Adrià Casajús
25fde11a86
Refactor alias suffix ( #1194 )
...
* Extract suffix generation and validation to a module
* Updated tests
* Make custom alias use signed suffixes
* Added the signature check to the module
* Fix invalid route
* Move more suffix related stuff
* Fix tests
Co-authored-by: Adrià Casajús <adria.casajus@proton.ch>
2022-07-27 17:40:22 +02:00
Carlos Quintana
7db3ec246e
Mitigate open redirect with OAuth ( #1176 )
...
* Mitigate open redirect with OAuth
* Fix tests
2022-07-21 14:23:08 +02:00
Carlos Quintana
686f4f3f68
Always check redirect_uri for oauth ( #1111 )
...
* Always check redirect_uri for oauth
* Fix OAuth tests
2022-06-27 13:20:18 +02:00
Adrià Casajús
1555bc6346
fix test
2022-03-29 21:03:55 +02:00
Adrià Casajús
97ef5ff765
Fix oauth redirect when clientid is invalid
2022-03-29 18:37:01 +02:00
Adrià Casajús
a9e31cff26
Fix tests
2022-03-29 18:34:13 +02:00
Adrià Casajús
e91fd26964
Sanitized missing places
2022-03-29 18:03:18 +02:00
Adrià Casajús
4b13d5a28c
Fix test
2022-02-21 16:03:39 +01:00
Adrià Casajús
3e983e3557
Only allow authenticated and enabled users to accept a OAuth post request
2022-02-17 17:25:04 +01:00
george
f7be992437
Update black, flake8 and pre-commit and use specific pre-commit versions.
2022-02-06 14:25:53 +00:00
Son
9ff323c746
make sure to set custom_domain_id when creating a new alias
2022-01-06 15:29:37 +01:00
Son
0de85fdce3
redirect user directly to the client page if user has already authorized the client
2021-11-04 14:59:01 +01:00
Son
372466ab06
do not use flask-sqlalchemy
...
- add __tablename__ for all models
- use sa and orm instead of db
- rollback all changes in tests
- remove session in @app.teardown_appcontext
2021-10-12 14:36:47 +02:00
Son Nguyen Kim
5ac78f2694
reformat
2021-09-08 11:29:55 +02:00
Son NK
ceacf8e3a7
support dot in alias prefix
2021-04-30 11:37:17 +02:00
Son NK
085dec069b
allow any redirect_uri if the app isn't approved
2021-04-01 18:04:45 +02:00
Son NK
e6d8815ac5
take into account nonce in openid
2021-04-01 12:49:23 +02:00
Son NK
da17f51778
add AuthorizationCode.nonce
2021-04-01 12:35:21 +02:00
Son NK
33dd6083c7
rename available_suffixes_more_info -> get_available_suffixes
2020-12-31 14:27:04 +01:00
Son NK
5a3b79b4cf
replace available_suffixes by available_suffixes_more_info
2020-12-31 14:25:44 +01:00
Renaud Boyer
7e1a474875
linting
2020-12-06 18:02:47 +01:00
Son NK
5b9dc88c67
make sure alias prefix cannot be more than 40 chars
2020-11-18 10:38:35 +01:00
Son NK
a890557c7f
Use check_alias_prefix() to check alias prefix
2020-11-03 10:39:08 +01:00
Son NK
2d395f99bb
make sure to remove whitespace in alias
2020-09-02 09:56:16 +02:00
Son NK
9237f43c19
use warning log level for tampered alias
2020-08-24 19:58:21 +02:00
Son NK
6437ee46e0
use LOG.exception instead of LOG.error to provide stacktrace
2020-07-17 12:59:07 +02:00
Son NK
8f17cda794
use warning error for alias expiration error
2020-07-13 20:40:26 +02:00
Son NK
1a22d0cf9b
fix domain can be null in self-hosting
...
# Conflicts:
# app/api/views/new_custom_alias.py
# app/dashboard/views/custom_alias.py
2020-06-15 15:58:05 +02:00
Son NK
adce27b88b
Add DomainDeletedAlias.get_by check when creating custom alias
2020-05-23 19:49:40 +02:00
Son NK
b95b758692
Optimize imports
2020-05-09 20:49:38 +02:00
Son NK
806f7016ae
fix: wrongly set alias custom_domain when custom_domain is in EMAIL_ALIAS
2020-05-07 20:48:11 +02:00
Son NK
84c529c867
optimize import
2020-05-07 17:49:29 +02:00
Son NK
35b1972730
increase the expired alias creation session to 600 secs
2020-05-06 10:10:47 +02:00
Son NK
d9e9a54082
add more info in "alias expire" error
2020-05-06 10:09:17 +02:00
Son NK
abeb246b2c
add alias suffix anti-tampering to oauth authorize
2020-05-02 12:50:19 +02:00
Son NK
0edcc25289
refactor verify_prefix_suffix: remove user_custom_domains param
2020-05-02 12:27:54 +02:00
Son NK
ca6350cc27
optimize import in all files
2020-04-25 13:49:39 +02:00
Son NK
2d90d35647
rename gen_email_id -> alias_id
2020-03-17 12:01:18 +01:00
Son NK
4f281bdbbb
rename GenEmail -> Alias, gen_email to alias whenever possible
2020-03-17 11:51:40 +01:00
Son NK
a6f4059d5d
make sure to set mailbox_id when creating GenEmail
2020-03-05 17:03:07 +01:00
Son NK
6cad537931
user can choose to create alias with custom domain on the authorize page
2020-01-29 23:56:44 +07:00
Son NK
91e38a744b
remove GenEmail.custom column
2019-12-22 16:32:55 +00:00
Son NK
8f04f8ae0f
rename can_create_new_custom_alias -> can_create_new_alias
2019-12-22 16:27:55 +00:00
Son NK
631900ab4f
use random_word instead of random_string for alias suffix
2019-12-15 18:55:17 +02:00
Son NK
8e9aef1199
add website_name to suggested_emails
2019-12-15 18:55:17 +02:00
Son NK
139fc68bda
create some random alias creation
2019-12-15 18:55:17 +02:00
Son NK
5854ab8e10
support GET in /oauth/token
2019-12-15 18:55:17 +02:00
Son NK
c58d9052e7
rename can_create_custom_email -> can_create_new_custom_alias, can_create_new_email -> can_create_new_random_alias
2019-12-15 18:55:16 +02:00
Son NK
539d87d0a3
make to not reuse alias
2019-12-15 18:55:15 +02:00
Son NK
c66f424c51
redirect to ?error=invalid_client_id|http_not_allowed|unknown_redirect_uri instead of return 400
2019-12-15 18:55:13 +02:00