release: 0.21.1

feat(oauth): add oidc username claim (#357 )
* feat(oauth): add oidc username claim * style: remove undefined
2023-12-20 12:33:36 +01:00 · 2023-12-20 12:32:42 +01:00 · 2023-12-15 07:27:01 +01:00 · 2023-12-13 08:41:42 +01:00 · 2023-12-01 11:03:03 +01:00
16 changed files with 579 additions and 406 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## [0.21.1](https://github.com/stonith404/pingvin-share/compare/v0.21.0...v0.21.1) (2023-12-20)
+
+
+### Features
+
+* **oauth:** add oidc username claim ([#357](https://github.com/stonith404/pingvin-share/issues/357)) ([3ea52a2](https://github.com/stonith404/pingvin-share/commit/3ea52a24ef7c3b6845bc13382616ea0c8d784585))
+
 ## [0.21.0](https://github.com/stonith404/pingvin-share/compare/v0.20.3...v0.21.0) (2023-12-01)


--- a/backend/package-lock.json
+++ b/backend/package-lock.json
@@ -1,12 +1,12 @@
 {
  "name": "pingvin-share-backend",
-  "version": "0.21.0",
+  "version": "0.21.1",
  "lockfileVersion": 2,
  "requires": true,
  "packages": {
    "": {
      "name": "pingvin-share-backend",
-      "version": "0.21.0",
+      "version": "0.21.1",
      "dependencies": {
        "@nestjs/cache-manager": "^2.1.0",
        "@nestjs/common": "^10.1.2",
@@ -1308,24 +1308,15 @@
      }
    },
    "node_modules/@types/clamscan": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/@types/clamscan/-/clamscan-2.0.4.tgz",
-      "integrity": "sha512-NpD+EmE+ZK5WRJOAmeDuSYJIv15BUnc4PxQA+m3QNkutaPBZ7bmLDTvqBu2iDchs7YKQjiEQEwEMvsdwtdtImA==",
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/@types/clamscan/-/clamscan-2.0.7.tgz",
+      "integrity": "sha512-YopQF+D1pqbvMbvqTQx2MdxEqFbQAiPJKtjj/KnK9xxgmYkdt3dInkj/k6a+bztT4TexQ+tCUi/5D3LqDZIdhg==",
      "dev": true,
      "dependencies": {
        "@types/node": "*",
        "axios": "^0.24.0"
      }
    },
-    "node_modules/@types/clamscan/node_modules/axios": {
-      "version": "0.24.0",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.24.0.tgz",
-      "integrity": "sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA==",
-      "dev": true,
-      "dependencies": {
-        "follow-redirects": "^1.14.4"
-      }
-    },
    "node_modules/@types/connect": {
      "version": "3.4.35",
      "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.35.tgz",
@@ -2277,13 +2268,12 @@
      "dev": true
    },
    "node_modules/axios": {
-      "version": "0.27.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz",
-      "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==",
+      "version": "0.24.0",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-0.24.0.tgz",
+      "integrity": "sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA==",
      "dev": true,
      "dependencies": {
-        "follow-redirects": "^1.14.9",
-        "form-data": "^4.0.0"
+        "follow-redirects": "^1.14.4"
      }
    },
    "node_modules/b4a": {
@@ -5069,15 +5059,15 @@
      }
    },
    "node_modules/joi": {
-      "version": "17.7.0",
-      "resolved": "https://registry.npmjs.org/joi/-/joi-17.7.0.tgz",
-      "integrity": "sha512-1/ugc8djfn93rTE3WRKdCzGGt/EtiYKxITMO4Wiv6q5JL1gl9ePt4kBsl1S499nbosspfctIQTpYIhSmHA3WAg==",
+      "version": "17.11.0",
+      "resolved": "https://registry.npmjs.org/joi/-/joi-17.11.0.tgz",
+      "integrity": "sha512-NgB+lZLNoqISVy1rZocE9PZI36bL/77ie924Ri43yEvi9GUUMPeyVIr8KdFTMUlby1p0PBYMk9spIxEUQYqrJQ==",
      "dev": true,
      "dependencies": {
        "@hapi/hoek": "^9.0.0",
        "@hapi/topo": "^5.0.0",
        "@sideway/address": "^4.1.3",
-        "@sideway/formula": "^3.0.0",
+        "@sideway/formula": "^3.0.1",
        "@sideway/pinpoint": "^2.0.0"
      }
    },
@@ -5556,9 +5546,9 @@
      }
    },
    "node_modules/minimist": {
-      "version": "1.2.7",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
-      "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g==",
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
+      "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA==",
      "funding": {
        "url": "https://github.com/sponsors/ljharb"
      }
@@ -6649,6 +6639,12 @@
        "node": ">= 0.10"
      }
    },
+    "node_modules/proxy-from-env": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
+      "dev": true
+    },
    "node_modules/psl": {
      "version": "1.9.0",
      "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz",
@@ -7262,9 +7258,9 @@
      "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
    },
    "node_modules/sharp": {
-      "version": "0.32.4",
-      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.32.4.tgz",
-      "integrity": "sha512-exUnZewqVZC6UXqXuQ8fyJJv0M968feBi04jb9GcUHrWtkRoAKnbJt8IfwT4NJs7FskArbJ14JAFGVuooszoGg==",
+      "version": "0.32.6",
+      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.32.6.tgz",
+      "integrity": "sha512-KyLTWwgcR9Oe4d9HwCwNM2l7+J0dUQwn/yf7S0EnTtb0eVS4RxO0eUSvxPtzT4F3SY+C4K6fqdv/DO27sJ/v/w==",
      "hasInstallScript": true,
      "dependencies": {
        "color": "^4.2.3",
@@ -8253,16 +8249,16 @@
      "dev": true
    },
    "node_modules/wait-on": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-7.0.1.tgz",
-      "integrity": "sha512-9AnJE9qTjRQOlTZIldAaf/da2eW0eSRSgcqq85mXQja/DW3MriHxkpODDSUEg+Gri/rKEcXUZHe+cevvYItaog==",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-7.2.0.tgz",
+      "integrity": "sha512-wCQcHkRazgjG5XoAq9jbTMLpNIjoSlZslrJ2+N9MxDsGEv1HnFoVjOCexL0ESva7Y9cu350j+DWADdk54s4AFQ==",
      "dev": true,
      "dependencies": {
-        "axios": "^0.27.2",
-        "joi": "^17.7.0",
+        "axios": "^1.6.1",
+        "joi": "^17.11.0",
        "lodash": "^4.17.21",
-        "minimist": "^1.2.7",
-        "rxjs": "^7.8.0"
+        "minimist": "^1.2.8",
+        "rxjs": "^7.8.1"
      },
      "bin": {
        "wait-on": "bin/wait-on"
@@ -8271,6 +8267,17 @@
        "node": ">=12.0.0"
      }
    },
+    "node_modules/wait-on/node_modules/axios": {
+      "version": "1.6.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz",
+      "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==",
+      "dev": true,
+      "dependencies": {
+        "follow-redirects": "^1.15.0",
+        "form-data": "^4.0.0",
+        "proxy-from-env": "^1.1.0"
+      }
+    },
    "node_modules/watchpack": {
      "version": "2.4.0",
      "resolved": "https://registry.npmjs.org/watchpack/-/watchpack-2.4.0.tgz",
@@ -9459,24 +9466,13 @@
      }
    },
    "@types/clamscan": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/@types/clamscan/-/clamscan-2.0.4.tgz",
-      "integrity": "sha512-NpD+EmE+ZK5WRJOAmeDuSYJIv15BUnc4PxQA+m3QNkutaPBZ7bmLDTvqBu2iDchs7YKQjiEQEwEMvsdwtdtImA==",
+      "version": "2.0.7",
+      "resolved": "https://registry.npmjs.org/@types/clamscan/-/clamscan-2.0.7.tgz",
+      "integrity": "sha512-YopQF+D1pqbvMbvqTQx2MdxEqFbQAiPJKtjj/KnK9xxgmYkdt3dInkj/k6a+bztT4TexQ+tCUi/5D3LqDZIdhg==",
      "dev": true,
      "requires": {
        "@types/node": "*",
        "axios": "^0.24.0"
-      },
-      "dependencies": {
-        "axios": {
-          "version": "0.24.0",
-          "resolved": "https://registry.npmjs.org/axios/-/axios-0.24.0.tgz",
-          "integrity": "sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA==",
-          "dev": true,
-          "requires": {
-            "follow-redirects": "^1.14.4"
-          }
-        }
      }
    },
    "@types/connect": {
@@ -10261,13 +10257,12 @@
      "dev": true
    },
    "axios": {
-      "version": "0.27.2",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.27.2.tgz",
-      "integrity": "sha512-t+yRIyySRTp/wua5xEr+z1q60QmLq8ABsS5O9Me1AsE5dfKqgnCFzwiCZZ/cGNd1lq4/7akDWMxdhVlucjmnOQ==",
+      "version": "0.24.0",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-0.24.0.tgz",
+      "integrity": "sha512-Q6cWsys88HoPgAaFAVUb0WpPk0O8iTeisR9IMqy9G8AbO4NlpVknrnQS03zzF9PGAWgO3cgletO3VjV/P7VztA==",
      "dev": true,
      "requires": {
-        "follow-redirects": "^1.14.9",
-        "form-data": "^4.0.0"
+        "follow-redirects": "^1.14.4"
      }
    },
    "b4a": {
@@ -12299,15 +12294,15 @@
      }
    },
    "joi": {
-      "version": "17.7.0",
-      "resolved": "https://registry.npmjs.org/joi/-/joi-17.7.0.tgz",
-      "integrity": "sha512-1/ugc8djfn93rTE3WRKdCzGGt/EtiYKxITMO4Wiv6q5JL1gl9ePt4kBsl1S499nbosspfctIQTpYIhSmHA3WAg==",
+      "version": "17.11.0",
+      "resolved": "https://registry.npmjs.org/joi/-/joi-17.11.0.tgz",
+      "integrity": "sha512-NgB+lZLNoqISVy1rZocE9PZI36bL/77ie924Ri43yEvi9GUUMPeyVIr8KdFTMUlby1p0PBYMk9spIxEUQYqrJQ==",
      "dev": true,
      "requires": {
        "@hapi/hoek": "^9.0.0",
        "@hapi/topo": "^5.0.0",
        "@sideway/address": "^4.1.3",
-        "@sideway/formula": "^3.0.0",
+        "@sideway/formula": "^3.0.1",
        "@sideway/pinpoint": "^2.0.0"
      }
    },
@@ -12683,9 +12678,9 @@
      }
    },
    "minimist": {
-      "version": "1.2.7",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.7.tgz",
-      "integrity": "sha512-bzfL1YUZsP41gmu/qjrEk0Q6i2ix/cVeAhbCbqH9u3zYutS1cLg00qhrD0M2MVdCcx4Sc0UpP2eBWo9rotpq6g=="
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.8.tgz",
+      "integrity": "sha512-2yyAR8qBkN3YuheJanUpWC5U3bb5osDywNB8RzDVlDwDHbocAJveqqj1u8+SVD7jkWT4yvsHCpWqqWqAxb0zCA=="
    },
    "minipass": {
      "version": "3.3.4",
@@ -13490,6 +13485,12 @@
        "ipaddr.js": "1.9.1"
      }
    },
+    "proxy-from-env": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/proxy-from-env/-/proxy-from-env-1.1.0.tgz",
+      "integrity": "sha512-D+zkORCbA9f1tdWRK0RaCR3GPv50cMxcrz4X8k5LTSUD1Dkw47mKJEZQNunItRTkWwgtaUSo1RVFRIG9ZXiFYg==",
+      "dev": true
+    },
    "psl": {
      "version": "1.9.0",
      "resolved": "https://registry.npmjs.org/psl/-/psl-1.9.0.tgz",
@@ -13947,9 +13948,9 @@
      "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw=="
    },
    "sharp": {
-      "version": "0.32.4",
-      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.32.4.tgz",
-      "integrity": "sha512-exUnZewqVZC6UXqXuQ8fyJJv0M968feBi04jb9GcUHrWtkRoAKnbJt8IfwT4NJs7FskArbJ14JAFGVuooszoGg==",
+      "version": "0.32.6",
+      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.32.6.tgz",
+      "integrity": "sha512-KyLTWwgcR9Oe4d9HwCwNM2l7+J0dUQwn/yf7S0EnTtb0eVS4RxO0eUSvxPtzT4F3SY+C4K6fqdv/DO27sJ/v/w==",
      "requires": {
        "color": "^4.2.3",
        "detect-libc": "^2.0.2",
@@ -14655,16 +14656,29 @@
      }
    },
    "wait-on": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-7.0.1.tgz",
-      "integrity": "sha512-9AnJE9qTjRQOlTZIldAaf/da2eW0eSRSgcqq85mXQja/DW3MriHxkpODDSUEg+Gri/rKEcXUZHe+cevvYItaog==",
+      "version": "7.2.0",
+      "resolved": "https://registry.npmjs.org/wait-on/-/wait-on-7.2.0.tgz",
+      "integrity": "sha512-wCQcHkRazgjG5XoAq9jbTMLpNIjoSlZslrJ2+N9MxDsGEv1HnFoVjOCexL0ESva7Y9cu350j+DWADdk54s4AFQ==",
      "dev": true,
      "requires": {
-        "axios": "^0.27.2",
-        "joi": "^17.7.0",
+        "axios": "^1.6.1",
+        "joi": "^17.11.0",
        "lodash": "^4.17.21",
-        "minimist": "^1.2.7",
-        "rxjs": "^7.8.0"
+        "minimist": "^1.2.8",
+        "rxjs": "^7.8.1"
+      },
+      "dependencies": {
+        "axios": {
+          "version": "1.6.2",
+          "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.2.tgz",
+          "integrity": "sha512-7i24Ri4pmDRfJTR7LDBhsOTtcm+9kjX5WiY1X3wIisx6G9So3pfMkEiU7emUBe46oceVImccTEM3k6C5dbVW8A==",
+          "dev": true,
+          "requires": {
+            "follow-redirects": "^1.15.0",
+            "form-data": "^4.0.0",
+            "proxy-from-env": "^1.1.0"
+          }
+        }
      }
    },
    "watchpack": {
--- a/backend/package.json
+++ b/backend/package.json
@@ -1,6 +1,6 @@
 {
  "name": "pingvin-share-backend",
-  "version": "0.21.0",
+  "version": "0.21.1",
  "scripts": {
    "build": "nest build",
    "dev": "cross-env NODE_ENV=development nest start --watch",
--- a/backend/prisma/seed/config.seed.ts
+++ b/backend/prisma/seed/config.seed.ts
@@ -201,6 +201,10 @@ const configVariables: ConfigVariables = {
      type: "string",
      defaultValue: "",
    },
+    "oidc-usernameClaim": {
+      type: "string",
+      defaultValue: "",
+    },
    "oidc-clientId": {
      type: "string",
      defaultValue: "",
--- a/backend/src/oauth/provider/genericOidc.provider.ts
+++ b/backend/src/oauth/provider/genericOidc.provider.ts
@@ -108,6 +108,7 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
  async getUserInfo(
    token: OAuthToken<OidcToken>,
    query: OAuthCallbackDto,
+    claim?: string
  ): Promise<OAuthSignInDto> {
    const idTokenData = this.decodeIdToken(token.idToken);
    // maybe it's not necessary to verify the id token since it's directly obtained from the provider
@@ -122,11 +123,30 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
      throw new ErrorPageException("invalid_token");
    }

+    const username = claim
+      ? idTokenData[claim]
+      : idTokenData.name ||
+        idTokenData.nickname ||
+        idTokenData.preferred_username;
+
+    if (!username) {
+      this.logger.error(
+        `Can not get username from ID Token ${JSON.stringify(
+          idTokenData,
+          undefined,
+          2,
+        )}`,
+      );
+      throw new ErrorPageException("cannot_get_user_info", undefined, [
+        `provider_${this.name}`,
+      ]);
+    }
+
    return {
      provider: this.name as any,
      email: idTokenData.email,
      providerId: idTokenData.sub,
-      providerUsername: idTokenData.name,
+      providerUsername: username,
    };
  }

@@ -211,5 +231,7 @@ export interface OidcIdToken {
  iat: number;
  email: string;
  name: string;
+  nickname: string;
+  preferred_username: string;
  nonce: string;
 }
--- a/backend/src/oauth/provider/oidc.provider.ts
+++ b/backend/src/oauth/provider/oidc.provider.ts
@@ -1,9 +1,12 @@
-import { GenericOidcProvider } from "./genericOidc.provider";
+import { GenericOidcProvider, OidcToken } from "./genericOidc.provider";
 import { Inject, Injectable } from "@nestjs/common";
 import { ConfigService } from "../../config/config.service";
 import { JwtService } from "@nestjs/jwt";
 import { CACHE_MANAGER } from "@nestjs/cache-manager";
 import { Cache } from "cache-manager";
+import { OAuthCallbackDto } from "../dto/oauthCallback.dto";
+import { OAuthSignInDto } from "../dto/oauthSignIn.dto";
+import { OAuthToken } from "./oauthProvider.interface";

@Injectable()
 export class OidcProvider extends GenericOidcProvider {
@@ -24,4 +27,13 @@ export class OidcProvider extends GenericOidcProvider {
  protected getDiscoveryUri(): string {
    return this.config.get("oauth.oidc-discoveryUri");
  }
+
+  getUserInfo(
+    token: OAuthToken<OidcToken>,
+    query: OAuthCallbackDto,
+    _?: string,
+  ): Promise<OAuthSignInDto> {
+    const claim = this.config.get("oauth.oidc-usernameClaim") || undefined;
+    return super.getUserInfo(token, query, claim);
+  }
 }
--- a/docs/README.es.md
+++ b/docs/README.es.md
@@ -20,7 +20,8 @@ Pingvin Share es una plataforma de intercambio de archivos autoalojada y una alt
 ## 🐧 Conoce Pingvin Share

 - [Demo](https://pingvin-share.dev.eliasschneider.com)
- [Reseña por DB Tech](https://www.youtube.com/watch?v=rWwNeZCOPJA)
+- [Reseña realizada por No Solo Hacking (español)](https://www.youtube.com/watch?v=ocd4EpLTYkU)
+- [Reseña por DB Tech (inglés)](https://www.youtube.com/watch?v=rWwNeZCOPJA)

 <img src="https://user-images.githubusercontent.com/58886915/225038319-b2ef742c-3a74-4eb6-9689-4207a36842a4.png" width="700"/>

--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -1,6 +1,6 @@
 {
  "name": "pingvin-share-frontend",
-  "version": "0.21.0",
+  "version": "0.21.1",
  "scripts": {
    "dev": "next dev",
    "build": "next build",
--- a/frontend/src/i18n/translations/en-US.ts
+++ b/frontend/src/i18n/translations/en-US.ts
@@ -478,14 +478,16 @@ export default {
  "admin.config.oauth.discord-client-id.description": "Client ID of the Discord OAuth app",
  "admin.config.oauth.discord-client-secret": "Discord Client secret",
  "admin.config.oauth.discord-client-secret.description": "Client secret of the Discord OAuth app",
-  "admin.config.oauth.oidc-enabled": "OpenID",
-  "admin.config.oauth.oidc-enabled.description": "Whether OpenID login is enabled",
-  "admin.config.oauth.oidc-discovery-uri": "OpenID Discovery URI",
-  "admin.config.oauth.oidc-discovery-uri.description": "Discovery URI of the OpenID OAuth app",
-  "admin.config.oauth.oidc-client-id": "OpenID Client ID",
-  "admin.config.oauth.oidc-client-id.description": "Client ID of the OpenID OAuth app",
-  "admin.config.oauth.oidc-client-secret": "OpenID Client secret",
-  "admin.config.oauth.oidc-client-secret.description": "Client secret of the OpenID OAuth app",
+  "admin.config.oauth.oidc-enabled": "OpenID Connect",
+  "admin.config.oauth.oidc-enabled.description": "Whether OpenID Connect login is enabled",
+  "admin.config.oauth.oidc-discovery-uri": "OpenID Connect Discovery URI",
+  "admin.config.oauth.oidc-discovery-uri.description": "Discovery URI of the OpenID Connect OAuth app",
+  "admin.config.oauth.oidc-username-claim": "OpenID Connect username claim",
+  "admin.config.oauth.oidc-username-claim.description": "Username claim in OpenID Connect ID token. Leave it blank if you don't know what this config is.",
+  "admin.config.oauth.oidc-client-id": "OpenID Connect Client ID",
+  "admin.config.oauth.oidc-client-id.description": "Client ID of the OpenID Connect OAuth app",
+  "admin.config.oauth.oidc-client-secret": "OpenID Connect Client secret",
+  "admin.config.oauth.oidc-client-secret.description": "Client secret of the OpenID Connect OAuth app",

  // 404
  "404.description": "Oops this page doesn't exist.",
@@ -505,11 +507,12 @@ export default {
  "error.msg.not_linked": "This {0} account haven't linked to any account yet.",
  "error.msg.unverified_account": "This {0} account is unverified, please try again after verification.",
  "error.msg.discord_guild_permission_denied": "You are not allowed to sign in.",
+  "error.msg.cannot_get_user_info": "Can not get your user info from this {0} account.",
  "error.param.provider_github": "GitHub",
  "error.param.provider_google": "Google",
  "error.param.provider_microsoft": "Microsoft",
  "error.param.provider_discord": "Discord",
-  "error.param.provider_oidc": "OpenID",
+  "error.param.provider_oidc": "OpenID Connect",

  // Common translations
  "common.button.save": "Save",
--- a/frontend/src/i18n/translations/es-ES.ts
+++ b/frontend/src/i18n/translations/es-ES.ts
@@ -344,12 +344,12 @@ export default {
  "admin.config.oauth.google-client-secret": "Palabra secreta del cliente de Google",
  "admin.config.oauth.google-client-secret.description": "Secreto del cliente de la aplicación Google OAuth",
  "admin.config.oauth.microsoft-enabled": "Microsoft",
-  "admin.config.oauth.microsoft-enabled.description": "Whether Microsoft login is enabled",
+  "admin.config.oauth.microsoft-enabled.description": "Si el inicio de sesión de Microsoft está habilitado",
  "admin.config.oauth.microsoft-tenant": "Microsoft Tenant",
  "admin.config.oauth.microsoft-tenant.description": "Tenant ID of the Microsoft OAuth app\ncommon: Users with both a personal Microsoft account and a work or school account from Microsoft Entra ID can sign in to the application. organizations: Only users with work or school accounts from Microsoft Entra ID can sign in to the application.\nconsumers: Only users with a personal Microsoft account can sign in to the application.\ndomain name of the Microsoft Entra tenant or the tenant ID in GUID format: Only users from a specific Microsoft Entra tenant (directory members with a work or school account or directory guests with a personal Microsoft account) can sign in to the application.",
-  "admin.config.oauth.microsoft-client-id": "Microsoft Client ID",
-  "admin.config.oauth.microsoft-client-id.description": "Client ID of the Microsoft OAuth app",
-  "admin.config.oauth.microsoft-client-secret": "Microsoft Client secret",
+  "admin.config.oauth.microsoft-client-id": "ID del cliente de Microsoft",
+  "admin.config.oauth.microsoft-client-id.description": "ID de cliente de la app OAuth de Microsoft",
+  "admin.config.oauth.microsoft-client-secret": "Secreto del cliente de Microsoft",
  "admin.config.oauth.microsoft-client-secret.description": "Client secret of the Microsoft OAuth app",
  "admin.config.oauth.discord-enabled": "Discord",
  "admin.config.oauth.discord-enabled.description": "Whether Discord login is enabled",
@@ -372,18 +372,18 @@ export default {
  "404.button.home": "Regrésame al inicio",
  // error
  "error.title": "Error",
-  "error.description": "Oops!",
-  "error.button.back": "Go back",
-  "error.msg.default": "Something went wrong.",
-  "error.msg.access_denied": "You canceled the authentication process, please try again.",
-  "error.msg.expired_token": "The authentication process took too long, please try again.",
-  "error.msg.invalid_token": "Internal Error",
-  "error.msg.no_user": "User linked to this {0} account doesn't exist.",
-  "error.msg.no_email": "Can't get email address from this {0} account.",
-  "error.msg.already_linked": "This {0} account is already linked to another account.",
-  "error.msg.not_linked": "This {0} account haven't linked to any account yet.",
-  "error.msg.unverified_account": "This {0} account is unverified, please try again after verification.",
-  "error.msg.discord_guild_permission_denied": "You are not allowed to sign in.",
+  "error.description": "¡Ups!",
+  "error.button.back": "Volver",
+  "error.msg.default": "Algo ha salido mal.",
+  "error.msg.access_denied": "Ha cancelado el proceso de autenticación, por favor inténtelo de nuevo.",
+  "error.msg.expired_token": "El proceso de autenticación ha tardado demasiado, por favor inténtelo de nuevo.",
+  "error.msg.invalid_token": "Error interno",
+  "error.msg.no_user": "El usuario vinculado a esta cuenta {0} no existe.",
+  "error.msg.no_email": "No se puede obtener la dirección de correo electrónico de esta cuenta {0}.",
+  "error.msg.already_linked": "Esta cuenta {0} ya está vinculada a otra cuenta.",
+  "error.msg.not_linked": "Esta cuenta {0} aún no ha sido vinculada a ninguna cuenta.",
+  "error.msg.unverified_account": "Esta cuenta {0} no está verificada, por favor inténtalo de nuevo después de la verificación.",
+  "error.msg.discord_guild_permission_denied": "No tienes permitido iniciar sesion.",
  "error.param.provider_github": "GitHub",
  "error.param.provider_google": "Google",
  "error.param.provider_microsoft": "Microsoft",
--- a/frontend/src/i18n/translations/fr-FR.ts
+++ b/frontend/src/i18n/translations/fr-FR.ts
@@ -353,8 +353,8 @@ export default {
  "admin.config.oauth.microsoft-client-secret.description": "Le secret du client de l’application Microsoft OAuth",
  "admin.config.oauth.discord-enabled": "Discord",
  "admin.config.oauth.discord-enabled.description": "Permettre la connexion via Discord.",
-  "admin.config.oauth.discord-limited-guild": "Discord limited server ID",
-  "admin.config.oauth.discord-limited-guild.description": "Limit signing in to users in a specific server. Leave it blank to disable.",
+  "admin.config.oauth.discord-limited-guild": "ID de serveur restreint Discord",
+  "admin.config.oauth.discord-limited-guild.description": "Limiter la connexion aux utilisateurs sur un serveur spécifique. Laissez vide pour désactiver.",
  "admin.config.oauth.discord-client-id": "ID du client Discord",
  "admin.config.oauth.discord-client-id.description": "L’ID du client de l’application OAuth Discord",
  "admin.config.oauth.discord-client-secret": "Secret du client Discord",
@@ -377,13 +377,13 @@ export default {
  "error.msg.default": "Quelque chose a mal tourné.",
  "error.msg.access_denied": "Vous avez annulé le processus d’authentification, veuillez réessayer.",
  "error.msg.expired_token": "Le processus d’authentification a pris trop de temps, veuillez réessayer.",
-  "error.msg.invalid_token": "Internal Error",
+  "error.msg.invalid_token": "Erreur Interne",
  "error.msg.no_user": "L’utilisateur associé au compte {0} n’existe pas.",
  "error.msg.no_email": "Impossible d’obtenir le courriel du compte {0}.",
  "error.msg.already_linked": "Le compte {0} est déjà associé à un autre compte.",
  "error.msg.not_linked": "Le compte {0} n’est pas encore associé à compte.",
-  "error.msg.unverified_account": "This {0} account is unverified, please try again after verification.",
-  "error.msg.discord_guild_permission_denied": "You are not allowed to sign in.",
+  "error.msg.unverified_account": "Le compte {0} n'est pas vérifié, veuillez réessayer après vérification.",
+  "error.msg.discord_guild_permission_denied": "Vous n’êtes pas autorisé à vous authentifier.",
  "error.param.provider_github": "GitHub",
  "error.param.provider_google": "Google",
  "error.param.provider_microsoft": "Microsoft",
--- a/frontend/src/i18n/translations/pl-PL.ts
+++ b/frontend/src/i18n/translations/pl-PL.ts
@@ -112,7 +112,7 @@ export default {
  // END /account
  // /account/shares
  "account.shares.title": "Moje udziały",
-  "account.shares.title.empty": "Tu jest pusto :eys:",
+  "account.shares.title.empty": "Tu jest pusto 👀",
  "account.shares.description.empty": "Nie masz żadnych udziałów.",
  "account.shares.button.create": "Utwórz go",
  "account.shares.info.title": "Informacje udziału",
@@ -131,7 +131,7 @@ export default {
  // /account/reverseShares
  "account.reverseShares.title": "Udziały odwrotne",
  "account.reverseShares.description": "Udostępnianie odwrotne pozwala na wygenerowanie unikalnego adresu URL, który umożliwia użytkownikom zewnętrznym na tworzenie udostępniania.",
-  "account.reverseShares.title.empty": "Tu jest pusto :eys:",
+  "account.reverseShares.title.empty": "Tu jest pusto 👀",
  "account.reverseShares.description.empty": "Nie masz żadnych udostępnień odwrotnych.",
  // showCreateReverseShareModal.tsx
  "account.reverseShares.modal.title": "Utwórz udostępnianie odwrotne",
@@ -392,7 +392,7 @@ export default {
  // Common translations
  "common.button.save": "Zapisz",
  "common.button.create": "Utwórz",
-  "common.button.submit": "Zgłoś",
+  "common.button.submit": "Prześlij",
  "common.button.delete": "Usuń",
  "common.button.cancel": "Anuluj",
  "common.button.confirm": "Potwierdź",
--- a/frontend/src/i18n/translations/ru-RU.ts
+++ b/frontend/src/i18n/translations/ru-RU.ts
@@ -353,8 +353,8 @@ export default {
  "admin.config.oauth.microsoft-client-secret.description": "Секретный ключ клиента в приложении Microsoft OAuth",
  "admin.config.oauth.discord-enabled": "Discord",
  "admin.config.oauth.discord-enabled.description": "Включен ли логин Discord",
-  "admin.config.oauth.discord-limited-guild": "Discord limited server ID",
-  "admin.config.oauth.discord-limited-guild.description": "Limit signing in to users in a specific server. Leave it blank to disable.",
+  "admin.config.oauth.discord-limited-guild": "ID ограниченного сервера Discord",
+  "admin.config.oauth.discord-limited-guild.description": "Ограничение входа для пользователей определенного сервера. Оставьте пустым, чтобы отключить.",
  "admin.config.oauth.discord-client-id": "ID клиента Discord",
  "admin.config.oauth.discord-client-id.description": "ID клиента в приложении Discord OAuth",
  "admin.config.oauth.discord-client-secret": "Секретный ключ клиента Discord",
@@ -377,13 +377,13 @@ export default {
  "error.msg.default": "Что-то пошло не так.",
  "error.msg.access_denied": "Вы отменили процесс аутентификации, пожалуйста, попробуйте еще раз.",
  "error.msg.expired_token": "Процесс аутентификации занял слишком много времени, пожалуйста, попробуйте еще раз.",
-  "error.msg.invalid_token": "Internal Error",
+  "error.msg.invalid_token": "Внутренняя ошибка",
  "error.msg.no_user": "Пользователь связанный с учетной записью {0} не существует.",
  "error.msg.no_email": "Не удается получить адрес электронной почты от учетной записи {0}.",
  "error.msg.already_linked": "Эта учетная запись {0} уже привязана к другому аккаунту.",
  "error.msg.not_linked": "Эта учетная запись {0} ещё не привязана ни к одному аккаунту.",
-  "error.msg.unverified_account": "This {0} account is unverified, please try again after verification.",
-  "error.msg.discord_guild_permission_denied": "You are not allowed to sign in.",
+  "error.msg.unverified_account": "Эта учетная запись {0} не подтверждена, повторите попытку после подтверждения.",
+  "error.msg.discord_guild_permission_denied": "У вас нет разрешения на вход.",
  "error.param.provider_github": "GitHub",
  "error.param.provider_google": "Google",
  "error.param.provider_microsoft": "Microsoft",
--- a/frontend/src/i18n/translations/sv-SE.ts
+++ b/frontend/src/i18n/translations/sv-SE.ts
@@ -288,16 +288,16 @@ export default {
  "admin.config.general.logo.placeholder": "Välj bild",
  "admin.config.email.enable-share-email-recipients": "Aktivera e-postmottagare för delning",
  "admin.config.email.enable-share-email-recipients.description": "Om du vill tillåta e-post till delningsmottagare. Aktivera endast detta om du har aktiverat SMTP.",
-  "admin.config.email.share-recipients-subject": "Share recipients subject",
-  "admin.config.email.share-recipients-subject.description": "Subject of the email which gets sent to the share recipients.",
-  "admin.config.email.share-recipients-message": "Share recipients message",
+  "admin.config.email.share-recipients-subject": "Delning ämne",
+  "admin.config.email.share-recipients-subject.description": "Ämne för e-postmeddelandet som skickas till delningsmottagarna.",
+  "admin.config.email.share-recipients-message": "Delning meddelande",
  "admin.config.email.share-recipients-message.description": "Meddelande som skickas till delningens mottagare. Tillgängliga variabler:\n {creator} - Användarnamnet för skaparen av delningen\n {shareUrl} - URL för delningen\n {desc} - Beskrivningen av delningen\n {expires} - Förfallodatumet för delningen\n Variablerna kommer att ersättas med det faktiska värdet.",
  "admin.config.email.reverse-share-subject": "Omvänd delning ämne",
-  "admin.config.email.reverse-share-subject.description": "Subject of the email which gets sent when someone created a share with your reverse share link.",
-  "admin.config.email.reverse-share-message": "Reverse share message",
-  "admin.config.email.reverse-share-message.description": "Message which gets sent when someone created a share with your reverse share link. {shareUrl} will be replaced with the creator's name and the share URL.",
-  "admin.config.email.reset-password-subject": "Reset password subject",
-  "admin.config.email.reset-password-subject.description": "Subject of the email which gets sent when a user requests a password reset.",
+  "admin.config.email.reverse-share-subject.description": "Ämne i e-postmeddelandet som skickas när någon skapade en delning med din omvända delningslänk.",
+  "admin.config.email.reverse-share-message": "Omvänd delning meddelande",
+  "admin.config.email.reverse-share-message.description": "Meddelande som skickas när någon skapade en delning med din länk för omvänd delning. {shareUrl} kommer att ersättas med skaparens namn och delningens URL.",
+  "admin.config.email.reset-password-subject": "Återställ lösenord ämne",
+  "admin.config.email.reset-password-subject.description": "Ämne i e-postmeddelandet som skickas när en användare begär en lösenordsåterställning.",
  "admin.config.email.reset-password-message": "Återställ lösenord meddelande",
  "admin.config.email.reset-password-message.description": "Meddelande som skickas när en användare begär en lösenordsåterställning. {url} kommer att ersättas med länken för lösenordsåterställningen.",
  "admin.config.email.invite-subject": "Inbjudan ämne",
@@ -313,9 +313,9 @@ export default {
  "admin.config.share.max-size": "Max storlek",
  "admin.config.share.max-size.description": "Maximal storlek för delning i bytes",
  "admin.config.share.zip-compression-level": "Komprimeringsnivå för zip",
-  "admin.config.share.zip-compression-level.description": "Adjust the level to balance between file size and compression speed. Valid values range from 0 to 9, with 0 being no compression and 9 being maximum compression. ",
+  "admin.config.share.zip-compression-level.description": "Justera nivån för att balansera mellan filstorlek och komprimeringshastighet. Giltiga värden varierar från 0 till 9, med 0 som ingen komprimering och 9 som maximal komprimering. ",
  "admin.config.smtp.enabled": "Aktiverad",
-  "admin.config.smtp.enabled.description": "Whether SMTP is enabled. Only set this to true if you entered the host, port, email, user and password of your SMTP server.",
+  "admin.config.smtp.enabled.description": "Om SMTP skall vara aktiverat. Ange endast detta som sant om du angav adress, port, e-post, användare och lösenord för din SMTP-server.",
  "admin.config.smtp.host": "Adress",
  "admin.config.smtp.host.description": "Adress för SMTP-servern",
  "admin.config.smtp.port": "Port",
@@ -344,29 +344,29 @@ export default {
  "admin.config.oauth.google-client-secret": "Google Client secret",
  "admin.config.oauth.google-client-secret.description": "Client secret för Google OAuth appen",
  "admin.config.oauth.microsoft-enabled": "Microsoft",
-  "admin.config.oauth.microsoft-enabled.description": "Whether Microsoft login is enabled",
+  "admin.config.oauth.microsoft-enabled.description": "Om Microsoftinloggning skall vara aktiverat",
  "admin.config.oauth.microsoft-tenant": "Microsoft Tenant",
  "admin.config.oauth.microsoft-tenant.description": "Tenant ID of the Microsoft OAuth app\ncommon: Users with both a personal Microsoft account and a work or school account from Microsoft Entra ID can sign in to the application. organizations: Only users with work or school accounts from Microsoft Entra ID can sign in to the application.\nconsumers: Only users with a personal Microsoft account can sign in to the application.\ndomain name of the Microsoft Entra tenant or the tenant ID in GUID format: Only users from a specific Microsoft Entra tenant (directory members with a work or school account or directory guests with a personal Microsoft account) can sign in to the application.",
  "admin.config.oauth.microsoft-client-id": "Microsoft Client ID",
-  "admin.config.oauth.microsoft-client-id.description": "Client ID of the Microsoft OAuth app",
+  "admin.config.oauth.microsoft-client-id.description": "Client ID för Microsoft OAuth",
  "admin.config.oauth.microsoft-client-secret": "Microsoft Client secret",
-  "admin.config.oauth.microsoft-client-secret.description": "Client secret of the Microsoft OAuth app",
+  "admin.config.oauth.microsoft-client-secret.description": "Client secret för Microsoft OAuth",
  "admin.config.oauth.discord-enabled": "Discord",
-  "admin.config.oauth.discord-enabled.description": "Whether Discord login is enabled",
-  "admin.config.oauth.discord-limited-guild": "Discord limited server ID",
-  "admin.config.oauth.discord-limited-guild.description": "Limit signing in to users in a specific server. Leave it blank to disable.",
+  "admin.config.oauth.discord-enabled.description": "Om inloggning via Discord är aktiverat",
+  "admin.config.oauth.discord-limited-guild": "Discord begränsa till server ID",
+  "admin.config.oauth.discord-limited-guild.description": "Begränsa inloggning till användare på en specifik server. Lämna tomt för att inaktivera.",
  "admin.config.oauth.discord-client-id": "Discord Client ID",
-  "admin.config.oauth.discord-client-id.description": "Client ID of the Discord OAuth app",
+  "admin.config.oauth.discord-client-id.description": "Client ID för Discord OAuth",
  "admin.config.oauth.discord-client-secret": "Discord Client secret",
-  "admin.config.oauth.discord-client-secret.description": "Client secret of the Discord OAuth app",
+  "admin.config.oauth.discord-client-secret.description": "Client secret för Discord OAuth",
  "admin.config.oauth.oidc-enabled": "OpenID",
-  "admin.config.oauth.oidc-enabled.description": "Whether OpenID login is enabled",
+  "admin.config.oauth.oidc-enabled.description": "Om OpenID-inloggning är aktiverat",
  "admin.config.oauth.oidc-discovery-uri": "OpenID Discovery URI",
  "admin.config.oauth.oidc-discovery-uri.description": "Discovery URI of the OpenID OAuth app",
  "admin.config.oauth.oidc-client-id": "OpenID Client ID",
-  "admin.config.oauth.oidc-client-id.description": "Client ID of the OpenID OAuth app",
+  "admin.config.oauth.oidc-client-id.description": "Client ID för OpenID OAuth",
  "admin.config.oauth.oidc-client-secret": "OpenID Client secret",
-  "admin.config.oauth.oidc-client-secret.description": "Client secret of the OpenID OAuth app",
+  "admin.config.oauth.oidc-client-secret.description": "Client secret för OpenID OAuth",
  // 404
  "404.description": "Hoppsan den här sidan finns inte.",
  "404.button.home": "Ta mig tillbaka hem",
@@ -377,13 +377,13 @@ export default {
  "error.msg.default": "Någonting gick fel.",
  "error.msg.access_denied": "Du avbröt autentiseringsprocessen, försök igen.",
  "error.msg.expired_token": "Autentiseringsprocessen tog för lång tid, försök igen.",
-  "error.msg.invalid_token": "Internal Error",
+  "error.msg.invalid_token": "Internt fel",
  "error.msg.no_user": "Användare som är länkad till detta {0} konto finns inte.",
  "error.msg.no_email": "Kan inte hämta e-postadress från detta {0} konto.",
  "error.msg.already_linked": "Detta {0} konto är redan länkat till ett annat konto.",
  "error.msg.not_linked": "Detta {0} konto har ännu inte länkat till något konto.",
-  "error.msg.unverified_account": "This {0} account is unverified, please try again after verification.",
-  "error.msg.discord_guild_permission_denied": "You are not allowed to sign in.",
+  "error.msg.unverified_account": "Detta {0} -konto är overifierat, försök igen efter verifiering.",
+  "error.msg.discord_guild_permission_denied": "Du är inte tillåten att logga in.",
  "error.param.provider_github": "GitHub",
  "error.param.provider_google": "Google",
  "error.param.provider_microsoft": "Microsoft",
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "pingvin-share",
-  "version": "0.21.0",
+  "version": "0.21.1",
  "scripts": {
    "format": "cd frontend && npm run format && cd ../backend && npm run format",
    "lint": "cd frontend && npm run lint && cd ../backend && npm run lint",
Author	SHA1	Message	Date
Elias Schneider	be4ff0f0f0	release: 0.21.1	2023-12-20 12:33:36 +01:00
Qing Fu	3ea52a24ef	feat(oauth): add oidc username claim (#357 ) * feat(oauth): add oidc username claim * style: remove undefined	2023-12-20 12:32:42 +01:00
No Solo Hacking	f179189b59	docs: add review by "No Solo Hacking" to the Spanish README (#356 ) * Update README.es.md * Update docs/README.es.md Co-authored-by: Elias Schneider <login@eliasschneider.com> --------- Co-authored-by: Elias Schneider <login@eliasschneider.com>	2023-12-15 07:27:01 +01:00
Elias Schneider	bc333f768f	chore(translations): update translations via Crowdin (#349 ) * New translations en-us.ts (Swedish) * New translations en-us.ts (Russian) * New translations en-us.ts (Spanish) * New translations en-us.ts (Polish) * New translations en-us.ts (French)	2023-12-13 08:41:42 +01:00
Elias Schneider	26c98e2b41	chore: fix deps vulnerabilities	2023-12-01 11:03:03 +01:00