-
-
Notifications
You must be signed in to change notification settings - Fork 466
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: remove feature guard for token exchange #6246
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
wangsijie
requested review from
charIeszhao,
xiaoyijun,
gao-sun and
simeng-li
as code owners
July 15, 2024 03:03
COMPARE TO
|
Name | Diff |
---|---|
packages/console/src/pages/CustomizeJwtDetails/MainContent/SettingsSection/InstructionTab/index.tsx | 📉 -77 Bytes |
packages/core/src/routes/subject-token.openapi.json | 📉 -31 Bytes |
packages/core/src/routes/subject-token.ts | 📉 -110 Bytes |
packages/core/src/routes/swagger/index.ts | 📉 -60 Bytes |
packages/integration-tests/src/tests/api/oidc/token-exchange.test.ts | 📉 -60 Bytes |
packages/integration-tests/src/tests/api/security.test.ts | 📉 -90 Bytes |
gao-sun
approved these changes
Jul 15, 2024
Base automatically changed from
wangsijie-log-9600-remove-api-endpoint-security-prefix
to
master
July 15, 2024 07:36
wangsijie
force-pushed
the
wangsijie-log-9589-remove-feature-guard
branch
from
July 16, 2024 06:54
22a96fe
to
bea6dd7
Compare
wangsijie
force-pushed
the
wangsijie-log-9589-remove-feature-guard
branch
from
July 19, 2024 07:23
bea6dd7
to
3332fb6
Compare
nnorbert
added a commit
to ogcio/logto
that referenced
this pull request
Aug 27, 2024
* refactor(console): check mermaid by integration test env (logto-io#6183) * feat(core): implement new experience API routes (logto-io#5992) * feat(core): implement new interaction-session management flow implement a new interaction-session management flow for experience api use * feat(core): implement password sign-in flow implement password sign-in flow * test(core,schemas): add sign-in password tests add sign-in password tests * chore(core): update comments update comments * refactor(core): rename the password input value key rename the password input value key * refactor(core,schemas): refactor the experience API refactor the exerpience API structure * chore(test): add devFeature test add devFeature test * refactor(core): rename the path rename the path * refactor(core,schemas): refactor using the latest API design refactor using the latest API design * chore(test): replace using devFeature test statement replace using devFeature test statement * fix(core): fix lint error fix lint error * refactor(core): refactor experience API implementations refactor experience API implementations * refactor(core): replace with switch replace object map with switch * refactor: apply suggestions from code review * refactor(core): refactor the interaction class refactor the interaction class * refactor(core): update the user identification logic update the user identification logic --------- Co-authored-by: Gao Sun <gao@silverhand.io> * feat(core): implement verification code verification API (logto-io#6001) * feat(core,schemas): implement the verification code flow implement the verification code flow * chore(core): fix rebase issue fix rebase issue * refactor(console): add chrome extension guide (logto-io#6178) * feat(core,schemas): implement social verification experience API endpoints (logto-io#6150) feat(core,schemas): implement the social verification flow implement the social verificaiton flow * release: version packages (logto-io#5987) * fix(deps): update dependency p-limit to v6 (logto-io#6182) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * refactor: correct phrases and translate some untranslate phrases for zh-cn (logto-io#6190) * refactor: correct zh-cn translations * refactor: translate some untranslate phrases for zh-cn * feat: organization logo * refactor(experience): cache user input identifier for a better sign-in experience (logto-io#6164) * refactor(core, experience): remove `no_cache` param * refactor(experience): add hidden identifier input for browser password manager (logto-io#6165) * refactor(core): refactor identifyUser method (logto-io#6154) refactor(core): refactor the user identification flow refactor the user identification flow * refactor(experience,phrases): update phrases for link identities page (logto-io#6104) * refactor: remove unused patches (logto-io#6179) * chore(deps): update dependency superstruct to v2 (logto-io#6173) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(core): actor token (logto-io#6171) * feat(console,schemas): add grant context to custom jwt (logto-io#6184) * feat(core): add subject token context to jwt customizer (logto-io#6185) * feat: support app-level branding * fix(deps): update dependency lru-cache to v11 (logto-io#6203) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * refactor(core): refactor the sso interaction handlers (logto-io#6186) refactor(core): revert the sso utils input refactor revert the sso utils input refactor * feat(core): implement enterprise sso verification flow (logto-io#6198) implement the enterprise sso verification flow * refactor(console): reorg logo uploads * refactor(experience): add label for input field (logto-io#6200) * feat(core): add quota guard for subject tokens (logto-io#6205) * style(experience): update floating label position (logto-io#6211) * refactor(core): update cache key * refactor(console): rename file * refactor(console): update all logo uploaders (logto-io#6209) * refactor(experience): show dark favicon (logto-io#6210) * feat(core): implement TOTP verification routes (logto-io#6201) * feat(core): implmenent totp verification routes implement totp verification routes * fix(core): update comments update comments * feat(core,schemas): implement backup codes verification (logto-io#6207) implement the backup code verification flow * refactor: fix experience branding fallback * fix(experience): use forgot password identifier in related flow (logto-io#6221) * refactor(console): improve branding experience * feat(core): handle dpop and client certificate for token exchange (logto-io#6199) * refactor: fix third-party app experience branding (logto-io#6223) * refactor(core): refactor organizations in grants (logto-io#6208) * test: add resource test cases for token exchange (logto-io#6216) * feat(core): handle dpop and client certificate for token exchange * refactor(core): refactor organizations in grants * test: add resource test cases for token exchange * feat(core,schemas): introduce new PUT experience API (logto-io#6212) * feat(core,schemas): introduce new PUT experience API introduce new PUT experience API * fix(core): fix some comments fix some comments * refactor: experience ssr (logto-io#6229) * refactor: experience ssr * refactor: fix parameter issue * chore(deps): upgrade packages * chore(deps): upgrade zod * feat(experience): support loading state for buttons (logto-io#6232) * refactor: patch type issues * chore: add changesets (logto-io#6239) * chore(deps): update vitest monorepo to v2 (major) (logto-io#6202) * chore(deps): update vitest monorepo to v2 * refactor: remove unused lint ignorings --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Gao Sun <gao@silverhand.io> * feat(core,schemas): implement the sie settings guard (logto-io#6215) * feat(core,schemas): implement the sie settings guard implement the sie settings guard * fix(test): fix integration test fix integration test * test(core): add sie guard ut add sie guard ut * chore(core): add some comment add some comment * refactor(core): rename the sign-in-experience-settings class rename the sign-in-experience-settings class * feat: init elements * refactor(core): remove subject token api prefix (logto-io#6235) * feat(core): add get available sso connectors endpoint (logto-io#6224) feat(core): implement get sso connectors implement get sso connectors endpoint * feat(elements): init i18n * feat(core,schemas): implement the register flow (logto-io#6237) * feat(core,schemas): implement the register flow implement the register flow * refactor(core,schemas): relocate the profile type defs relocate the profile type defs * fix(core): fix the validation guard logic fix the validation guard logic * fix(core): fix social and sso identity not created bug fix social and sso identity not created bug * fix(core): fix social identities profile key fix social identities profile key * fix(core): fix sso query method fix sso query method * feat(core,schemas): add post custom ui assets api (logto-io#6118) * feat(core,schemas): add post custom ui assets api * test(core): add register integration tests (logto-io#6248) * test(core): add register integration tests add register integration tests * test: add enterprise sso integration tests add enterprise sso integration tests * feat(elements): add components * feat(core,schemas): implement the username password registration flow (logto-io#6249) * feat(core,schemas): implement the username password registration flow implement the username password registration flow * chore(core): update some comments update some comments * fix(test): fix integration tests fix integration tests * fix(test): fix lint fix lint * fix(experience): correct active state for input field (logto-io#6255) * refactor(console): use button loading in experience flow if possible (logto-io#6234) * refactor(experience): support and apply modal loading state (logto-io#6236) * refactor(experience): support and apply modal loading state * feat(experience): support cancel loading for modal * chore(elements): update readme * feat(core): add the new user provision (logto-io#6253) add the new user provision * feat(connector): enable custom headers for SMTP connector (logto-io#6256) * fix(console): fix Google connector `scope` field can not be unset bug (logto-io#6254) * style(experience): improve input filed style (logto-io#6260) * feat(core): set up proxy to host custom ui assets if available (logto-io#6214) * feat(core): set up proxy to host custom ui assets if available * refactor: use object param for koa spa proxy middleware * refactor: make queries param mandatory * style(experience): remove autofill style from input component (logto-io#6261) * fix(console): fix image upload in onboarding process (logto-io#6266) * fix(console): fix grant data card height (logto-io#6264) * fix(console): fix passwordless connector tester send failed bug (logto-io#6268) * feat(console): implement custom ui assets upload component (logto-io#6217) * ci: always set conclusion for alteration tests (logto-io#6276) * style(experience): add transition for notched border (logto-io#6265) * refactor(experience): avoid disabled button for continue button (logto-io#6271) * feat(core): add api quota guard for bring your ui feature (logto-io#6273) * fix(console): should not toast invitation sent message when creating tenant w/o invitee (logto-io#6270) fix(console): should not toast invitation sent message when creating tenant without invitee * feat(console): add impersonation price item (logto-io#6269) * fix(experience): shrink input field when autofilled by the browser (logto-io#6280) * feat(console): add impersonation tag to audit log (logto-io#6267) * feat(core,schemas): implement social/sso link and sync logic (logto-io#6257) * feat(core,schemas): implement social/sso link and sync logic implement social/sso link and sync logic * test(core): add intergration tests add integration tests * feat(core): add mfa verification guard (logto-io#6262) add mfa verification guard * chore: remove feature guard for token exchange (logto-io#6246) * chore: add changeset for impersonation (logto-io#6251) * chore(elements): move check to build * chore(deps): upgrade typescript * chore(elements): add locale changes * chore(deps): upgrade react * chore(elements): check git existence * feat(schemas): init app_secrets table * feat(core): multiple app secrets * refactor(core,schemas): refactor `CodeVerification` (logto-io#6277) * refactor(core,schemas): refactor the CodeVerification class split the CodeVerification class into EmailCodeVerification and PhoneCodeVerification * refactor(core,schemas): split CodeVerification type split CodeVerification type * fix(core): code review updates code review updates * feat: add content schema to HTTP 201 CREATED messages (logto-io#6244) feat: add content schema to 201 messages * feat(console,phrases): add bring your ui quota item to pricing table (logto-io#6274) * refactor(console,phrases,schemas): increase file upload size limit to 10mb (logto-io#6258) refactor(console,phrases,schemas): increase file upload size limit to 10 mb * feat(elements): init modal and input * refactor: fix phrases * feat(elements): init user provider * feat(elements): update name * feat(console,phrases): add bring your UI feature paywall (logto-io#6275) feat(console,phrases): add bring your ui feature paywall * chore: update README.md (logto-io#6297) * chore: update README.md * chore: add awesome list * style(experience): improve notched border animation (logto-io#6296) * fix(console): sidebar width should not be shrunk (logto-io#6299) * refactor(core): extract password-validator (logto-io#6282) * refactor(core): extract password-validator extract password validator * fix(core): update comments and rename method name update comment and rename method name * refactor(console): update file uploader component to 80px fixed height * fix(core): should not sync registered identifier from social (logto-io#6283) should not sync registered identifier from social * style(experience): use brand loading color for buttons (logto-io#6302) * chore(console): remove dev feature guard (logto-io#6303) * refactor(core): extract helpers and provision methods (logto-io#6285) extract helpers and provision methods * feat(console): support multiple app secrets * refactor(phrases): improve bring your ui field description * fix(console): add cloud guard to bring your ui form field * refactor(schemas): increase max upload file size limit to 20MB * fix(core): disable bring your ui feature for admin tenant (logto-io#6300) * fix(console): should be able to remove the zip on upload error (logto-io#6306) * refactor: generate application secret on creation * fix(console): fix loading and error handling for org details page (logto-io#6313) * refactor(console): keep button loading before redirecting to sign-in success page (logto-io#6305) * refactor: use vite for demo app * refactor(core): log app secret name * chore(phrases): sync keys and translate (logto-io#6315) * refactor(core): implement verification records map (logto-io#6289) * refactor(core): implement verificaiton records map implement verification records map * fix(core): fix invalid verification type error fix invalid verificaiton type error * fix(core): update the verification record map update the verification record map * fix(core): update some comments update some comments * refactor(core): polish promise dependency polish promise dependency * fix(core): fix the social/sso syncing profile logic fix the social/sso syncing profile logic * refactor(core): optimize the verification records map optimize the verification records map * fix(core): fix set method of VerificationRecord map fix set method of VerificationRecord map * refactor(experience): use button loading for social sign-in (logto-io#6316) * chore: add comment * chore: add comment * refactor(console): use vite * refactor(experience): use vite * refactor(console): use local mermaid import * fix(console): use correct public url (logto-io#6325) * refactor(console, experience): optimize bundling (logto-io#6326) * refactor(console, experience): optimize bundling * fix: use correct favicon paths * chore: use dynamic react dependency checking in bundling * refactor(core): rename some file names and methods (logto-io#6321) * refactor(core): rename some files name and methods rename some files name and methods, fix some comments * chore: update comments update comments * chore: update comments update comments * chore: polish the words polish the words * fix(console): check scope only when data is ready (logto-io#6329) * feat(core,schemas): implement profile fulfillment flow (logto-io#6293) * feat(core,schemas): implement profile fulfillment flow implement profile fulfillment flow * fix(test): fix integration tests fix integration tests * fix(core): fix rebase issue fix rebase issue * refactor(core): refactor the interaction set profile flow refactor the interaction set profile flow * test(core): add profile fulfillment integration tests (logto-io#6294) * test(core): add profile fufillment integration tests add profile fufillment integration tests * fix: fix integration tests fix integration tests * refactor(test): rebase and update the latest profile api rebase and update the latest profile api * fix(console): css loaded svg should be rendered properly (logto-io#6333) * fix(core): fix some webhook api body status 404 bug (logto-io#6311) * fix(core): fix some webhook api body status 404 bug fix some webhook api body status 404 bug * fix(core): improve the webhook trigger logic improve the webhook trigger logic * chore: add changeset add changeset * chore: update the changeset update the changeset * feat(core): implement the WebAuthn verification (logto-io#6308) feat(core): implement the webauthn verification implement the webauthn verification * feat(schemas): add custom data to application (logto-io#6309) * feat(core,schemas): add application custom data add application custom data * test(core): add update application with new custom data test add update application with new custom data test * refactor(console): increase custom ui assets upload timeout to 5 mins (logto-io#6319) refactor(console): increase custom ui assets upload timeout to 5mins * refactor: update logto/core cloud API usage * refactor: update code according to CR * refactor(console): update admin console using new pricing model (logto-io#6295) * refactor(console): update cloud API calls * refactor: update code according to CR * refactor: correct component usage * refactor(console): safely lazy load pages (logto-io#6332) * refactor(console): safely lazy load pages * chore(console): use react-safe-lazy * feat(core): implement the missing mfa bind and guard flow (logto-io#6320) * feat(core): implement the mfa binding flow implment the mfa binding flow * fix(test): fix integration tests fix integration tests * fix(core): fix the wrong status code fix the wrong status code * refactor(core): refactor bind backup codes refactor bind backup codes * refactor(core): extract isNewMfaVerification property (logto-io#6338) extract isNewMfaVerifrication property * refactor(core): refactor backup code generates flow (logto-io#6339) refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(console): dragging anchor in the color picker on application branding page (logto-io#6340) * test(core): add the mfa binding integration tests (logto-io#6330) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * test(core): implement the mfa binding integration tests implement the mfa binding integration tests * test(core): rebase backup code refactor rebase backup code refactor * style(console): fix custom jwt guide card style (logto-io#6343) * refactor(console): block page navigation when uploading custom ui assets (logto-io#6342) * chore(console): update bring your ui documentation link (logto-io#6317) chore(console): add bring your ui documentation link * fix(elements): fix user context tag name (logto-io#6346) * chore: launch multiple app secrets * chore: launch multiple app secrets * refactor(core): use tsup for building * refactor: use tsup for building * refactor(console): improve ux * chore: fix failed tests * refactor(connector): use tsup for building * ci: add check job * feat(console): remove beta tag for protected app (logto-io#6341) * feat(console): add passport.js guide (logto-io#6344) * chore: update plausible urls (logto-io#6349) * refactor(console, experience): solve sass deprecations (logto-io#6356) * fix(console): fix the plan title for subscription plan selector (logto-io#6348) * refactor(core): refactor openapi docs for protected app (logto-io#6331) * refactor: update per review * feat: allow app secret edit (logto-io#6352) * fix(console): add dev guard on new pricing model subscription hooks (logto-io#6363) * feat(core): migrate register flow affiliate report logic (logto-io#6334) Migrate the new user affiliate flow from interaction API. - `postAffiliateLogs` is forked from `routes/interaction/actions/helpers.ts` * refactor(core): extract verified interaction guard middleware (logto-io#6336) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * refactor(core): extract verified interaction guard middleware extract verified interaction guard middleware * refactor(console): fix text overflow issue (logto-io#6366) * refactor(core): make the interaction event mandatory (logto-io#6337) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * refactor(core): make the interaction event mandatory make the interaction event mandatory * test: update integration tests update integration tests * fix(core): fix the middleware apply bug fix the koaExperienceInteraction middleware apply bug * feat(core): add webhooks middleware to experience api (logto-io#6357) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * feat(core): add hooks middleware to experience APIs add interaction hooks to experience APIs * refactor(core): refactor experience API context type refactor experience API context type * feat(connector): added postmark connector * chore: remove unused deps (logto-io#6372) * chore: remove unused deps * chore: fix version * refactor(core): improve swagger auth description (logto-io#6367) * feat(core,schemas): add auditLogs to experience API (logto-io#6361) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * feat(core,schemas): add auditLogs to experience API add auditLogs to experience API * refactor(core): allow cloudflare insights origin in csp (logto-io#6375) refactor(core): allow cloudflare csp * feat(core,schemas): add mandatory password guard on register (logto-io#6368) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * feat(core,schemas): add mandatory password guard on register add mandatory password guard on register * feat: add advanced search params to all supported endpoints (logto-io#6358) * feat: add search params to list users endpoint * feat: implement advanced search for all supported endpoints * chore(deps): update dependency nock to v14.0.0-beta.9 (logto-io#6243) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cli): add cli command to setup custom ui local debugging proxy (logto-io#6365) * feat(cli): add proxy * refactor(cli): polish code per comments * refactor(cli): polish code * refactor(cli): support serving static files * chore: add changeset * refactor: polish code * refactor(cli): polish code * refactor(cli): make json parse safer * feat(core,console,phrases): add custom data editor to application details page (logto-io#6370) * feat(core,console,phrases): add custom data editor to application details page add custom data editor to application details page * chore: add changeset add changeset * fix(core): fix input params bug fix input params bug * fix(test): fix the integration tests fix the integration tests * fix(console): use the form controller element use the form controller element * fix(core,console): remove deepPartial statement remove deepPartial statement from the patch application API payload guard * fix(test): fix backchannel integration test fix backchannel integration test * fix(core): allow non-json body type when parsing (logto-io#6379) * refactor(core): make password optional in NewPasswordIdentity (logto-io#6377) refactor(core): make password optional in NewPasswordIdentity verification make password optioanl in NewPasswordIdentity verification * refactor(console): get and check `skuId` from checkout session (logto-io#6369) * refactor(console): get and check skuId from checkout session * chore: update @logto/cloud dependency * refactor: add tests for content-type in oidc apis (logto-io#6380) * refactor(console): delay module loading suspense component display by 500ms (logto-io#6345) * chore(console): remove redunant login hint usage for invitation (logto-io#6385) * fix(core): error data bug fixing (logto-io#6382) fix(core): error code bug fixing error code bug fixing * refactor(console): update billing info showed in subscription details page (logto-io#6384) * fix(console): add in-line error message (logto-io#6386) * fix(console): add in-line error message add in-line error message * refactor(console): remove old validation logic remove old validation logic * fix(console): create tenant button should stretch to full width (logto-io#6381) * fix(console): manual update subscription data when add/delete resources (logto-io#6360) * fix(console): add post response hook to update subscription info for useApi hook * refactor: wrap sync subscription data method * chore(phrases): update content (logto-io#6392) chore: update content * fix(console): fix the subscription plan display in tenant dropdown (logto-io#6393) * refactor(core): should not guard sso authentication flow (logto-io#6394) should not guard mfa and profile fulfillment for the sso authentication flow * fix(core): should not throw when not adding any new roles to a user (logto-io#6387) * fix(console): should not call cloud API when tenant ID is not valid (logto-io#6399) * refactor(console): improve guide logo and contact us logo display (logto-io#6391) * feat(core,schemas): add support for argon2d and argon2id (logto-io#6404) * feat(console): support next auth v5 (logto-io#6397) * feat: add add-on feature notice/tag * chore: define add on unit price temporarily * refactor: produce br outputs (logto-io#6376) * refactor: produce br outputs * refactor: fix favicon url * refactor: add `report:subscription:updates` Cloud scope (logto-io#6403) * Revert "refactor: add `report:subscription:updates` Cloud scope" (logto-io#6412) Revert "refactor: add `report:subscription:updates` Cloud scope (logto-io#6403)" This reverts commit e1922e9. * fix(console): fix unexpected 401 error toast (logto-io#6416) * feat(core): add Sentinel guard (logto-io#6374) feat(core): add sentinel protection add sentinel protection * feat(core): support google one tap (logto-io#6395) * feat(core): support google one tap support google one tap verification * fix(core): fix google one tap verification error fix google one tap verification error * fix(test): optimize social verification test optimize social verificaiton tests * fix(test): update social verification ut update social verification util unit test * refactor(core,schemas): refactor the register flow (logto-io#6401) * refactor(core,schemas): refactor the registration flow refactor the registraction flow * fix(core): remove unused method remove unused method * fix(test): remove legacy test remove legacy test * fix(core): fix webauthn verificaiton api fix webauthn verification api * feat(console): add new usage display for pro subscription plan (logto-io#6413) * release: version packages (logto-io#6197) * Fixing missing variables. --------- Co-authored-by: Gao Sun <gao@silverhand.io> Co-authored-by: simeng-li <simeng@silverhand.io> Co-authored-by: silverhand-bot <107667382+silverhand-bot@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Misaka_L <lipww1234@foxmail.com> Co-authored-by: Xiao Yijun <xiaoyijun@silverhand.io> Co-authored-by: wangsijie <wangsijie@silverhand.io> Co-authored-by: Charles Zhao <charleszhao@silverhand.io> Co-authored-by: Darcy Ye <darcyye@silverhand.io> Co-authored-by: Mostafa Moradian <mstfmoradian@gmail.com> Co-authored-by: Sten Roger Sandvik <sten.sandvik@fieldnode.com>
SamSalvatico
added a commit
to ogcio/logto
that referenced
this pull request
Sep 3, 2024
* refactor(console): reorg logo uploads * refactor(experience): add label for input field (logto-io#6200) * feat(core): add quota guard for subject tokens (logto-io#6205) * style(experience): update floating label position (logto-io#6211) * refactor(core): update cache key * refactor(console): rename file * refactor(console): update all logo uploaders (logto-io#6209) * refactor(experience): show dark favicon (logto-io#6210) * feat(core): implement TOTP verification routes (logto-io#6201) * feat(core): implmenent totp verification routes implement totp verification routes * fix(core): update comments update comments * feat(core,schemas): implement backup codes verification (logto-io#6207) implement the backup code verification flow * refactor: fix experience branding fallback * fix(experience): use forgot password identifier in related flow (logto-io#6221) * refactor(console): improve branding experience * feat(core): handle dpop and client certificate for token exchange (logto-io#6199) * refactor: fix third-party app experience branding (logto-io#6223) * refactor(core): refactor organizations in grants (logto-io#6208) * test: add resource test cases for token exchange (logto-io#6216) * feat(core): handle dpop and client certificate for token exchange * refactor(core): refactor organizations in grants * test: add resource test cases for token exchange * feat(core,schemas): introduce new PUT experience API (logto-io#6212) * feat(core,schemas): introduce new PUT experience API introduce new PUT experience API * fix(core): fix some comments fix some comments * refactor: experience ssr (logto-io#6229) * refactor: experience ssr * refactor: fix parameter issue * chore(deps): upgrade packages * chore(deps): upgrade zod * feat(experience): support loading state for buttons (logto-io#6232) * refactor: patch type issues * chore: add changesets (logto-io#6239) * chore(deps): update vitest monorepo to v2 (major) (logto-io#6202) * chore(deps): update vitest monorepo to v2 * refactor: remove unused lint ignorings --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Gao Sun <gao@silverhand.io> * feat(core,schemas): implement the sie settings guard (logto-io#6215) * feat(core,schemas): implement the sie settings guard implement the sie settings guard * fix(test): fix integration test fix integration test * test(core): add sie guard ut add sie guard ut * chore(core): add some comment add some comment * refactor(core): rename the sign-in-experience-settings class rename the sign-in-experience-settings class * feat: init elements * refactor(core): remove subject token api prefix (logto-io#6235) * feat(core): add get available sso connectors endpoint (logto-io#6224) feat(core): implement get sso connectors implement get sso connectors endpoint * feat(elements): init i18n * feat(core,schemas): implement the register flow (logto-io#6237) * feat(core,schemas): implement the register flow implement the register flow * refactor(core,schemas): relocate the profile type defs relocate the profile type defs * fix(core): fix the validation guard logic fix the validation guard logic * fix(core): fix social and sso identity not created bug fix social and sso identity not created bug * fix(core): fix social identities profile key fix social identities profile key * fix(core): fix sso query method fix sso query method * feat(core,schemas): add post custom ui assets api (logto-io#6118) * feat(core,schemas): add post custom ui assets api * test(core): add register integration tests (logto-io#6248) * test(core): add register integration tests add register integration tests * test: add enterprise sso integration tests add enterprise sso integration tests * feat(elements): add components * feat(core,schemas): implement the username password registration flow (logto-io#6249) * feat(core,schemas): implement the username password registration flow implement the username password registration flow * chore(core): update some comments update some comments * fix(test): fix integration tests fix integration tests * fix(test): fix lint fix lint * fix(experience): correct active state for input field (logto-io#6255) * refactor(console): use button loading in experience flow if possible (logto-io#6234) * refactor(experience): support and apply modal loading state (logto-io#6236) * refactor(experience): support and apply modal loading state * feat(experience): support cancel loading for modal * chore(elements): update readme * feat(core): add the new user provision (logto-io#6253) add the new user provision * feat(connector): enable custom headers for SMTP connector (logto-io#6256) * fix(console): fix Google connector `scope` field can not be unset bug (logto-io#6254) * style(experience): improve input filed style (logto-io#6260) * feat(core): set up proxy to host custom ui assets if available (logto-io#6214) * feat(core): set up proxy to host custom ui assets if available * refactor: use object param for koa spa proxy middleware * refactor: make queries param mandatory * style(experience): remove autofill style from input component (logto-io#6261) * fix(console): fix image upload in onboarding process (logto-io#6266) * fix(console): fix grant data card height (logto-io#6264) * fix(console): fix passwordless connector tester send failed bug (logto-io#6268) * feat(console): implement custom ui assets upload component (logto-io#6217) * ci: always set conclusion for alteration tests (logto-io#6276) * style(experience): add transition for notched border (logto-io#6265) * refactor(experience): avoid disabled button for continue button (logto-io#6271) * feat(core): add api quota guard for bring your ui feature (logto-io#6273) * fix(console): should not toast invitation sent message when creating tenant w/o invitee (logto-io#6270) fix(console): should not toast invitation sent message when creating tenant without invitee * feat(console): add impersonation price item (logto-io#6269) * fix(experience): shrink input field when autofilled by the browser (logto-io#6280) * feat(console): add impersonation tag to audit log (logto-io#6267) * feat(core,schemas): implement social/sso link and sync logic (logto-io#6257) * feat(core,schemas): implement social/sso link and sync logic implement social/sso link and sync logic * test(core): add intergration tests add integration tests * feat(core): add mfa verification guard (logto-io#6262) add mfa verification guard * chore: remove feature guard for token exchange (logto-io#6246) * chore: add changeset for impersonation (logto-io#6251) * chore(elements): move check to build * chore(deps): upgrade typescript * chore(elements): add locale changes * chore(deps): upgrade react * chore(elements): check git existence * feat(schemas): init app_secrets table * feat(core): multiple app secrets * refactor(core,schemas): refactor `CodeVerification` (logto-io#6277) * refactor(core,schemas): refactor the CodeVerification class split the CodeVerification class into EmailCodeVerification and PhoneCodeVerification * refactor(core,schemas): split CodeVerification type split CodeVerification type * fix(core): code review updates code review updates * feat: add content schema to HTTP 201 CREATED messages (logto-io#6244) feat: add content schema to 201 messages * feat(console,phrases): add bring your ui quota item to pricing table (logto-io#6274) * refactor(console,phrases,schemas): increase file upload size limit to 10mb (logto-io#6258) refactor(console,phrases,schemas): increase file upload size limit to 10 mb * feat(elements): init modal and input * refactor: fix phrases * feat(elements): init user provider * feat(elements): update name * feat(console,phrases): add bring your UI feature paywall (logto-io#6275) feat(console,phrases): add bring your ui feature paywall * chore: update README.md (logto-io#6297) * chore: update README.md * chore: add awesome list * style(experience): improve notched border animation (logto-io#6296) * fix(console): sidebar width should not be shrunk (logto-io#6299) * refactor(core): extract password-validator (logto-io#6282) * refactor(core): extract password-validator extract password validator * fix(core): update comments and rename method name update comment and rename method name * refactor(console): update file uploader component to 80px fixed height * fix(core): should not sync registered identifier from social (logto-io#6283) should not sync registered identifier from social * style(experience): use brand loading color for buttons (logto-io#6302) * chore(console): remove dev feature guard (logto-io#6303) * refactor(core): extract helpers and provision methods (logto-io#6285) extract helpers and provision methods * feat(console): support multiple app secrets * refactor(phrases): improve bring your ui field description * fix(console): add cloud guard to bring your ui form field * refactor(schemas): increase max upload file size limit to 20MB * fix(core): disable bring your ui feature for admin tenant (logto-io#6300) * fix(console): should be able to remove the zip on upload error (logto-io#6306) * refactor: generate application secret on creation * fix(console): fix loading and error handling for org details page (logto-io#6313) * refactor(console): keep button loading before redirecting to sign-in success page (logto-io#6305) * refactor: use vite for demo app * refactor(core): log app secret name * chore(phrases): sync keys and translate (logto-io#6315) * refactor(core): implement verification records map (logto-io#6289) * refactor(core): implement verificaiton records map implement verification records map * fix(core): fix invalid verification type error fix invalid verificaiton type error * fix(core): update the verification record map update the verification record map * fix(core): update some comments update some comments * refactor(core): polish promise dependency polish promise dependency * fix(core): fix the social/sso syncing profile logic fix the social/sso syncing profile logic * refactor(core): optimize the verification records map optimize the verification records map * fix(core): fix set method of VerificationRecord map fix set method of VerificationRecord map * refactor(experience): use button loading for social sign-in (logto-io#6316) * chore: add comment * chore: add comment * refactor(console): use vite * refactor(experience): use vite * refactor(console): use local mermaid import * fix(console): use correct public url (logto-io#6325) * refactor(console, experience): optimize bundling (logto-io#6326) * refactor(console, experience): optimize bundling * fix: use correct favicon paths * chore: use dynamic react dependency checking in bundling * refactor(core): rename some file names and methods (logto-io#6321) * refactor(core): rename some files name and methods rename some files name and methods, fix some comments * chore: update comments update comments * chore: update comments update comments * chore: polish the words polish the words * fix(console): check scope only when data is ready (logto-io#6329) * feat(core,schemas): implement profile fulfillment flow (logto-io#6293) * feat(core,schemas): implement profile fulfillment flow implement profile fulfillment flow * fix(test): fix integration tests fix integration tests * fix(core): fix rebase issue fix rebase issue * refactor(core): refactor the interaction set profile flow refactor the interaction set profile flow * test(core): add profile fulfillment integration tests (logto-io#6294) * test(core): add profile fufillment integration tests add profile fufillment integration tests * fix: fix integration tests fix integration tests * refactor(test): rebase and update the latest profile api rebase and update the latest profile api * fix(console): css loaded svg should be rendered properly (logto-io#6333) * fix(core): fix some webhook api body status 404 bug (logto-io#6311) * fix(core): fix some webhook api body status 404 bug fix some webhook api body status 404 bug * fix(core): improve the webhook trigger logic improve the webhook trigger logic * chore: add changeset add changeset * chore: update the changeset update the changeset * feat(core): implement the WebAuthn verification (logto-io#6308) feat(core): implement the webauthn verification implement the webauthn verification * feat(schemas): add custom data to application (logto-io#6309) * feat(core,schemas): add application custom data add application custom data * test(core): add update application with new custom data test add update application with new custom data test * refactor(console): increase custom ui assets upload timeout to 5 mins (logto-io#6319) refactor(console): increase custom ui assets upload timeout to 5mins * refactor: update logto/core cloud API usage * refactor: update code according to CR * refactor(console): update admin console using new pricing model (logto-io#6295) * refactor(console): update cloud API calls * refactor: update code according to CR * refactor: correct component usage * refactor(console): safely lazy load pages (logto-io#6332) * refactor(console): safely lazy load pages * chore(console): use react-safe-lazy * feat(core): implement the missing mfa bind and guard flow (logto-io#6320) * feat(core): implement the mfa binding flow implment the mfa binding flow * fix(test): fix integration tests fix integration tests * fix(core): fix the wrong status code fix the wrong status code * refactor(core): refactor bind backup codes refactor bind backup codes * refactor(core): extract isNewMfaVerification property (logto-io#6338) extract isNewMfaVerifrication property * refactor(core): refactor backup code generates flow (logto-io#6339) refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(console): dragging anchor in the color picker on application branding page (logto-io#6340) * test(core): add the mfa binding integration tests (logto-io#6330) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * test(core): implement the mfa binding integration tests implement the mfa binding integration tests * test(core): rebase backup code refactor rebase backup code refactor * style(console): fix custom jwt guide card style (logto-io#6343) * refactor(console): block page navigation when uploading custom ui assets (logto-io#6342) * chore(console): update bring your ui documentation link (logto-io#6317) chore(console): add bring your ui documentation link * fix(elements): fix user context tag name (logto-io#6346) * chore: launch multiple app secrets * chore: launch multiple app secrets * refactor(core): use tsup for building * refactor: use tsup for building * refactor(console): improve ux * chore: fix failed tests * refactor(connector): use tsup for building * ci: add check job * feat(console): remove beta tag for protected app (logto-io#6341) * feat(console): add passport.js guide (logto-io#6344) * chore: update plausible urls (logto-io#6349) * refactor(console, experience): solve sass deprecations (logto-io#6356) * fix(console): fix the plan title for subscription plan selector (logto-io#6348) * refactor(core): refactor openapi docs for protected app (logto-io#6331) * refactor: update per review * feat: allow app secret edit (logto-io#6352) * fix(console): add dev guard on new pricing model subscription hooks (logto-io#6363) * feat(core): migrate register flow affiliate report logic (logto-io#6334) Migrate the new user affiliate flow from interaction API. - `postAffiliateLogs` is forked from `routes/interaction/actions/helpers.ts` * refactor(core): extract verified interaction guard middleware (logto-io#6336) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * refactor(core): extract verified interaction guard middleware extract verified interaction guard middleware * refactor(console): fix text overflow issue (logto-io#6366) * refactor(core): make the interaction event mandatory (logto-io#6337) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * refactor(core): make the interaction event mandatory make the interaction event mandatory * test: update integration tests update integration tests * fix(core): fix the middleware apply bug fix the koaExperienceInteraction middleware apply bug * feat(core): add webhooks middleware to experience api (logto-io#6357) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * feat(core): add hooks middleware to experience APIs add interaction hooks to experience APIs * refactor(core): refactor experience API context type refactor experience API context type * feat(connector): added postmark connector * chore: remove unused deps (logto-io#6372) * chore: remove unused deps * chore: fix version * refactor(core): improve swagger auth description (logto-io#6367) * feat(core,schemas): add auditLogs to experience API (logto-io#6361) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * feat(core,schemas): add auditLogs to experience API add auditLogs to experience API * refactor(core): allow cloudflare insights origin in csp (logto-io#6375) refactor(core): allow cloudflare csp * feat(core,schemas): add mandatory password guard on register (logto-io#6368) * refactor(core): refactor backup code generate flow refactor backup code generate flow * fix(core): fix api payload fix api payload * fix(core): fix rebase issue fix rebase issue * feat(core,schemas): add mandatory password guard on register add mandatory password guard on register * feat: add advanced search params to all supported endpoints (logto-io#6358) * feat: add search params to list users endpoint * feat: implement advanced search for all supported endpoints * chore(deps): update dependency nock to v14.0.0-beta.9 (logto-io#6243) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * feat(cli): add cli command to setup custom ui local debugging proxy (logto-io#6365) * feat(cli): add proxy * refactor(cli): polish code per comments * refactor(cli): polish code * refactor(cli): support serving static files * chore: add changeset * refactor: polish code * refactor(cli): polish code * refactor(cli): make json parse safer * feat(core,console,phrases): add custom data editor to application details page (logto-io#6370) * feat(core,console,phrases): add custom data editor to application details page add custom data editor to application details page * chore: add changeset add changeset * fix(core): fix input params bug fix input params bug * fix(test): fix the integration tests fix the integration tests * fix(console): use the form controller element use the form controller element * fix(core,console): remove deepPartial statement remove deepPartial statement from the patch application API payload guard * fix(test): fix backchannel integration test fix backchannel integration test * fix(core): allow non-json body type when parsing (logto-io#6379) * refactor(core): make password optional in NewPasswordIdentity (logto-io#6377) refactor(core): make password optional in NewPasswordIdentity verification make password optioanl in NewPasswordIdentity verification * refactor(console): get and check `skuId` from checkout session (logto-io#6369) * refactor(console): get and check skuId from checkout session * chore: update @logto/cloud dependency * refactor: add tests for content-type in oidc apis (logto-io#6380) * refactor(console): delay module loading suspense component display by 500ms (logto-io#6345) * chore(console): remove redunant login hint usage for invitation (logto-io#6385) * fix(core): error data bug fixing (logto-io#6382) fix(core): error code bug fixing error code bug fixing * refactor(console): update billing info showed in subscription details page (logto-io#6384) * fix(console): add in-line error message (logto-io#6386) * fix(console): add in-line error message add in-line error message * refactor(console): remove old validation logic remove old validation logic * fix(console): create tenant button should stretch to full width (logto-io#6381) * fix(console): manual update subscription data when add/delete resources (logto-io#6360) * fix(console): add post response hook to update subscription info for useApi hook * refactor: wrap sync subscription data method * chore(phrases): update content (logto-io#6392) chore: update content * fix(console): fix the subscription plan display in tenant dropdown (logto-io#6393) * refactor(core): should not guard sso authentication flow (logto-io#6394) should not guard mfa and profile fulfillment for the sso authentication flow * fix(core): should not throw when not adding any new roles to a user (logto-io#6387) * fix(console): should not call cloud API when tenant ID is not valid (logto-io#6399) * refactor(console): improve guide logo and contact us logo display (logto-io#6391) * feat(core,schemas): add support for argon2d and argon2id (logto-io#6404) * feat(console): support next auth v5 (logto-io#6397) * feat: add add-on feature notice/tag * chore: define add on unit price temporarily * refactor: produce br outputs (logto-io#6376) * refactor: produce br outputs * refactor: fix favicon url * refactor: add `report:subscription:updates` Cloud scope (logto-io#6403) * Revert "refactor: add `report:subscription:updates` Cloud scope" (logto-io#6412) Revert "refactor: add `report:subscription:updates` Cloud scope (logto-io#6403)" This reverts commit e1922e9. * fix(console): fix unexpected 401 error toast (logto-io#6416) * feat(core): add Sentinel guard (logto-io#6374) feat(core): add sentinel protection add sentinel protection * feat(core): support google one tap (logto-io#6395) * feat(core): support google one tap support google one tap verification * fix(core): fix google one tap verification error fix google one tap verification error * fix(test): optimize social verification test optimize social verificaiton tests * fix(test): update social verification ut update social verification util unit test * refactor(core,schemas): refactor the register flow (logto-io#6401) * refactor(core,schemas): refactor the registration flow refactor the registraction flow * fix(core): remove unused method remove unused method * fix(test): remove legacy test remove legacy test * fix(core): fix webauthn verificaiton api fix webauthn verification api * feat(console): add new usage display for pro subscription plan (logto-io#6413) * release: version packages (logto-io#6197) * feat(cli): added ogcio folder * chore(cli): added ref to ogcio command * feat(core): added env sample * chore(cli): added port collision fix * chore(core): updated docker compose * chore(cli): fixed dockerfile * chore(cli): added makefile * chore(core): updated package json * chore(core): updated run logto remote * chore(core): updated pr request template * chore(cli): ogcio connectors * chore(phrases): updated errors * chore(core): added lot of stuffs * fix(cli): fixed port * workflow main * dockerignore * readme * basics * basics * basics * basics * eof * eof * eof * chore(core): synced --------- Co-authored-by: Gao Sun <gao@silverhand.io> Co-authored-by: Xiao Yijun <xiaoyijun@silverhand.io> Co-authored-by: wangsijie <wangsijie@silverhand.io> Co-authored-by: simeng-li <simeng@silverhand.io> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Charles Zhao <charleszhao@silverhand.io> Co-authored-by: Darcy Ye <darcyye@silverhand.io> Co-authored-by: Mostafa Moradian <mstfmoradian@gmail.com> Co-authored-by: Sten Roger Sandvik <sten.sandvik@fieldnode.com> Co-authored-by: silverhand-bot <107667382+silverhand-bot@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
Remove feature guard for token exchange (impersonation).
Testing
Existing tests should pass.
Checklist
.changeset