Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-23 15:19:44 +02:00
Code Issues Releases Activity
562 commits 2 branches 41 tags 48 MiB
Commit graph

75 commits

Author SHA1 Message Date
Maksim Eltyshev
c065566c15 feat: Webhooks configuration, all events support, refactoring 2024-06-12 00:51:36 +02:00
HannesOberreiter
3779bdb053
feat: Events via webhook (#771) 
Closes #215, closes #656
 2024-06-06 20:22:14 +02:00
Samuel
934dcdf39b
feat: Sort cards within list (#717) 
Closes #390
 2024-04-22 21:56:07 +02:00
Maksim Eltyshev
4e2863faa7 feat: Automatic logout when session expires
Some checks are pending
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm/v7) (push) Waiting to run
Details
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm64) (push) Waiting to run
Details
Build and push Docker DEV image / build ([self-hosted x64], linux/amd64) (push) Waiting to run
Details
Build and push Docker DEV image / merge (push) Blocked by required conditions
Details
Build and push Docker DEV image / rerun-failed-jobs (push) Blocked by required conditions
Details 
Closes #693
 2024-04-09 15:12:46 +02:00
Maksim Eltyshev
b46fb43e6f chore: Cleanup
Some checks failed
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm/v7) (push) Has been cancelled
Details
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm64) (push) Has been cancelled
Details
Build and push Docker DEV image / build ([self-hosted x64], linux/amd64) (push) Has been cancelled
Details
Build and push Docker DEV image / rerun-failed-jobs (push) Has been cancelled
Details
Build and push Docker DEV image / merge (push) Has been cancelled
Details
2024-04-08 01:47:24 +02:00
Matthieu Bollot
2990ea593a feat: Slack bot notifications (#676) 2024-04-08 01:27:10 +02:00
Matthieu Bollot
b5bbf6a6a4 feat: Add ability to duplicate card (#668) 2024-04-08 01:24:50 +02:00
Edouard
bcd3ea86e8 feat: SMTP integration and email notifications (#631) 2024-04-08 01:24:50 +02:00
Maksim Eltyshev
988e70ec40 fix: Fix nullable boolean inputs 2024-04-08 01:24:50 +02:00
Maksim Eltyshev
6c65d135f7 feat: Add ability to enforce SSO 
Closes #543, closes #545
 2024-04-08 01:24:10 +02:00
Maksim Eltyshev
0d39a7567f feat: Add ability to map OIDC attributes and ignore username 
Closes #554
 2024-04-08 01:18:26 +02:00
Brad Bahls
86d21d6abd
updated to use currentUser.name for messages 2023-12-28 09:03:41 -07:00
GlitchWitch
3fedc14062
Rename custom.js -> slack.js 2023-12-23 10:52:15 -06:00
Brad Bahls
1043dacd67
added new custom service with slack integration helper functions; added axios package; added notifications for card create, delete, and update (move); added notifications for comment create 2023-12-23 08:52:07 -07:00
Maksim Eltyshev
6dc9e4ed99 fix: Disable role change when OIDC roles are not ignored 2023-10-25 23:39:34 +02:00
Maksim Eltyshev
40c04c35ff ref: Refactoring 2023-10-19 16:05:34 +02:00
Lorenz Brun
743f2956c8
feat: Improve OIDC SSO (#524) 
The OIDC implementation merged in https://github.com/plankanban/planka/pull/491 is flawed for multiple reasons.

It assumes that the access_token returned by the IDP has to be a JWT parseable by the RP which is not the case [1].
Many major IDPs do issue tokens which are not JWTs and RPs should not rely on the contents of these at all.
The only signed token which has a standardized format for direct RP consumption is the OIDC ID token (id_token), but this by default doesn't contain many claims, especially role claims are omitted from them by default for size reasons. To get these additional claims into the ID token, one needs an IDP with support for the "claims" parameter.

It requires manual specification of the JWKS URL which is mandatory in any OIDC discovery document and thus never needs to be manually specified.

It also makes the questionable decision to use a client-side code flow with PKCE where a normal code flow would be much more appropriate as all user data is processed in the backend which can securely hold a client secret (confidential client). This has far wider IDP support, is safer (due to direct involvement of the IDP in obtaining user information) and doesn't require working with ID tokens and claim parameters.

By using a server-side code flow we can also offload most complexity to the server alone, no longer requiring an additional OIDC library on the web client.

Also silent logout doesn't work on most IDPs for security reasons, one needs to actually redirect the user over to the IDP, which then prompts them once more if they actually want to log out.

This implementation should work with any OIDC-compliant IDP and even OAuth 2.0-only IDPs as long as they serve and OIDC discovery document.

[1] rfc-editor.org/rfc/rfc6749#section-5.1
 2023-10-19 17:39:21 +05:00
Maksim Eltyshev
6662b0a717 fix: Fix order of checks when logging in 2023-10-18 23:07:57 +02:00
Maksim Eltyshev
8e0c60f5be fix: OIDC finalization and refactoring 2023-10-17 19:18:19 +02:00
Maksim Eltyshev
91bc889fed feat: Use environment variables for default admin configuration 2023-09-12 01:12:38 +02:00
gorrilla10101
107cb85ba2
feat: OIDC with PKCE flow (#491) 2023-09-04 20:06:59 +05:00
Maksim Eltyshev
d386c82973 fix: Fix saving milliseconds for timestamps 2023-06-12 23:54:57 +02:00
Maksim Eltyshev
d0a2734161 fix: Rename timer to stopwatch 
Closes #392
 2023-02-27 19:09:51 +01:00
Maksim Eltyshev
aa69bb8d1e feat: Labels reordering 
Closes #289
 2023-01-09 12:17:06 +01:00
Maksim Eltyshev
6021d67a00 fix: Subscribe only when needed 2023-01-05 15:03:06 +01:00
Maksim Eltyshev
6ffa817b53 ref: Remove board types, refactoring 2022-12-26 21:10:50 +01:00
Maksim Eltyshev
0a5210dd21 feat: Preserve original format of images, change interpolation kernel 
Closes #349
 2022-12-24 00:47:59 +01:00
Christoph Enne
738ed19e7f
feat: Trello board JSON import (#352) 
Closes #27, closes #105
 2022-12-17 03:48:06 +05:00
Maksim Eltyshev
172f4fcf34 fix: Fix missing board memberships loading 2022-10-03 13:04:52 +02:00
Maksim Eltyshev
8109936ce2 feat: Invalidate access token on logout 2022-09-07 18:39:33 +05:00
Maksim Eltyshev
3df07c10fa fix: Use password strength estimator 
Closes #294
 2022-09-03 22:47:06 +05:00
Maksim Eltyshev
5c91bddfe7 feat: Stronger password policy 2022-08-26 18:59:44 +02:00
Maksim Eltyshev
cece2254d7 fix: Change mechanics of file uploading 2022-08-26 02:45:27 +02:00
Steven Correia
6429e22d59
feat: Modify logger to log to file that supports fail2ban (#284) 2022-08-23 03:42:56 +05:00
Maksim Eltyshev
51fa7df69c feat: Permissions for board members 
Closes #262
 2022-08-19 14:00:40 +02:00
Maksim Eltyshev
eea94e0ee2 ref: Little change for consistency 2022-08-09 22:31:43 +02:00
SimonTagne
7786533a90
feat: Improve security of access tokens (#279) 
Closes #275
 2022-08-09 21:03:21 +05:00
Maksim Eltyshev
ac1df5201d fix: Fix path traversal vulnerability 2022-08-04 00:37:30 +02:00
Maksim Eltyshev
34db8947b6 feat: Toggle actions details, little redesign 2022-07-29 17:40:18 +02:00
Maksim Eltyshev
a148a3aae5 feat: Add language selector 
Closes #212
 2022-07-26 12:26:42 +02:00
Maksim Eltyshev
ad67b9ba24 feat: Add tasks reordering 
Closes #50, closes #232
 2022-07-21 11:31:05 +02:00
Maksim Eltyshev
3b3bff1b6b fix: Allow to use endpoints via http 2022-06-24 11:59:04 +02:00
Maksim Eltyshev
6268ced4cb ref: Collapse image data into one column 2022-06-21 12:01:41 +02:00
Maksim Eltyshev
b0b6587eee fix: Fix attachment headers 
Closes #231
 2022-04-29 17:21:39 +05:00
Maksim Eltyshev
445b0fc682 fix: Change way to fix application crash when deleting project 2022-04-28 14:15:36 +05:00
Maksim Eltyshev
36e4bef21b feat: Remove attachments from public access 
Closes #219
 2022-04-26 22:20:20 +05:00
SimonTagne
31d314736a
Fix updates of username and email 2021-10-21 01:25:04 +05:00
Maksim Eltyshev
1a5c0f53f8 Fix board deletion, update dependencies. Closes #146 2021-08-02 17:23:56 +05:00
Maksim Eltyshev
b39119ace4 Project managers, board members, auto-update after reconnection, refactoring 2021-06-24 01:05:22 +05:00
Maksim Eltyshev
0fb60eb886 Allow dots in username. Closes #116 2021-04-13 18:59:02 +05:00