mirror of
https://github.com/RayLabsHQ/gitea-mirror.git
synced 2026-07-05 17:31:55 +02:00
66e3284898
Resolves #306. SSO sign-in via OIDC (Authentik / Keycloak / etc.) now links the SSO identity to an existing email/password admin instead of bouncing to /login with `?error=UNKNOWN`. Account-linking is gated on the operator-supplied **Domain** field — cross-domain claims from a compromised IdP are refused. Also bundles the deprecated `oidcProvider` → `@better-auth/oauth-provider` migration. **Operators using the OAuth-provider feature must rotate registered client secrets after upgrade** (legacy plaintext → hashed storage; see the 0012 migration notes). Verified end-to-end on the pr-307 image against a real Authentik instance: SSO login lands on the dashboard, `accounts` table gets both `credential` and `authentik` rows for the same user. See PR description for full details.
104 lines
2.0 KiB
JSON
104 lines
2.0 KiB
JSON
{
|
|
"version": "7",
|
|
"dialect": "sqlite",
|
|
"entries": [
|
|
{
|
|
"idx": 0,
|
|
"version": "6",
|
|
"when": 1752171873627,
|
|
"tag": "0000_init",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 1,
|
|
"version": "6",
|
|
"when": 1752173351102,
|
|
"tag": "0001_polite_exodus",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 2,
|
|
"version": "6",
|
|
"when": 1753539600567,
|
|
"tag": "0002_bored_captain_cross",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 3,
|
|
"version": "6",
|
|
"when": 1757390828679,
|
|
"tag": "0003_open_spacker_dave",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 4,
|
|
"version": "6",
|
|
"when": 1757392620734,
|
|
"tag": "0004_grey_butterfly",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 5,
|
|
"version": "6",
|
|
"when": 1757786449446,
|
|
"tag": "0005_polite_preak",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 6,
|
|
"version": "6",
|
|
"when": 1761483928546,
|
|
"tag": "0006_military_la_nuit",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 7,
|
|
"version": "6",
|
|
"when": 1761534391115,
|
|
"tag": "0007_whole_hellion",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 8,
|
|
"version": "6",
|
|
"when": 1761802056073,
|
|
"tag": "0008_serious_thena",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 9,
|
|
"version": "6",
|
|
"when": 1773542995732,
|
|
"tag": "0009_nervous_tyger_tiger",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 10,
|
|
"version": "6",
|
|
"when": 1774054800000,
|
|
"tag": "0010_mirrored_location_index",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 11,
|
|
"version": "6",
|
|
"when": 1774058400000,
|
|
"tag": "0011_notification_config",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 12,
|
|
"version": "6",
|
|
"when": 1774062000000,
|
|
"tag": "0012_oauth_provider_migration",
|
|
"breakpoints": true
|
|
},
|
|
{
|
|
"idx": 13,
|
|
"version": "6",
|
|
"when": 1780377747526,
|
|
"tag": "0013_slim_galactus",
|
|
"breakpoints": true
|
|
}
|
|
]
|
|
} |