youngkingdom/dify - dify - Gitea: Git with a cup of tea

youngkingdom/dify

Fork 0

mirror of https://github.com/langgenius/dify.git synced 2026-05-24 19:07:53 +08:00

Commit Graph

Author	SHA1	Message	Date
GareArc	0b3b0b5ce8	feat(api): retire legacy /v1/* and /console/api device-flow mounts (Phase F) Web and CLI consumers now hit /openapi/v1/* directly, so the dual-mount shims can go: - controllers/oauth_device_sso.py (legacy /v1/oauth/device/sso-* + /v1/device/sso-complete) - controllers/service_api/oauth.py (legacy /v1/oauth/device/*, /v1/me, /v1/oauth/authorizations/self) - controllers/console/auth/oauth_device.py (placeholder for legacy /console/api/oauth/device/{approve,deny}) - the deferred _register_legacy_console_mount() inside openapi/oauth_device.py Imports in controllers/console/__init__.py, controllers/service_api/__init__.py, and extensions/ext_blueprints.py pruned. Tests rewritten to openapi-only.	2026-04-27 00:45:10 -07:00
GareArc	390f1f74db	feat(api): add /openapi/v1/account/sessions endpoints (Phase C.11-12) GET /openapi/v1/account/sessions lists the bearer's active OAuth tokens (filtered to revoked_at IS NULL, expires_at > NOW(), token_hash IS NOT NULL — no phantom devices). DELETE /openapi/v1/account/sessions/<id> revokes a specific session with a subject-match guard that returns 404 (not 403) on cross-subject so token IDs don't leak across subjects. Subject scoping abstracted into _subject_match(ctx): account subjects filter by account_id; external_sso subjects filter by (email, issuer) AND account_id IS NULL — preventing an SSO bearer from touching a same-email account row from a federated tenant. _revoke_token_by_id helper extracted so /sessions/self and /sessions/<id> share the same UPDATE-where-revoked_at-IS-NULL idempotent revoke + Redis cache invalidation. No /v1/ equivalents — these are new endpoints (spec §Sessions list shape). Plan: docs/superpowers/plans/2026-04-26-openapi-migration.md (in difyctl repo).	2026-04-26 23:51:55 -07:00
GareArc	b7bd9c19ed	feat(api): lift identity + self-revoke to /openapi/v1/account (Phase C.9-10) GET /v1/me moves to GET /openapi/v1/account. DELETE /v1/oauth/authorizations/self moves to DELETE /openapi/v1/account/sessions/self. Both classes (AccountApi, AccountSessionsSelfApi) are now in controllers/openapi/account.py and re-registered on service_api_ns at the legacy paths. service_api/oauth.py is now nothing but legacy re-mount declarations (20 lines). All in-place handler logic has moved to openapi/. Phase F will delete the file and the legacy mounts together. Helper functions (_load_memberships, _pick_default_workspace, _workspace_payload, _account_payload) move with the AccountApi class. Plan: docs/superpowers/plans/2026-04-26-openapi-migration.md (in difyctl repo).	2026-04-26 23:50:15 -07:00

Author

SHA1

Message

Date

GareArc

0b3b0b5ce8

feat(api): retire legacy /v1/* and /console/api device-flow mounts (Phase F)

Web and CLI consumers now hit /openapi/v1/* directly, so the dual-mount
shims can go:
  - controllers/oauth_device_sso.py (legacy /v1/oauth/device/sso-* + /v1/device/sso-complete)
  - controllers/service_api/oauth.py (legacy /v1/oauth/device/*, /v1/me, /v1/oauth/authorizations/self)
  - controllers/console/auth/oauth_device.py (placeholder for legacy /console/api/oauth/device/{approve,deny})
  - the deferred _register_legacy_console_mount() inside openapi/oauth_device.py

Imports in controllers/console/__init__.py, controllers/service_api/__init__.py,
and extensions/ext_blueprints.py pruned. Tests rewritten to openapi-only.

2026-04-27 00:45:10 -07:00

GareArc

390f1f74db

feat(api): add /openapi/v1/account/sessions endpoints (Phase C.11-12)

GET /openapi/v1/account/sessions lists the bearer's active OAuth
tokens (filtered to revoked_at IS NULL, expires_at > NOW(), token_hash
IS NOT NULL — no phantom devices). DELETE
/openapi/v1/account/sessions/<id> revokes a specific session with a
subject-match guard that returns 404 (not 403) on cross-subject so
token IDs don't leak across subjects.

Subject scoping abstracted into _subject_match(ctx): account subjects
filter by account_id; external_sso subjects filter by (email, issuer)
AND account_id IS NULL — preventing an SSO bearer from touching a
same-email account row from a federated tenant.

_revoke_token_by_id helper extracted so /sessions/self and
/sessions/<id> share the same UPDATE-where-revoked_at-IS-NULL
idempotent revoke + Redis cache invalidation.

No /v1/ equivalents — these are new endpoints (spec §Sessions list shape).

Plan: docs/superpowers/plans/2026-04-26-openapi-migration.md (in difyctl repo).

2026-04-26 23:51:55 -07:00

GareArc

b7bd9c19ed

feat(api): lift identity + self-revoke to /openapi/v1/account (Phase C.9-10)

GET /v1/me moves to GET /openapi/v1/account. DELETE
/v1/oauth/authorizations/self moves to DELETE
/openapi/v1/account/sessions/self. Both classes (AccountApi,
AccountSessionsSelfApi) are now in controllers/openapi/account.py and
re-registered on service_api_ns at the legacy paths.

service_api/oauth.py is now nothing but legacy re-mount declarations
(20 lines). All in-place handler logic has moved to openapi/. Phase F
will delete the file and the legacy mounts together.

Helper functions (_load_memberships, _pick_default_workspace,
_workspace_payload, _account_payload) move with the AccountApi class.

Plan: docs/superpowers/plans/2026-04-26-openapi-migration.md (in difyctl repo).

2026-04-26 23:50:15 -07:00

3 Commits