lywsvip/server
1
0
Fork 0
mirror of https://github.com/gotify/server.git synced 2026-06-02 08:24:44 +08:00
Code Issues Packages Projects Releases Wiki Activity
812 Commits 22 Branches 69 Tags
testx
Commit Graph

38 Commits

Author SHA1 Message Date
Jannis Mattheis
6d53859b77 feat: add external oidc flow 
Add two new endpoints for native app OIDC authentication using the
PKCE relay pattern (similar to Vaultwarden's SSO implementation):

- POST /auth/oidc/external/authorize - accepts a PKCE code_challenge
from the client, forwards it to the IdP, and returns the authorize URL
- POST /auth/oidc/external/token - accepts the auth code and
code_verifier, relays them to the IdP for token exchange, and returns
a gotify client token

The server never generates its own PKCE pair for this flow. It then relays
the client's code_challenge to the IdP during authorization and the
code_verifier during token exchange. The IdP validates the binding.
Pending auth sessions are stored in memory with a 10-minute TTL.

CSRF protection is provided by the state parameter, which contains a
cryptographically random nonce and is validated on the token exchange.
The state is single-use (deleted from the pending session map on lookup),
preventing replay attacks. Even without single-use enforcement, replay
would be harmless since the IdP's authorization code can only be
exchanged once.
 2026-04-11 18:53:48 +02:00
Jannis Mattheis
f130ebe194 fix: add /gotifyconfig endpoint 2026-04-11 18:53:48 +02:00
Jannis Mattheis
ea16549ce5 fix: applications sorting for postgres/mysql 
Sqlite sorting is by default case sensitive. Postgres & mysql seem to be
case insensitive text sorting.

Sorting bytes is consistent between mysql,sqlite, and postgres.
 2026-02-25 19:07:37 +01:00
Jannis Mattheis
db7ec80fa9 fix: mysql applications sorting index 2026-02-25 19:07:29 +01:00
Jannis Mattheis
a1f83c5ef8 fix: enforce sort_key is unique per user 2026-01-28 18:46:21 +01:00
Jannis Mattheis
278b873b5b feat: add sort_key to backend 2026-01-24 13:28:40 +01:00
饺子w (Yumechi)
496c166981 chore: Migrate github.com/jinzhu/gorm to gorm.io/gorm (#863) 
* chore: Migrate github.com/jinzhu/gorm to gorm.io/gorm

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* chore: drop singleton connection limit on sqlite3 backend

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* enhance: database logging

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* Revert "chore: drop singleton connection limit on sqlite3 backend"

This reverts commit b494a3bd1f.

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* typo

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* rename unique_index -> uniqueIndex

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* drop uniqueIndex on primary key

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* migrate fully to new gorm tag format

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* specify unique index name

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* remove pluginConf duplicate index

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

* disable auto migrate FK

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>

---------

Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
 2025-10-29 22:23:10 +00:00
Jannis Mattheis
9592cc95c9 fix: update go-swagger 2023-09-16 21:06:54 +02:00
eternal-flame-AD
7bf80ee6f1 Add last used to client & application 2023-08-06 12:30:22 +02:00
chrispruitt
72bd8c8ba6 Add default message priority for applications 
Co-authored-by: Jannis Mattheis <contact@jmattheis.de>
 2023-07-19 18:15:01 +00:00
Jannis Mattheis
fcd9b88bb7 Fix required mismatch in update & create user 
This shouldn't break the api.
 2022-09-10 16:47:22 +02:00
Jannis Mattheis
3454dcd602 Use golangci-lint 2020-11-01 10:47:02 +01:00
Jannis Mattheis
81c4a73df3 Add health api 2019-08-16 09:28:57 +02:00
Noa Amran
44f4ff31cb Fix typos 
Closes #197
 2019-06-27 19:04:48 +02:00
饺子w
909fb80d48 limit indexed string field to 180 char (#184) 2019-04-13 23:20:09 +08:00
Jannis Mattheis
e9bbe17fa4 Allow markdown in messages (#180) 2019-03-30 11:08:51 +01:00
饺子w
c89623abd0 use text for string storage in db (#173) 2019-03-21 16:51:14 +08:00
饺子w
ec5b1f8c30 Support reverse proxy with path rewrite (#127) 2019-02-13 18:47:48 +01:00
eternal-flame-AD
e5b24f4c92 Add plugin feature 
Fixed database migration
Added a plugin system based on the go plugin package
 2019-02-09 12:52:01 +01:00
eternal-flame-AD
de09aae987 add extras to message model 2019-02-02 13:06:30 +01:00
Eugene Gavrilov
0ca18b817c [#71] Make title in message not necessary field 2018-11-14 20:05:24 +01:00
Jannis Mattheis
39a3d46607 [#34] Adjust message api to be paged 2018-04-13 18:56:11 +02:00
Jannis Mattheis
b738115b72 Add Image property to model.Application 2018-03-31 18:44:49 +02:00
Jannis Mattheis
0f2e7cf5e2 Use gofmt -s 2018-03-25 19:33:29 +02:00
Jannis Mattheis
6aa10ad917 Add ID to model.Client & model.Application 2018-03-11 17:58:44 +01:00
Jannis Mattheis
db60d2f0e7 Use correct models in user apis 2018-02-28 20:22:25 +01:00
Jannis Mattheis
3a2da09186 Improve documentation 2018-02-28 20:22:25 +01:00
Jannis Mattheis
66a7c3ee47 Remove branch from version info 
When travis builds a tag, no branch is set
 2018-02-24 16:05:00 +01:00
Jannis Mattheis
e458bb1328 Add version api & model 2018-02-21 19:27:31 +01:00
Jannis Mattheis
9d635b15a6 Add json mapping for ID in client & app 2018-02-18 12:56:42 +01:00
Jannis Mattheis
9c47b73b1d Move models and add docu to models 2018-02-18 12:56:42 +01:00
Jannis Mattheis
28584184b1 Formatting 2018-02-11 14:33:59 +01:00
Jannis Mattheis
bbb82bd2b0 Add user api 2018-02-10 23:11:24 +01:00
Jannis Mattheis
ecdd7c51cd Rename model.Message#TokenID to ApplicationID 2018-02-01 18:49:12 +01:00
Jannis Mattheis
9178d2d08b Add message api 2018-02-01 18:49:12 +01:00
Jannis Mattheis
6770e6b654 Enable golint and fix golint-errors like adding documentation 2018-01-28 15:56:28 +01:00
Jannis Mattheis
8a989dc29a Remove token and add app and client token & Adjust tests 2018-01-27 20:31:56 +01:00
Jannis Mattheis
d76ab85396 Add models 2018-01-23 18:03:51 +01:00