optimize imports 2020-05-09 20:49:38 +02:00
Son NK
806f7016ae fix: wrongly set alias custom_domain when custom_domain is in EMAIL_ALIAS 2020-05-07 20:48:11 +02:00
Son NK
84c529c867 optimize import 2020-05-07 17:49:29 +02:00
Son NK
35b1972730 increase the expired alias creation session to 600 secs 2020-05-06 10:10:47 +02:00
Son NK
d9e9a54082 add more info in "alias expire" error 2020-05-06 10:09:17 +02:00
Son NK
abeb246b2c add alias suffix anti-tampering to oauth authorize 2020-05-02 12:50:19 +02:00
Son NK
0edcc25289 refactor verify_prefix_suffix: remove user_custom_domains param 2020-05-02 12:27:54 +02:00
Son NK
ca6350cc27 optimize import in all files 2020-04-25 13:49:39 +02:00
Son NK
2d90d35647 rename gen_email_id -> alias_id 2020-03-17 12:01:18 +01:00
Son NK
4f281bdbbb rename GenEmail -> Alias, gen_email to alias whenever possible 2020-03-17 11:51:40 +01:00
Son NK
a6f4059d5d make sure to set mailbox_id when creating GenEmail 2020-03-05 17:03:07 +01:00
Son NK
6cad537931 user can choose to create alias with custom domain on the authorize page 2020-01-29 23:56:44 +07:00
Son NK
91e38a744b remove GenEmail.custom column 2019-12-22 16:32:55 +00:00
Son NK
8f04f8ae0f rename can_create_new_custom_alias -> can_create_new_alias 2019-12-22 16:27:55 +00:00
Son NK
631900ab4f use random_word instead of random_string for alias suffix 2019-12-15 18:55:17 +02:00
Son NK
8e9aef1199 add website_name to suggested_emails 2019-12-15 18:55:17 +02:00
Son NK
139fc68bda create some random alias creation 2019-12-15 18:55:17 +02:00
Son NK
5854ab8e10 support GET in /oauth/token 2019-12-15 18:55:17 +02:00
Son NK
c58d9052e7 rename can_create_custom_email -> can_create_new_custom_alias, can_create_new_email -> can_create_new_random_alias 2019-12-15 18:55:16 +02:00
Son NK
539d87d0a3 make to not reuse alias 2019-12-15 18:55:15 +02:00
Son NK
c66f424c51 redirect to ?error=invalid_client_id|http_not_allowed|unknown_redirect_uri instead of return 400 2019-12-15 18:55:13 +02:00
Son NK
232d250186 support 127.0.0.1 as well as localhost 2019-12-15 18:55:13 +02:00
Son NK
3a0f0ca780 Take into account expiration for AuthCode and OauthToken 2019-12-15 18:55:12 +02:00
Son NK
78e274addf add support for response_mode(query and fragment), nonce 2019-12-15 18:55:11 +02:00
Son NK
3f7900f07e fix scope in /oauth/token 2019-12-15 18:55:11 +02:00
Son NK
82d52ec0ae enable CORS for /oauth/token 2019-12-15 18:55:11 +02:00
Son NK
ba15837b01 add some tests for authorize page
- non-authenticated user,
- non supported flow
- authorization page displayed correctly
- code flow without openid in scope
- code flow with openid in scope
2019-12-15 18:55:11 +02:00
Son NK
01e19485eb apart from localhost, allow only https 2019-12-15 18:55:10 +02:00
Son NK
67dbcb9723 user can choose their avatar to send 2019-12-15 18:55:10 +02:00
Son NK
d61c402aea user can choose name 2019-12-15 18:55:10 +02:00
Son NK
a1c65d3921 use EMAIL_DOMAIN instead of simplelogin.co 2019-12-15 18:55:10 +02:00
Son NK
8c38fe5b56 set custom=True when user creates a custom alias 2019-12-15 18:55:10 +02:00
Son NK
00f858c8c1 user can choose custom email in authorize 2019-12-15 18:55:10 +02:00
Son NK
0817e45abe override User.create to set password, create GenEmail, set trial period 2019-12-15 18:55:09 +02:00
Son NK
91bf3e3379 do not display avatar_url to user 2019-12-15 18:55:09 +02:00
Son NK
1274dd589a add delete() to ModelMixin: do NOT use the session.delete(), somehow it does a "SET" before "DELETE" 2019-12-15 18:55:08 +02:00