meili-ng / meiling.js Goto Github PK
View Code? Open in Web Editor NEWmeiliNG: Easy Identity/Login Infrastructure, Next Generation. Supports oAuth2 and OpenID Connect specifications
Home Page: https://meili.ng
License: MIT License
meiliNG: Easy Identity/Login Infrastructure, Next Generation. Supports oAuth2 and OpenID Connect specifications
Home Page: https://meili.ng
License: MIT License
Create Automated Tests for Testing meiliNG/oAuth2 Endpoints.
https://swagger.io/docs/specification/authentication/openid-connect-discovery/
https://[base-server-url]/.well-known/openid-configuration
https://[base-server-url]/.well-known/oauth-authorization-server
[https://github.com/fastify/fastify-swagger]
Currently, Testing Full functionality of Meiling Gatekeeper requires a proper frontend:
Which is available as following:
But testing requires proper frontend at the moment.
Therefore, We can host Stella IT's proprietary frontend (with removed some proprietary stuff that only works on Stella IT's internal fork. e.g. Stella IT Korean ID Verification System, E2E Session Exchange) on fe.staging.meili.ng
for everyone to test it out.
Essential scopes such as openid
, profile
, email
doesn't setup since table Permission
is empty on clean installation.
Please refer OpenID Connect Spec for details.
Currently CORS Policy for /v1/meiling/* is enforced on /v1/oauth/*.
This seems to be a relatively easy fix.
CORS policy for /v1/oauth/* should be wildcard.
Since JavaScript Applications can access it.
Currently it is implemented by @kdhkr, but due to lack of API Docs, This seems to be a hard task.
This issue is for tracking any issues arise from implementing opensource frontend of meiliNG
If the client doesn't have registered client_secret, It will be considered as public application.
Public applications can NOT have proper client_secret, therefore PKCE as defined on #1 should be implemented beforehand.
Requested by @o0000ol
/auth and /token endpoints should implement PKCE (Proof Key for Code Exchange)
https://developers.google.com/identity/sign-in/web/backend-auth#calling-the-tokeninfo-endpoint
Since there are several services that utilizes SAML 2.0 (e.g. Notion.so).
how about consider supporting one?
Reference:
https://openapi.kftc.or.kr/main
Since meiling is using Prisma 3.7.0
. We can now utilize Database-side implementation of JSON filtering. Which significantly improves performance than current approach (getting all, run Array.prototype.filter()
on meiling)
Requested by @Baw-Appie
meiling should able to define user data to collect (ex. firstname = optional).
This should be implemented in config.json
User should able to reset password since a lot of user forgot their password, and very frequently.
Escalated from Stella IT Community Discord.
Reported by @RutsuKun
A publicly available test account is required for client unit testing.
This is an example that requires a publicly available test account.
@zeroday0619/httpx-oauth/commit/c1a27f281e1d906cd50d16de0e88bd568eff4f1c
yarn start
The /v1/oauth/token
endpoint should return JWT based id_token when it was requested with openid
permission.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.