Merge branch 'master' of https://github.com/appwrite/appwrite into 0.10.x
This commit is contained in:
commit
45e9c62d7a
|
@ -42,7 +42,6 @@ return [
|
|||
'name' => 'Phone',
|
||||
'key' => 'usersAuthPhone',
|
||||
'icon' => '/images/users/phone.png',
|
||||
'docs' => 'https://appwrite.io/docs/client/account?sdk=web#accountCreatePhoneSession',
|
||||
'docs' => '',
|
||||
'enabled' => false,
|
||||
],
|
||||
|
|
|
@ -26,8 +26,8 @@ use Appwrite\URL\URL as URLParser;
|
|||
use Appwrite\Utopia\Response;
|
||||
use Utopia\Validator\ArrayList;
|
||||
|
||||
$oauthDefaultSuccess = App::getEnv('_APP_HOME').'/auth/oauth2/success';
|
||||
$oauthDefaultFailure = App::getEnv('_APP_HOME').'/auth/oauth2/failure';
|
||||
$oauthDefaultSuccess = '/v1/auth/oauth2/success';
|
||||
$oauthDefaultFailure = '/v1/auth/oauth2/failure';
|
||||
|
||||
App::post('/v1/account')
|
||||
->desc('Create Account')
|
||||
|
@ -277,13 +277,13 @@ App::get('/v1/account/sessions/oauth2/:provider')
|
|||
->label('abuse-limit', 50)
|
||||
->label('abuse-key', 'ip:{ip}')
|
||||
->param('provider', '', new WhiteList(\array_keys(Config::getParam('providers')), true), 'OAuth2 Provider. Currently, supported providers are: ' . \implode(', ', \array_keys(\array_filter(Config::getParam('providers'), function($node) {return (!$node['mock']);}))).'.')
|
||||
->param('success', $oauthDefaultSuccess, function ($clients) { return new Host($clients); }, 'URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
|
||||
->param('failure', $oauthDefaultFailure, function ($clients) { return new Host($clients); }, 'URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
|
||||
->param('success', '', function ($clients) { return new Host($clients); }, 'URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
|
||||
->param('failure', '', function ($clients) { return new Host($clients); }, 'URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['clients'])
|
||||
->param('scopes', [], new ArrayList(new Text(128)), 'A list of custom OAuth2 scopes. Check each provider internal docs for a list of supported scopes.', true)
|
||||
->inject('request')
|
||||
->inject('response')
|
||||
->inject('project')
|
||||
->action(function ($provider, $success, $failure, $scopes, $request, $response, $project) {
|
||||
->action(function ($provider, $success, $failure, $scopes, $request, $response, $project) use ($oauthDefaultSuccess, $oauthDefaultFailure) {
|
||||
/** @var Utopia\Swoole\Request $request */
|
||||
/** @var Appwrite\Utopia\Response $response */
|
||||
/** @var Appwrite\Database\Document $project */
|
||||
|
@ -308,6 +308,14 @@ App::get('/v1/account/sessions/oauth2/:provider')
|
|||
throw new Exception('Provider is not supported', 501);
|
||||
}
|
||||
|
||||
if(empty($success)) {
|
||||
$success = $protocol . '://' . $request->getHostname() . $oauthDefaultSuccess;
|
||||
}
|
||||
|
||||
if(empty($failure)) {
|
||||
$failure = $protocol . '://' . $request->getHostname() . $oauthDefaultFailure;
|
||||
}
|
||||
|
||||
$oauth2 = new $classname($appId, $appSecret, $callback, ['success' => $success, 'failure' => $failure], $scopes);
|
||||
|
||||
$response
|
||||
|
@ -591,7 +599,7 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect')
|
|||
}
|
||||
|
||||
// Add keys for non-web platforms - TODO - add verification phase to aviod session sniffing
|
||||
if (parse_url($state['success'], PHP_URL_PATH) === parse_url($oauthDefaultSuccess, PHP_URL_PATH)) {
|
||||
if (parse_url($state['success'], PHP_URL_PATH) === $oauthDefaultSuccess) {
|
||||
$state['success'] = URLParser::parse($state['success']);
|
||||
$query = URLParser::parseQuery($state['success']['query']);
|
||||
$query['project'] = $project->getId();
|
||||
|
|
|
@ -426,7 +426,7 @@ App::post('/v1/teams/:teamId/memberships')
|
|||
}
|
||||
|
||||
$url = Template::parseURL($url);
|
||||
$url['query'] = Template::mergeQuery(((isset($url['query'])) ? $url['query'] : ''), ['membershipId' => $membership->getId(), 'teamId' => $team->getId(), 'userId' => $invitee->getId(), 'secret' => $secret, 'teamId' => $teamId]);
|
||||
$url['query'] = Template::mergeQuery(((isset($url['query'])) ? $url['query'] : ''), ['membershipId' => $membership->getId(), 'userId' => $invitee->getId(), 'secret' => $secret, 'teamId' => $teamId]);
|
||||
$url = Template::unParseURL($url);
|
||||
|
||||
if (!$isPrivilegedUser && !$isAppUser) { // No need of confirmation when in admin or app mode
|
||||
|
|
|
@ -215,7 +215,7 @@ class DeletesV1 extends Worker
|
|||
}
|
||||
// Delete Dead Realtime Logs
|
||||
$this->deleteByGroup([
|
||||
'$collection='.Database::SYSTEM_COLLECTION_REALTIME_CONNECTIONS,
|
||||
'$collection='.Database::SYSTEM_COLLECTION_CONNECTIONS,
|
||||
'timestamp<'.$timestamp
|
||||
], $consoleDB);
|
||||
|
||||
|
|
Loading…
Reference in a new issue