youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-05-27 04:16:16 +08:00
Code Issues Packages Projects Releases Wiki Activity
10,330 Commits 545 Branches 172 Tags
b7bd9c19ed282a377fd20174ee63f267948b0c37
Commit Graph

77 Commits

Author SHA1 Message Date
GareArc
fe8510ad1a feat(api,web): OAuth 2.0 device flow + bearer auth (RFC 8628) 
Adds a CLI-friendly authorization flow so difyctl (and future
non-browser clients) can obtain user-scoped tokens without copy-
pasting cookies or raw API keys. Two grant paths share one device
flow surface:

  1. Account branch — user signs in via the existing /signin
     methods, /device page calls console-authed approve, mints a
     dfoa_ token tied to (account_id, tenant).
  2. External-SSO branch (EE) — /v1/oauth/device/sso-initiate signs
     an SSOState envelope, hands off to Enterprise's external ACS,
     receives a signed external-subject assertion, mints a dfoe_
     token tied to (subject_email, subject_issuer).

API surface (all under /v1, EE-only endpoints 404 on CE):

  POST   /v1/oauth/device/code              — RFC 8628 start
  POST   /v1/oauth/device/token             — RFC 8628 poll
  GET    /v1/oauth/device/lookup            — pre-validate user_code
  GET    /v1/oauth/device/sso-initiate      — SSO branch entry
  GET    /v1/device/sso-complete            — SSO callback sink
  GET    /v1/oauth/device/approval-context  — /device cookie probe
  POST   /v1/oauth/device/approve-external  — SSO approve
  GET    /v1/me                             — bearer subject lookup
  DELETE /v1/oauth/authorizations/self      — self-revoke
  POST   /console/api/oauth/device/approve  — account approve
  POST   /console/api/oauth/device/deny     — account deny

Core primitives:
- libs/oauth_bearer.py: prefix-keyed TokenKindRegistry +
  BearerAuthenticator + validate_bearer decorator. Two-tier scope
  (full vs apps:run) stamped from the registry, never from the DB.
- libs/jws.py: HS256 compact JWS keyed on the shared Dify
  SECRET_KEY — same key-set verifies the SSOState envelope, the
  external-subject assertion (minted by Enterprise), and the
  approval-grant cookie.
- libs/device_flow_security.py: enterprise_only gate, approval-
  grant cookie mint/verify/consume (Path=/v1/oauth/device,
  HttpOnly, SameSite=Lax, Secure follows is_secure()), anti-
  framing headers.
- libs/rate_limit.py: typed RateLimit / RateLimitScope dispatch
  with composite-key buckets; both decorator + imperative form.
- services/oauth_device_flow.py: Redis state machine (PENDING ->
  APPROVED|DENIED with atomic consume-on-poll), token mint via
  partial unique index uq_oauth_active_per_device (rotates in
  place), env-driven TTL policy.

Storage: oauth_access_tokens table with partial unique index on
(subject_email, subject_issuer, client_id, device_label) WHERE
revoked_at IS NULL. account_id NULL distinguishes external-SSO
rows. Hard-expire is CAS UPDATE (revoked_at + nullify token_hash)
so audit events keep their token_id. Retention pruner DELETEs
revoked + zombie-expired rows past OAUTH_ACCESS_TOKEN_RETENTION_DAYS.

Frontend: /device page with code-entry, chooser (account vs SSO),
authorize-account, authorize-sso views. SSO branch detaches from
the URL user_code and reads everything from the cookie via
/approval-context. Anti-framing headers on all responses.

Wiring: ENABLE_OAUTH_BEARER feature flag; ext_oauth_bearer binds
the authenticator at startup; clean_oauth_access_tokens_task
scheduled in ext_celery.

Spec: docs/specs/v1.0/server/{device-flow,tokens,middleware,security}.md
 2026-04-26 20:06:43 -07:00
jerryzai
b9c300d570 chore(api): migrate mail task and OAuth data source to use Session(db… (#35235) 
Co-authored-by: Asuka Minato <i@asukaminato.eu.org>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-04-17 08:52:27 +00:00
zyssyz123
9fd196642d feat: tidb endpoint (#35158) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-04-15 08:46:25 +00:00
Yunlu Wen
ae898652b2 refactor: move vdb implementations to workspaces (#34900) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: wangxiaolei <fatelei@gmail.com>
 2026-04-13 08:56:43 +00:00
aliworksx08
3a4756449a refactor: migrate session.query to select API in schedule cleanup task (#34775) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-04-08 23:12:57 +00:00
tmimmanuel
cc17c8e883 refactor: use EnumText for TidbAuthBinding.status and MessageFile.type (#33975) 2026-03-24 05:38:29 +09:00
Renzo
8a22cc06c9 refactor: migrate db.session.query to select in infra layer (#33694) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-03-19 15:48:29 +09:00
wangxiaolei
9970f4449a refactor: reuse redis connection instead of create new one (#32678) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-03-09 15:53:21 +08:00
Runzhe
32350f7a04 feat(api): add scheduled cleanup task for specific workflow logs (#31843) 
Co-authored-by: 章润喆 <zhangrunzhe@zhangrunzhedeMacBook-Air.local>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: hjlarry <hjlarry@163.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: hj24 <mambahj24@gmail.com>
 2026-02-11 20:54:36 +08:00
zyssyz123
2c9430313d fix: redis for api token (#31861) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: hj24 <mambahj24@gmail.com>
 2026-02-06 16:25:27 +08:00
Stream
e04f2a0786 feat: use static manifest for pre-caching all plugin manifests before checking updates (#31942) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Junyan Qin <rockchinq@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-02-05 18:58:17 +08:00
hj24
e80d76af15 feat: add lock for retention jobs (#31320) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2026-01-21 14:06:35 +08:00
hj24
52af829f1f refactor: enhance clean messages task (#29638) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: 非法操作 <hjlarry@163.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-01-15 14:03:17 +08:00
Asuka Minato
f7f9a08fa5 refactor: port TidbAuthBinding( (#31006) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-15 10:07:02 +08:00
非法操作
51ea87ab85 feat: clear free plan workflow run logs (#29494) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2026-01-12 15:57:40 +08:00
Jasonfish
e6f3528bb0 fix: Incorrect REDIS ssl variable used for Celery causing Celery unable to start (#29605) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-12-31 10:26:28 +08:00
Maries
a1b735a4c0 feat: trigger billing (#28335) 
Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com>
Co-authored-by: lyzno1 <yuanyouhuilyz@gmail.com>
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-11-20 10:15:23 +08:00
Yeuoly
b76e17b25d feat: introduce trigger functionality (#27644) 
Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com>
Co-authored-by: Stream <Stream_2@qq.com>
Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com>
Co-authored-by: zhsama <torvalds@linux.do>
Co-authored-by: Harry <xh001x@hotmail.com>
Co-authored-by: lyzno1 <yuanyouhuilyz@gmail.com>
Co-authored-by: yessenia <yessenia.contact@gmail.com>
Co-authored-by: hjlarry <hjlarry@163.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: WTW0313 <twwu@dify.ai>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-12 17:59:37 +08:00
-LAN-
2abbc14703 refactor: replace hardcoded user plan strings with CloudPlan enum (#27675) 2025-11-03 11:51:09 +08:00
Asuka Minato
cced33d068 use deco to avoid current_user (#26077) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-10-16 15:45:51 +09:00
Asuka Minato
8ddc4f2292 example to auto rollback (#26200) 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-10-15 00:42:55 +09:00
NeatGuyCoding
7242a67f84 minor fix: improve check_upgradable_plugin_task.py (#26468) 
Signed-off-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-09-30 15:36:04 +08:00
Junyan Qin (Chin)
cba2b9b2ad fix: switch plugin auto upgrade cache to redis (#26356) 2025-09-29 12:57:30 +08:00
Junyan Qin (Chin)
043ec46c33 perf: distribute concurrent plugin auto upgrade tasks (#26282) 2025-09-28 10:26:11 +08:00
-LAN-
bab4975809 chore: add ast-grep rule to convert Optional[T] to T | None (#25560) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-15 13:06:33 +08:00
Asuka Minato
cbc0e639e4 update sql in batch (#24801) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 13:00:17 +08:00
-LAN-
9d5956cef8 [Chore/Refactor] Switch from MyPy to Basedpyright for type checking (#25047) 
Signed-off-by: -LAN- <laipz8200@outlook.com>
 2025-09-03 11:52:26 +08:00
Asuka Minato
24e2b72b71 Update ast-grep pattern for session.query (#24828) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-08-31 17:03:51 +08:00
湛露先生
d4883256f1 Fix login tokens and fix task clean_messages create_time. (#24574) 
Signed-off-by: zhanluxianshen <zhanluxianshen@163.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-08-27 13:32:18 +08:00
Yongtao Huang
fa753239ad Refactor: use logger = logging.getLogger(__name__) in logging (#24515) 
Co-authored-by: Yongtao Huang <99629139+hyongtao-db@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-08-26 18:10:31 +08:00
kenwoodjw
bfc4fe1a9a fix infinite loop when clean unused dataset (#24542) 
Signed-off-by: kenwoodjw <blackxin55+@gmail.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-08-26 15:44:52 +08:00
Asuka Minato
70da81d0e5 try ast-grep (#24149) 2025-08-19 13:41:52 +08:00
9527MrLi
75199442c1 feat: Implements periodic deletion of workflow run logs that exceed t… (#23881) 
Co-authored-by: shiyun.li973792 <shiyun.li@seres.cn>
Co-authored-by: 1wangshu <suewangswu@gmail.com>
Co-authored-by: Blackoutta <hyytez@gmail.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-08-19 09:47:34 +08:00
kenwoodjw
21e1b825fe fix: optimize dataset cleanup task (#23828) 
Signed-off-by: kenwoodjw <blackxin55+@gmail.com>
 2025-08-13 11:22:03 +08:00
-LAN-
74ab057f56 refactor: improve Redis wrapper type hints and fix None value handling (#23845) 2025-08-13 09:46:02 +08:00
Yongtao Huang
c8c591d73c Fix incorrect exception handling in db query (#23582) 
Signed-off-by: Yongtao Huang <yongtaoh2022@gmail.com>
 2025-08-08 09:07:59 +08:00
ian woolf
a0a30bfdcc fix: set default value to avoid initializing with empty value (#23220) 2025-07-31 17:50:53 +08:00
Sn0rt
bbdeb15501 fix: Support URL-encoded passwords with special characters in CELERY_BROKER_URL (#23163) 
Signed-off-by: Sn0rt <wangguohao.2009@gmail.com>
 2025-07-30 16:39:54 +08:00
Asuka Minato
a189d293f8 make logging not use f-str, change others to f-str (#22882) 2025-07-25 10:32:48 +08:00
Asuka Minato
ef51678c73 orm filter -> where (#22801) 
Signed-off-by: -LAN- <laipz8200@outlook.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
Co-authored-by: Claude <noreply@anthropic.com>
 2025-07-24 00:57:45 +08:00
Junyan Qin (Chin)
eaae79a581 feat: plugin auto upgrade strategy (#19758) 
Co-authored-by: Joel <iamjoel007@gmail.com>
Co-authored-by: crazywoola <427733928@qq.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Novice <novice12185727@gmail.com>
 2025-07-23 15:33:39 +08:00
Asuka Minato
6d3e198c3c Mapped column (#22644) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-07-23 00:39:59 +08:00
-LAN-
0f4809b9b8 refactor: centralize email internationalization handling (#22752) 
Co-authored-by: Claude <noreply@anthropic.com>
 2025-07-23 00:26:00 +08:00
Dongyu Li
92614765ff Feat/queue monitor (#20647) 2025-06-04 19:56:34 +08:00
yihong
5a991295e0 fix: drop some type fixme (#20344) 2025-05-30 14:10:09 +08:00
非法操作
085bd1aa93 chore: model.query change to db.session.query (#19551) 
Co-authored-by: QuantumGhost <obelisk.reg+git@gmail.com>
 2025-05-13 09:13:12 +08:00
非法操作
14cd71ed0a chore: all model.query replace to db.session.query (#19521) 2025-05-12 15:19:41 +08:00
非法操作
b00f94df64 fix: replace all dataset.Model.query to db.session.query(Model) (#19509) 2025-05-12 13:52:33 +08:00
crazywoola
b29087b680 fix: db.session.query(TenantAccountJoin) (#19482) 2025-05-10 04:43:56 -07:00
Yongtao Huang
43753c8e9a Fix function's name mismatch (#16681) 2025-03-25 10:25:15 +08:00