lywsvip/server
1
0
Fork 0
mirror of https://github.com/gotify/server.git synced 2026-05-07 22:06:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
812 Commits 19 Branches 69 Tags
testx
Commit Graph

46 Commits

Author SHA1 Message Date
Jannis Mattheis
ac7bb2a2a9 fix: typo user external 2026-04-19 19:20:25 +02:00
Jannis Mattheis
d432900486 fix: logout to /auth/logout and swagger docs 
With session elevation, we cannot use DELETE /client as this requires
elevation. It should be possible to logout without an elevated session.

This makes the logout endpoint public api to be used by the android app.
 2026-04-19 18:00:16 +02:00
Jannis Mattheis
8dbb0c80dd fix: increase api version 2026-04-11 18:53:48 +02:00
Jannis Mattheis
6d53859b77 feat: add external oidc flow 
Add two new endpoints for native app OIDC authentication using the
PKCE relay pattern (similar to Vaultwarden's SSO implementation):

- POST /auth/oidc/external/authorize - accepts a PKCE code_challenge
from the client, forwards it to the IdP, and returns the authorize URL
- POST /auth/oidc/external/token - accepts the auth code and
code_verifier, relays them to the IdP for token exchange, and returns
a gotify client token

The server never generates its own PKCE pair for this flow. It then relays
the client's code_challenge to the IdP during authorization and the
code_verifier during token exchange. The IdP validates the binding.
Pending auth sessions are stored in memory with a 10-minute TTL.

CSRF protection is provided by the state parameter, which contains a
cryptographically random nonce and is validated on the token exchange.
The state is single-use (deleted from the pending session map on lookup),
preventing replay attacks. Even without single-use enforcement, replay
would be harmless since the IdP's authorization code can only be
exchanged once.
 2026-04-11 18:53:48 +02:00
Jannis Mattheis
f130ebe194 fix: add /gotifyconfig endpoint 2026-04-11 18:53:48 +02:00
Jannis Mattheis
cfaddfe255 feat: oidc 2026-04-11 18:53:48 +02:00
Jannis Mattheis
278b873b5b feat: add sort_key to backend 2026-01-24 13:28:40 +01:00
Jannis Mattheis
9592cc95c9 fix: update go-swagger 2023-09-16 21:06:54 +02:00
eternal-flame-AD
7bf80ee6f1 Add last used to client & application 2023-08-06 12:30:22 +02:00
chrispruitt
72bd8c8ba6 Add default message priority for applications 
Co-authored-by: Jannis Mattheis <contact@jmattheis.de>
 2023-07-19 18:15:01 +00:00
Helmut K. C. Tessarek
5cd2d5411f Add delete application image endpoint 2023-05-28 13:59:49 +00:00
mateuscelio
f3d121bd61 Adds ClientParams strcut to handle creation and update params 2023-04-28 16:11:40 +02:00
mateuscelio
0fb584d7f7 Update docs 2022-12-03 10:45:07 +01:00
Jannis Mattheis
fcd9b88bb7 Fix required mismatch in update & create user 
This shouldn't break the api.
 2022-09-10 16:47:22 +02:00
mateuscelio
f16ce59e6c Prevent setting id while inserting / updating applications 2022-07-24 08:48:14 +00:00
pigpig
c172590b92 Add registration 
Can be enabled via the registration config flag. (disabled per default)

Fixes gotify/server#395

Co-authored-by: pigpig <pigpig@pig.pig>
Co-authored-by: Karmanyaah Malhotra <32671690+karmanyaahm@users.noreply.github.com>
Co-authored-by: Jannis Mattheis <contact@jmattheis.de>
 2021-08-04 19:39:43 +02:00
Jannis Mattheis
757fa17d26 Use int64 as input 2020-06-24 18:32:35 +02:00
Jannis Mattheis
348f96b891 Use int64 instead of uint64 
uint64 isn't a valid swagger format.
https://swagger.io/specification/v2/#dataTypeFormat
 2020-06-24 18:21:04 +02:00
Jannis Mattheis
415dd862f8 Update swagger 2020-05-08 10:43:17 +02:00
Jannis Mattheis
81c4a73df3 Add health api 2019-08-16 09:28:57 +02:00
Noa Amran
44f4ff31cb Fix typos 
Closes #197
 2019-06-27 19:04:48 +02:00
Jannis Mattheis
e9bbe17fa4 Allow markdown in messages (#180) 2019-03-30 11:08:51 +01:00
GianOrtiz
e32359ed15 Add update client api and dialog (#164) 2019-03-16 11:18:51 +01:00
Jannis Mattheis
1d04753296 Update swagger spec 2019-03-01 19:37:31 +01:00
饺子w
ec5b1f8c30 Support reverse proxy with path rewrite (#127) 2019-02-13 18:47:48 +01:00
Jannis Mattheis
a1204a57f8 Fix id in plugins 2019-02-09 13:26:02 +01:00
eternal-flame-AD
e5b24f4c92 Add plugin feature 
Fixed database migration
Added a plugin system based on the go plugin package
 2019-02-09 12:52:01 +01:00
eternal-flame-AD
de09aae987 add extras to message model 2019-02-02 13:06:30 +01:00
Jannis Mattheis
ec2c3da9d4 Add summary for updateApp and uploadImg api 2018-11-24 11:31:32 +01:00
Jannis Mattheis
9e7859c36c Add missing bad request / not found definitions 2018-11-24 11:31:32 +01:00
Eugene Gavrilov
4a6863eda2 [#69] add end-point for update application name and description 2018-11-23 21:39:07 +01:00
Eugene Gavrilov
0ca18b817c [#71] Make title in message not necessary field 2018-11-14 20:05:24 +01:00
Jannis Mattheis
b58062f508 Fix swagger definition 2018-06-03 10:49:53 +02:00
Jannis Mattheis
caef4ff74f [#34] Update update api documentation & Increase api version 2018-04-13 18:56:11 +02:00
Jannis Mattheis
dcc8ea6b4c Increment API version 2018-03-31 18:44:49 +02:00
Jannis Mattheis
ab7cc7d1e0 Add UploadApplicationImage API to router 2018-03-31 18:44:49 +02:00
Jannis Mattheis
b738115b72 Add Image property to model.Application 2018-03-31 18:44:49 +02:00
Jannis Mattheis
df8ebb9f69 Increase API version 2018-03-11 17:58:44 +01:00
Jannis Mattheis
c07dc59af9 Update Spec 2018-03-11 17:58:44 +01:00
Jannis Mattheis
db60d2f0e7 Use correct models in user apis 2018-02-28 20:22:25 +01:00
Jannis Mattheis
792d14ab04 Update spec & packr 2018-02-28 20:22:25 +01:00
Jannis Mattheis
ae9512b6b6 Increase API-Version 2018-02-24 16:05:00 +01:00
Jannis Mattheis
66a7c3ee47 Remove branch from version info 
When travis builds a tag, no branch is set
 2018-02-24 16:05:00 +01:00
Jannis Mattheis
e458bb1328 Add version api & model 2018-02-21 19:27:31 +01:00
Jannis Mattheis
9d635b15a6 Add json mapping for ID in client & app 2018-02-18 12:56:42 +01:00
Jannis Mattheis
e13aff389b Add swagger documentation 2018-02-18 12:56:42 +01:00