discourse/lib
Matt Marjanović ad2aa7b52c
FEATURE: Add logout functionality to SSO Provider protocol (#8816)
This commit adds support for an optional "logout" parameter in the
payload of the /session/sso_provider endpoint.  If an SSO Consumer
adds a "logout=true" parameter to the encoded/signed "sso" payload,
then Discourse will treat the request as a logout request instead
of an authentication request.  The logout flow works something like
this:

 * User requests logout at SSO-Consumer site (e.g., clicks "Log me out!"
   on web browser).
 * SSO-Consumer site does whatever it does to destroy User's session on
   the SSO-Consumer site.
 * SSO-Consumer then redirects browser to the Discourse sso_provider
   endpoint, with a signed request bearing "logout=true" in addition
   to the usual nonce and the "return_sso_url".
 * Discourse destroys User's discourse session and redirects browser back
   to the "return_sso_url".
 * SSO-Consumer site does whatever it does --- notably, it cannot request
   SSO credentials from Discourse without the User being prompted to login
   again.
2020-02-03 12:53:14 -05:00
..
active_record/connection_adapters FIX: Race-condition in fallback handlers (#8005) 2019-08-21 15:47:44 +02:00
auth FEATURE: Hash API keys in the database (#8438) 2019-12-12 11:45:00 +00:00
autospec DEV: Remove use of cd in the app (#8337) 2019-11-13 09:57:39 +00:00
backup_restore FIX: Failed to notify user after restoring backup 2020-01-25 22:07:41 +01:00
common_passwords DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
compression FIX: Decompressing lots of small files triggered error 2020-01-09 15:11:31 +01:00
content_security_policy DEV: For now, re-enable unsafe-eval in development mode 2020-01-24 13:18:51 -05:00
demon DEV: Sidekiq::Logging is gone use Sidekiq.logger instead 2019-12-10 15:09:51 +11:00
email Remove bounce_score_threshold_deactivate setting. 2020-01-30 16:17:31 +05:30
emoji DEV: supports unicorn emoji 13.0beta (#8402) 2019-11-25 10:23:18 +01:00
es6_module_transpiler REFACTOR: Deprecate Discourse.Site and Discourse.User 2019-11-12 10:53:22 -05:00
file_store DEV: Ignore ls errors when clearing FileStore cache (#8780) 2020-01-27 02:59:54 +01:00
freedom_patches DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
generators REFACTOR: Remove Ember.Controller in favor of import 2019-10-23 13:06:54 -04:00
guardian FIX: Disallow featuring hidden topics (#8814) 2020-01-30 10:00:49 -06:00
highlight_js DEV: already defined constant 'HIGHLIGHTJS_DIR' 2019-01-21 10:12:23 +01:00
i18n DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
import DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export FIX: Import sub-sub-categories (#8810) 2020-01-30 18:46:33 +02:00
javascripts FEATURE: Add Belarusian language 2019-07-04 11:37:37 +02:00
middleware FIX: avoid superflous logging when mime type is bad 2020-01-02 12:34:38 +11:00
migration REFACTOR: Restoring of backups and migration of uploads to S3 2020-01-14 11:41:35 +01:00
onebox DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
plugin DEV: Add zendesk plugin to official plugins list (#8779) 2020-01-24 12:53:21 +00:00
pretty_text FIX: Resolve pull hotlinked image and broken link issues for secure media URLs (#8777) 2020-01-24 11:59:30 +10:00
rate_limiter DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
reviewable Improve spam_hosts copy (#8203) 2019-10-18 09:31:15 -07:00
scheduler FEATURE: log long running jobs in the defer queue 2018-10-12 17:03:47 +11:00
search FIX: skip invalid URLs when checking for audio/video in search blurbs 2019-11-06 10:32:15 -05:00
seed_data FIX: Consistently handle category param 2019-05-27 16:39:56 +08:00
sidekiq DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
site_settings FIX: Skip validation on enforcing second factor change if the value is "no" 2019-12-06 16:42:15 -08:00
stylesheet DEV: watch for changes to plugin mobile/desktop SCSS 2020-01-08 13:25:36 -05:00
svg_sprite FEATURE: Use Contact Picker API for invites 2020-01-27 11:07:28 -03:00
tasks FIX: uploads:s3_migration_status rake task was broken 2020-01-28 22:10:25 +01:00
theme_store FIX: Allow importing themes with subdirectories in extra_js 2019-11-13 23:45:09 +00:00
turbo_tests FIX: Migration paths were being forgotten 2019-12-16 14:13:47 -05:00
validators UX: Introduce automatic 'categories topics' setting (#8804) 2020-01-29 20:30:48 +02:00
webauthn SECURITY: 2FA with U2F / TOTP 2020-01-15 11:27:12 +01:00
wizard FIX: When running the wizard and using a custom theme, fallback to the color_scheme name if the base_scheme_id is nil (#8236) 2019-10-25 09:29:51 -03:00
admin_confirmation.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
admin_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
admin_user_index_query.rb FEATURE: improve suspect user discovery 2019-12-02 16:39:28 +05:30
age_words.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
archetype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
auth.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
avatar_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
backup_restore.rb REFACTOR: Restoring of backups and migration of uploads to S3 2020-01-14 11:41:35 +01:00
badge_posts_view_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
badge_queries.rb FIX: apply like based badge based off grant date 2020-01-28 12:17:55 +11:00
base62.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
browser_detection.rb FIX: Detect DiscourseHub user agent. 2019-08-09 11:58:15 +03:00
cache.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
canonical_url.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
category_badge.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
comment_migration.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
composer_messages_finder.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00
configurable_urls.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_buffer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
content_security_policy.rb DEV: Remove unsafe-eval from development CSP (#8569) 2019-12-30 12:17:12 +00:00
cooked_post_processor.rb FIX: blank cooked markdown could raise an exception in logs 2020-01-29 11:37:25 +11:00
crawler_detection.rb FIX: use crawler layout when saving url in Wayback Machine (#7667) 2019-06-03 12:13:32 +10:00
csrf_token_verifier.rb DEV: Provide method for auth plugins to generate a CSRF token 2019-08-13 01:13:08 +01:00
current_user.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_renderer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
custom_setting_providers.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
db_helper.rb FIX: Clear banner topic cache after remapping 2019-08-15 11:24:20 +01:00
directory_helper.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_cookie_store.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_diff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
discourse_event.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_hub.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse_iife.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_ip_info.rb FIX: MaxMind DB file not downloading correctly 2020-01-05 22:08:13 +11:00
discourse_logstash_logger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
discourse_plugin_registry.rb FIX: properly load desktop and mobile only plugin css assets. 2019-08-22 08:39:10 +05:30
discourse_plugin.rb DEV: debundle plugin css assets and don't load if disabled (#7646) 2019-08-20 22:09:52 +05:30
discourse_redis.rb Revert "FIX: Redis fallback handler refactoring (#8771)" (#8776) 2020-01-24 09:20:17 +11:00
discourse_tagging.rb FIX: prevents crash in discourse_tagging with empty term (#8548) 2019-12-17 10:55:06 +01:00
discourse_updates.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
discourse.rb FIX: Use CDN for the discourse-internet-explorer 2020-01-10 15:06:55 -05:00
disk_space.rb FIX: parallel spec system needs a dedicated upload folder for each worker. (#8547) 2019-12-18 11:21:57 +05:30
distributed_cache.rb REFACTOR: distributed_cache is moved to the message_bus gem 2018-10-15 15:01:45 -04:00
distributed_memoizer.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
distributed_mutex.rb FIX: Off-by-one error setting the distributed mutex key to expire 2020-02-03 14:54:50 +00:00
edit_rate_limiter.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
email_backup_token.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
email_cook.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email_updater.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
email.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
encodings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum_site_setting.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
enum.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
excerpt_parser.rb FIX: Do not error in excerpts when aside tag has no class attribute 2020-01-20 16:09:23 -05:00
feed_element_installer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
feed_item_accessor.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
file_helper.rb FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
filter_best_posts.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
final_destination.rb FIX: Replace deprecated URI.encode, URI.escape, URI.unescape and URI.unencode (#8528) 2019-12-12 12:49:21 +10:00
flag_query.rb DEV: Remove FlagQuery class and old code (#8064) 2019-09-12 13:21:33 -03:00
flag_settings.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
gaps.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
global_path.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
guardian.rb FIX: group membership leak 2020-01-15 11:21:58 +01:00
has_errors.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
headless-ember.js
hijack.rb Take 2 of 0f5161af19. 2019-04-29 16:41:35 +08:00
homepage_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
html_prettify.rb Revert "FEATURE: Use configured quotation marks in fancy topic title" 2019-07-18 11:55:49 +02:00
html_to_markdown.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
image_sizer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
import_export.rb DEV: clean up dependencies in spec 2019-10-02 14:50:54 +10:00
inline_oneboxer.rb DEV: use Discourse.cache over Rails.cache 2019-11-27 12:36:19 +11:00
introduction_updater.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
ip_addr.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
js_locale_helper.rb FEATURE: Load translation overrides without JS eval 2019-11-05 19:16:38 +01:00
json_error.rb FIX: Fix build. 2019-05-22 17:39:44 +03:00
letter_avatar.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
markdown_linker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mem_info.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
message_bus_diags.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
method_profiler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
mini_sql_multisite_connection.rb DEV: remove deprecated syntax 2019-11-11 09:36:40 +11:00
mobile_detection.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
new_post_manager.rb enqueue spam/dmarc failing emails instead of hiding (#8674) 2020-01-21 11:12:00 -05:00
new_post_result.rb Support for custom messages and redirects when creating posts (#8434) 2019-11-29 09:30:54 -05:00
notification_levels.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
oneboxer.rb FIX: blank cooked markdown could raise an exception in logs 2020-01-29 11:37:25 +11:00
onpdiff.rb FIX: Show a correct diff when editing consecutive paragraphs (#8177) 2019-10-11 03:50:37 -04:00
pbkdf2.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
permalink_constraint.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
pinned_check.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plain_text_to_markdown.rb FIX: use URI.regexp to find URLs in plain text 2019-06-07 01:26:06 +02:00
plugin_gem.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
plugin_initialization_guard.rb DEV: Add a plugin incompatibility message (#8151) 2019-10-06 20:47:33 +02:00
post_action_creator.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_destroyer.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
post_action_result.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_creator.rb Revert "FIX: Create post notices only for public posts (#8708)" 2020-01-30 14:26:08 +02:00
post_destroyer.rb Merge pull request #8736 from gschlager/rename_reply_id_column 2020-01-17 17:24:49 +01:00
post_jobs_enqueuer.rb FEATURE: Publish read state on group messages. (Originally introduced in #7989) (#8025) 2019-08-27 09:09:00 -03:00
post_locker.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_merger.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
post_revisor.rb FIX: Post reviser picking up edits for hidden posts (#8792) 2020-01-27 10:05:48 -06:00
pretty_text.rb FIX: Stop secure media URLs being censored too liberally in emails (#8817) 2020-01-30 16:19:14 +10:00
primary_group_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
promotion.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
quote_comparer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rake_helpers.rb FEATURE: Add support for secure media (#7888) 2019-11-18 11:25:42 +10:00
rate_limiter.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
read_only_header.rb DEV: rename ReadOnly module to ReadOnlyHeader 2019-05-06 16:07:49 +02:00
retrieve_title.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
route_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
rtl.rb Check site default locale if Rtl class is initialized without a user (#8417) 2019-11-26 15:01:37 -05:00
s3_helper.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
s3_inventory.rb FIX: Use updated_at in the S3 inventory job (#8823) 2020-01-31 11:02:44 +01:00
score_calculator.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
screening_model.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
search.rb UX: Admins should only see their own PMs when searching in:all 2020-01-28 11:26:42 +00:00
secure_session.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
single_sign_on_provider.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
single_sign_on.rb FEATURE: Add logout functionality to SSO Provider protocol (#8816) 2020-02-03 12:53:14 -05:00
site_icon_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
site_setting_extension.rb DEV: use Discourse.cache over Rails.cache 2019-11-27 12:36:19 +11:00
slug.rb FIX: If a prettified slug is a number, return defaultt (#8554) 2019-12-17 10:34:20 +10:00
socket_server.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
source_url.rb DEV: For now, re-enable unsafe-eval in development mode 2020-01-24 13:18:51 -05:00
spam_handler.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
sql_builder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
staff_constraint.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
staff_message_format.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
suggested_topics_builder.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
system_message.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
text_cleaner.rb FEATURE: English locale with international date formats 2019-05-20 13:47:20 +02:00
text_sentinel.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_javascript_compiler.rb FIX: Allow theme translations to be accessed in initializers (#8285) 2019-11-05 11:54:12 +00:00
theme_settings_manager.rb FEATURE: Load theme setting descriptions from theme locale files 2019-05-31 14:49:59 +01:00
theme_settings_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_manager.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
theme_translation_parser.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
timeline_lookup.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_creator.rb Get rid of no longer needed target_usernames warning log 2020-01-30 12:30:11 +10:00
topic_list_responder.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_publisher.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_query_params.rb FEATURE: Embed topics list on remote sites via Javascript API. (#8008) 2019-08-15 13:41:06 -04:00
topic_query_sql.rb DEV: Rails 5.2 upgrade and global gem upgrade 2018-06-07 14:21:33 +10:00
topic_query.rb FIX: Make topic query include topics from sub-sub-categories (#8709) 2020-01-20 17:06:58 +02:00
topic_retriever.rb DEV: s/\$redis/Discourse\.redis (#8431) 2019-12-03 10:05:53 +01:00
topic_subtype.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
topic_upload_security_manager.rb FEATURE: Update upload security status on post move, topic conversion, category change (#8731) 2020-01-23 12:01:10 +10:00
topic_view.rb UX: Do not use avatars as fallback opengraph images for replies (#8605) 2019-12-20 13:17:14 +00:00
topics_bulk_action.rb FIX: Unread topics not clearing when whisper is last post (#8271) 2019-11-01 09:19:43 +10:00
trust_level.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
turbo_tests.rb FIX: Made turbo_rspec display errors in shared groups correctly 2019-08-29 12:41:14 +01:00
twitter_api.rb Fix DiscourseCops/NoURIEscapeEncode errors and re-enable 2019-12-12 14:54:26 +10:00
unread.rb DEV: Apply Rubocop redundant return style 2019-11-14 15:10:51 -05:00
upload_creator.rb FEATURE: Secure media allowing duplicated uploads with category-level privacy and post-based access rules (#8664) 2020-01-16 13:50:27 +10:00
upload_fixer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
upload_markdown.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
upload_recovery.rb FEATURE: allow UploadRecovery to be run on a single post (#8094) 2019-10-02 14:57:36 +10:00
upload_security.rb FEATURE: Update upload security status on post move, topic conversion, category change (#8731) 2020-01-23 12:01:10 +10:00
url_helper.rb Minor change to case-insensitive regex for s3_presigned_url? 2020-02-03 14:22:35 +10:00
user_name_suggester.rb DEV: correct a few Ruby 2.7 deprecations 2019-11-28 13:13:29 +11:00
version.rb Version bump to v2.4.0.beta10 2020-01-21 17:05:30 -05:00
webauthn.rb SECURITY: Improve second factor auth logic 2020-01-10 10:45:56 +10:00
wizard.rb DEV: pluck_first 2019-10-21 12:08:20 +01:00