diff --git a/backend/scripts/repl b/backend/scripts/repl index 286111b72f..5175da9264 100755 --- a/backend/scripts/repl +++ b/backend/scripts/repl @@ -4,6 +4,12 @@ export PENPOT_HOST=devenv export PENPOT_TENANT=dev export PENPOT_FLAGS="\ $PENPOT_FLAGS \ + enable-registration + enable-login-with-password + enable-login-with-oidc \ + enable-login-with-google \ + enable-login-with-github \ + enable-login-with-gitlab \ enable-backend-asserts \ enable-fdata-storage-pointer-map \ enable-fdata-storage-objets-map \ @@ -46,6 +52,18 @@ export PENPOT_STORAGE_ASSETS_S3_BUCKET=penpot #-J-Djdk.virtualThreadScheduler.parallelism=16 +# export PENPOT_ERROR_REPORT_WEBHOOK=https://chat.kaleidos.net/hooks/r9o4gpyhbpnkuczbpg6xcz8enc + +export PENPOT_GOOGLE_CLIENT_ID=918240256800-jbmmeanksmmd0ocha7jfqrj36d59gfsa.apps.googleusercontent.com +export PENPOT_GOOGLE_CLIENT_SECRET=u-11Tnc2XqpLSOwTLN_9XGlh +export PENPOT_GITLAB_CLIENT_ID=6f63fd91e495349ba206148728c9aca64ae2605e9a95f2a1233b37c4f018b7a0 +export PENPOT_GITLAB_CLIENT_SECRET=c4d195795587187dc351190d8bd97a9c3c0a7cfe7d304af8fc0cde960efe2a7f +export PENPOT_GITHUB_CLIENT_ID=eeba78a4acb5d752e39d +export PENPOT_GITHUB_CLIENT_SECRET=d336f54eb1ceb2328f261ad9a4b449f67dbad38f + +export PENPOT_OIDC_BASE_URI=https://dev-t71ydmki.eu.auth0.com +export PENPOT_OIDC_CLIENT_ID=lsg1unfacZi4Wac9C0RlsdpPnj6bP5wb +export PENPOT_OIDC_CLIENT_SECRET=f_JONt992YoNjUqZIFTyLgCZ2Bc_1r74j2op_XT-KQEVQPJv2ebiH8IPZnViimOd export OPTIONS=" -A:jmx-remote -A:dev \ diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj index 8df0dd0806..4f505243ac 100644 --- a/backend/src/app/auth/oidc.clj +++ b/backend/src/app/auth/oidc.clj @@ -161,8 +161,8 @@ ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; (defn- retrieve-github-email - [cfg tdata info] - (or (some-> info :email) + [cfg tdata props] + (or (some-> props :github/email) (let [params {:uri "https://api.github.com/user/emails" :headers {"Authorization" (dm/str (:type tdata) " " (:token tdata))} :timeout 6000 @@ -244,6 +244,11 @@ ;; HANDLERS ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; +(defn- parse-attr-path + [provider path] + (let [[fitem & items] (str/split path "__")] + (into [(keyword (:name provider) fitem)] (map keyword) items))) + (defn- build-redirect-uri [{:keys [provider] :as cfg}] (let [public (u/uri (cf/get :public-uri))] @@ -303,26 +308,29 @@ (defn- retrieve-user-info [{:keys [provider] :as cfg} tdata] - (letfn [(get-email [info] + (letfn [(get-email [props] ;; Allow providers hook into this for custom email ;; retrieval method. - (if-let [get-email-fn (:get-email-fn provider)] - (get-email-fn tdata info) - (let [attr-kw (cf/get :oidc-email-attr :email)] - (get info attr-kw)))) - (get-name [info] - (let [attr-kw (cf/get :oidc-name-attr :name)] - (get info attr-kw))) + (if-let [get-email-fn (:get-email-fn provider)] + (get-email-fn tdata props) + (let [attr-kw (cf/get :oidc-email-attr "email") + attr-ph (parse-attr-path provider attr-kw)] + (get-in props attr-ph)))) + + (get-name [props] + (let [attr-kw (cf/get :oidc-name-attr "name") + attr-ph (parse-attr-path provider attr-kw)] + (get-in props attr-ph))) (process-response [response] (let [info (-> response :body json/decode) - email (get-email info)] + props (qualify-props provider info) + email (get-email props)] {:backend (:name provider) + :fullname (or (get-name props) email) :email email - :fullname (or (get-name info) email) - :props (->> (dissoc info :name :email) - (qualify-props provider))}))] + :props props}))] (l/trace :hint "request user info" :uri (:user-uri provider) @@ -367,11 +375,6 @@ ::fullname ::props])) -(defn- parse-oidc-role-attrs - [path] - (let [[fitem & items] (str/split path "__")] - (into [(keyword "oidc" fitem)] (map keyword) items))) - (defn get-info [{:keys [provider] :as cfg} {:keys [params] :as request}] (when-let [error (get params :error)] @@ -392,9 +395,10 @@ (seq (:roles provider))) (let [expected-roles (into #{} (:roles provider)) - current-roles (let [roles (->> (cf/get :oidc-roles-attr "roles") - (parse-oidc-role-attrs) - (get-in info))] + current-roles (let [roles-kw (cf/get :oidc-roles-attr "roles") + roles-ph (parse-attr-path provider roles-kw) + props (:props info) + roles (get-in (:props info) roles-ph)] (cond (string? roles) (into #{} (str/words roles)) (vector? roles) (into #{} roles) diff --git a/backend/src/app/config.clj b/backend/src/app/config.clj index 8314ae1e52..00065e8112 100644 --- a/backend/src/app/config.clj +++ b/backend/src/app/config.clj @@ -154,8 +154,8 @@ (s/def ::oidc-scopes ::us/set-of-strings) (s/def ::oidc-roles ::us/set-of-strings) (s/def ::oidc-roles-attr ::us/string) -(s/def ::oidc-email-attr ::us/keyword) -(s/def ::oidc-name-attr ::us/keyword) +(s/def ::oidc-email-attr ::us/string) +(s/def ::oidc-name-attr ::us/string) (s/def ::host ::us/string) (s/def ::http-server-port ::us/integer) (s/def ::http-server-host ::us/string) diff --git a/backend/src/app/loggers/audit.clj b/backend/src/app/loggers/audit.clj index 5846cc1513..d37ba46016 100644 --- a/backend/src/app/loggers/audit.clj +++ b/backend/src/app/loggers/audit.clj @@ -233,9 +233,8 @@ (defn submit! "Submit audit event to the collector." - [{:keys [::wrk/executor] :as cfg} params] + [cfg params] (let [conn (or (::db/conn cfg) (::db/pool cfg))] - (us/assert! ::wrk/executor executor) (us/assert! ::db/pool-or-conn conn) (try (handle-event! conn (d/without-nils params)) diff --git a/frontend/gulpfile.js b/frontend/gulpfile.js index 1326239c35..d918596731 100644 --- a/frontend/gulpfile.js +++ b/frontend/gulpfile.js @@ -49,9 +49,12 @@ function readLocales() { const langs = ["ar", "ca", "de", "el", "en", "eu", "it", "es", "fa", "fr", "he", "nb_NO", "pl", "pt_BR", "ro", "id", "ru", "tr", "zh_CN", "zh_Hant", "hr", "gl", "pt_PT", + "cs", "fo", "ko", "lv", // this happens when file does not matches correct // iso code for the language. - ["ja_jp", "jpn_JP"] + ["ja_jp", "jpn_JP"], + // ["fi", "fin_FI"], + ["uk", "ukr_UA"] ]; const result = {}; diff --git a/frontend/src/app/util/i18n.cljs b/frontend/src/app/util/i18n.cljs index 47e9eb88b3..a1f053c73c 100644 --- a/frontend/src/app/util/i18n.cljs +++ b/frontend/src/app/util/i18n.cljs @@ -39,6 +39,11 @@ {:label "Türkçe (community)" :value "tr"} {:label "Ελληνική γλώσσα (community)" :value "el"} {:label "Русский (community)" :value "ru"} + {:label "Украї́нська мо́ва (community)" :value "uk"} + {:label "Český jazyk (community)" :value "cs"} + {:label "Latviešu valoda (community)" :value "lv"} + {:label "Føroyskt mál (community)" :value "fo"} + {:label "Korean (community)" :value "ko"} {:label "עִבְרִית (community)" :value "he"} {:label "عربي/عربى (community)" :value "ar"} {:label "فارسی (community)" :value "fa"} diff --git a/frontend/translations/fi.po b/frontend/translations/fi.po deleted file mode 100644 index b1fc23594e..0000000000 --- a/frontend/translations/fi.po +++ /dev/null @@ -1,6 +0,0 @@ -msgid "" -msgstr "" -"X-Generator: Weblate\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=utf-8\n" -"Content-Transfer-Encoding: 8bit\n" \ No newline at end of file