Kyle Gehmlich
545ba4ec95
fix: remove duplicate query parameters on HTTPS redirect ( #6460 )
...
HTTPS redirection rebuilds the full URL using req.originalUrl, which
includes query parameters (see
https://expressjs.com/en/api.html#req.originalUrl ). Prior to this patch,
appending the stringified query params to req.originalUrl resulted in
duplicate parameters, e.g.
wiki.js/callback?session=123&code=abc?session=123&code=abc
which caused errors when being redirected from an insecure (http://)
callback URL to a secure version when using OIDC (e.g. with keycloak).
This issue is probably rare, but in cases where HTTPS redirection is
enabled and a user tries to hit an insecure URL with query parameters,
it could cause problems.
2023-06-03 23:19:01 -04:00
Nicolas Giard
3bf1d9cf28
fix: disable template compilation in source view
2023-06-03 23:15:22 -04:00
Nicolas Giard
e1d282ad11
feat: warn and exit on unsupported node version
2023-05-11 21:10:15 -04:00
DerekJarvis
fd00272314
feat(auth): allow custom GitLab endpoints for self-managed instances ( #6399 )
...
* Allow custom GitLab endpoints for self-hosting
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-05-11 20:42:17 -04:00
robinho81
8db4be668b
feat: expose skipUserProfile option in passport-oidc ( #6190 )
...
Co-authored-by: Robin Chalmers <robin.chalmers@kairostech.no>
2023-03-17 17:58:41 -04:00
Charlotte County Public Schools
5acc7e752e
fix: add new props to existing auth strategies ( #6250 )
2023-03-17 17:27:31 -04:00
NGPixel
490fab1173
fix: handle empty ToC position value
2023-02-16 23:58:52 -05:00
NGPixel
e495e0aaab
fix: update google analytics field help to refer to the new ID format
2023-02-16 22:39:23 -05:00
NGPixel
e954b50a7a
feat: footer text override option
2023-02-16 20:45:55 -05:00
Dan Nicholson
78a35c377c
feat: include query parameters in locale redirect ( #6132 )
...
* feat: include query parameters in locale redirect
* refactor: code cleanup
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-02-16 19:04:19 -05:00
gueldi
bba1d1b574
fix(oidc): use _json prop when setting displayName ( #6135 )
...
* Fixes setting displayName from OIDC
Relates to: https://github.com/requarks/wiki/pull/6096
* Update authentication.js
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-02-07 22:00:26 -05:00
NGPixel
ac930fc23e
fix: change simple-git import
2023-02-04 16:09:41 -05:00
Eric Knibbe
2e8585478f
fix(git): handle file renames between folders ( #6020 )
...
* git storage: handle file renames between folders
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 23:09:33 -05:00
Charlotte County Public Schools
8fa771c4ce
feat: set groups based on LDAP groups ( #5903 )
...
* Add mapping ldap groups to wiki groups
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 22:52:21 -05:00
Leangseu Kim
0d914b061e
feat: add singleByPath GraphQL resolver ( #6011 )
...
Co-authored-by: k k <kleangseu@yahoo.com>
2023-01-29 21:43:55 -05:00
Aurélien Lajoie
1da80eaab8
feat: oauth2 add groups mapping ( #6053 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 18:08:13 -05:00
gueldi
43a797d322
feat: adds displayName property to OIDC authentication module ( #6096 )
...
* Adds displayName property to oidc authentication method
* fix: update displayName prop
* fix: use blank display name in oidc auth
---------
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2023-01-29 17:55:47 -05:00
NGPixel
5f876ced20
feat: optional oauth2 module nonce toggle
2023-01-29 17:14:34 -05:00
Sleuth56
12233c476d
feat: enable state key on generic oauth2 ( #6104 )
2023-01-29 16:51:40 -05:00
Eric Knibbe
41454cfd30
fix(git): disable color.ui in git storage ( #6014 )
2023-01-13 17:54:15 -05:00
Boris
54dbf9ad00
feat: add asciidoc editor module ( #5954 )
...
* feat: add asciidoc editor module
* fix storage file extension for asciidoc pages
* fix: asciidoc editor + rendering improvements
* fix: description list css improvements
Co-authored-by: NGPixel <github@ngpixel.com>
2022-12-23 20:19:16 -05:00
topdev-spetermann
eadefb8827
fix: sideloading locales should import availabilities ( #5973 )
2022-12-21 18:37:41 -05:00
NGPixel
f3133a72ec
feat: toc sidebar position
2022-12-10 17:03:40 -05:00
CDN
73af37b81b
fix: git log should explicitly separate branch from paths ( #5911 )
2022-12-02 02:33:24 -05:00
CDN
0a2a32db47
feat: add artalk comment module ( #5868 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-11-18 16:56:15 -05:00
CDN
86c9407057
feat: add umami analytics module ( #5869 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-11-18 16:40:18 -05:00
NGPixel
d10f2a1966
feat: send UPGRADE_COMPANION_REF in automated upgrade call
2022-11-18 16:24:23 -05:00
cannorin
db2ad81a1f
feat: katex persistent macro support ( #5838 )
...
Co-authored-by: cannorin <cannorin@users.noreply.github.com>
2022-11-13 01:43:48 -05:00
NGPixel
9fbc25adb8
feat: improve table rendering + add markdown-it-decorate module
2022-11-08 22:40:43 -05:00
natsutteatsuiyone
445ad05a3d
fix: incompatibility issues with passport-openidconnect@0.1.1 ( #5799 )
...
* fix: incompatibility issues with passport-openidconnect
* fix: remove a trailing semicolon
2022-11-07 16:50:47 -05:00
natsutteatsuiyone
2cb304100c
fix: Page Rules based on Tag Matches do not work for comment permissions ( #5819 )
2022-11-07 16:47:42 -05:00
Simon Lichtinghagen
1893fd499a
fix: login with Keycloak 20 by explicit set OAuth scopes ( #5808 )
...
* Fix login with Keycloak 20 by explicit set OAuth scopes
* moved scopes to definition.yml
Co-authored-by: Simon Lichtinghagen <sl@bnmsp.de>
2022-11-07 08:41:31 -05:00
Andrei Senchuk
e6bbf9d088
fix: oidc module - map() call on undefined; fix unrelate() usage ( #5781 )
2022-10-24 20:04:25 -04:00
Rodrigo Ribeiro Gomes
db0255cb7c
fix: add missing scriptJs and scriptCss to single page resolver ( #5689 )
2022-10-17 17:11:59 -04:00
cleaverm
17c11b3f4e
fix: typo in letsencrypt.js logging output ( #5712 )
2022-10-04 15:20:54 -04:00
adroslice
15206efc57
fix: comment edit not updating original content ( #5646 )
2022-10-02 15:52:39 -04:00
NGPixel
8715cd69b2
feat: edit shortcuts
2022-09-20 16:55:05 -04:00
NGPixel
ebf4da9bea
fix: oidc auth groups relate / unrelate
2022-09-17 17:54:11 -04:00
NGPixel
4b3005057f
fix: prevent user enumeration using local login timings
2022-09-17 17:36:40 -04:00
Fionera
91221e73eb
feat: set groups based on OIDC claim ( #5568 )
...
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2022-09-05 18:40:54 -04:00
Jared Brogan
31bd327487
fix: correct azure blob storage typo ( #5591 )
2022-09-03 22:57:21 -04:00
Pam S
8290e86aaf
feat: add logout for auth0 ( #5545 )
...
Co-authored-by: Pam Selle <pam@thewebivore.com>
2022-08-16 16:37:19 -04:00
Hexaflexagon
933293a997
feat: add elasticsearch ssl options ( #5499 )
2022-08-06 17:27:25 -04:00
Mirco T
628c72ea16
feat: CAS authentication module ( #5452 )
...
Co-authored-by: SeaLife <mtries@united-internet.de>
2022-07-16 19:41:41 -04:00
NGPixel
48077fc9e5
feat(admin): make page extensions configurable
2022-06-24 22:20:36 -04:00
Nicolas Giard
0425b82c83
fix(kernel): handle SIGTERM graceful shutdown
2022-06-17 17:46:57 -04:00
Nicolas Giard
046e4b98cb
fix(graphql): remove required flag on MailConfig schema
2022-06-11 17:24:53 -04:00
David Wheatley
97a744556b
feat(mail): allow setting of mailer identifying name ( #5363 )
2022-06-10 23:15:00 -04:00
Nicolas Giard
b78026e49f
fix(auth): handle null SAML authnContext context
2022-06-09 14:25:01 -04:00
El Gato da Great
e3d94f7177
fix: don't push files to git if ignored ( #5334 )
...
* fix: don't push files to git if ignored
* tweak: change gitPath var to gitFilePath
* fix: "update" instead of "create" of updated file
Co-authored-by: Jacob Parker <blocckba5her@gmail.com>
Co-authored-by: DevBlocky <16978528+DevBlocky@users.noreply.github.com>
2022-05-26 20:42:14 -04:00