Merge branch 'devel' into edge

CHANGELOG.md

@@ -1,3 +1,26 @@
+# v2.27 2019-02-27 Wekan release
+
+This release fixes the following bugs:
+
+- [Fix OIDC error "a.join is not a function"](https://github.com/wekan/wekan/issues/2206)
+  by reverting configurable OAUTH2_ID_TOKEN_WHITELIST_FIELDS and
+  OAUTH2_REQUEST_PERMISSIONS from Wekan v2.22-2.26.
+  Thanks to GitHub user xet7.
+
+# v2.26 2019-02-25 Wekan release
+
+This release adds the following new features:
+
+- Add setting [EMAIL_NOTIFICATION_TIMEOUT](https://github.com/wekan/wekan/issues/2203).
+  Defaut 30000 ms (30s). Thanks to GitHub users ngru and xet7.
+
+and fixes the following bugs:
+
+- REVERTED in v2.27 ([Fix OAuth2 requestPermissions](https://github.com/wekan/wekan/commit/5e238bfbfea16940ae29647ae347bbdc0d78efb0).
+  This makes [Auth0 login possible](https://github.com/wekan/wekan/issues/1722)
+  with [OIDC](https://github.com/wekan/wekan/wiki/OAuth2#auth0). Needs testing.
+  Thanks to GitHub user xet7.)
+
 # v2.25 2019-02-23 Wekan release
 
 This release fixes the following bugs:
@@ -17,8 +40,8 @@ This release adds the following new features:
 
 and fixes the following bugs:
 
-- [Add missing text .env to wekan/server/authentication.js](https://github.com/wekan/wekan/commit/4e6e78ccd216045e6ad41bcdab4e524f715a7eb5).
-  Thanks to Vanila Chat user .gitignore.
+- REVERTED in v2.27 ([Add missing text .env to wekan/server/authentication.js](https://github.com/wekan/wekan/commit/4e6e78ccd216045e6ad41bcdab4e524f715a7eb5).
+  Thanks to Vanila Chat user .gitignore.)
 
 Thanks to above contributors, and translators for their translation.
 
@@ -36,10 +59,10 @@ Thanks to above GitHub users for their contributions, and translators for their
 This release adds the following new features:
 
 - [Kadira integration](https://github.com/wekan/wekan/issues/2152). Thanks to GavinLilly.
-- Add [configurable](https://github.com/wekan/wekan/issues/1874#issuecomment-462759627)
+- REVERTED in v2.27 (Add [configurable](https://github.com/wekan/wekan/issues/1874#issuecomment-462759627)
   settings [OAUTH2_ID_TOKEN_WHITELIST_FIELDS and
   OAUTH2_REQUEST_PERMISSIONS](https://github.com/wekan/wekan/commit/b66f471e530d41a3f12e4bfc29548313e9a73c35).
-  Thanks to xet7.
+  Thanks to xet7.)
 
 and fixes the following bugs:
 

Dockerfile

@@ -12,6 +12,7 @@ ARG FIBERS_VERSION
 ARG ARCHITECTURE
 ARG SRC_PATH
 ARG WITH_API
+ARG EMAIL_NOTIFICATION_TIMEOUT
 ARG MATOMO_ADDRESS
 ARG MATOMO_SITE_ID
 ARG MATOMO_DO_NOT_TRACK
@@ -30,8 +31,6 @@ ARG OAUTH2_ID_MAP
 ARG OAUTH2_USERNAME_MAP
 ARG OAUTH2_FULLNAME_MAP
 ARG OAUTH2_EMAIL_MAP
-ARG OAUTH2_ID_TOKEN_WHITELIST_FIELDS
-ARG OAUTH2_REQUEST_PERMISSIONS
 ARG LDAP_ENABLE
 ARG LDAP_PORT
 ARG LDAP_HOST
@@ -97,6 +96,7 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
     ARCHITECTURE=linux-x64 \
     SRC_PATH=./ \
     WITH_API=true \
+    EMAIL_NOTIFICATION_TIMEOUT=30000 \
     MATOMO_ADDRESS="" \
     MATOMO_SITE_ID="" \
     MATOMO_DO_NOT_TRACK=true \
@@ -115,8 +115,6 @@ ENV BUILD_DEPS="apt-utils bsdtar gnupg gosu wget curl bzip2 build-essential pyth
     OAUTH2_USERNAME_MAP="" \
     OAUTH2_FULLNAME_MAP="" \
     OAUTH2_EMAIL_MAP="" \
-    OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[] \
-    OAUTH2_REQUEST_PERMISSIONS=[openid] \
     LDAP_ENABLE=false \
     LDAP_PORT=389 \
     LDAP_HOST="" \

Stackerfile.yml

@@ -1,5 +1,5 @@
 appId: wekan-public/apps/77b94f60-dec9-0136-304e-16ff53095928
-appVersion: "v2.25.0"
+appVersion: "v2.27.0"
 files:
   userUploads:
     - README.md

docker-compose.yml

@@ -220,6 +220,10 @@ services:
       # https://github.com/wekan/wekan-gogs
       # If you disable Wekan API with false, Export Board does not work.
       - WITH_API=true
+      #---------------------------------------------------------------
+      # ==== EMAIL NOTIFICATION TIMEOUT, ms =====
+      # Defaut: 30000 ms = 30s
+      #- EMAIL_NOTIFICATION_TIMEOUT=30000
       #-----------------------------------------------------------------
       # ==== CORS =====
       # CORS: Set Access-Control-Allow-Origin header.
@@ -311,10 +315,6 @@ services:
       #- OAUTH2_FULLNAME_MAP=
       # OAuth2 Email Mapping
       #- OAUTH2_EMAIL_MAP=
-      # OAUTH2 ID Token Whitelist Fields.
-      #- OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
-      # OAUTH2 Request Permissions.
-      #- OAUTH2_REQUEST_PERMISSIONS=[openid email profile]
       #-----------------------------------------------------------------
       # ==== LDAP ====
       # https://github.com/wekan/wekan/wiki/LDAP

package.json

@@ -1,6 +1,6 @@
 {
   "name": "wekan",
-  "version": "v2.25.0",
+  "version": "v2.27.0",
   "description": "Open-Source kanban",
   "private": true,
   "scripts": {

releases/virtualbox/start-wekan.sh

@@ -114,10 +114,6 @@
         #export OAUTH2_FULLNAME_MAP=
         # OAuth2 Email Mapping
         #export OAUTH2_EMAIL_MAP=
-        # OAUTH2 ID Token Whitelist Fields.
-        #export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
-        # OAUTH2 Request Permissions.
-        #export OAUTH2_REQUEST_PERMISSIONS=[openid profile email]
         #---------------------------------------------
         # LDAP_ENABLE : Enable or not the connection by the LDAP
         # example :  export LDAP_ENABLE=true

sandstorm-pkgdef.capnp

@@ -22,10 +22,10 @@ const pkgdef :Spk.PackageDefinition = (
     appTitle = (defaultText = "Wekan"),
     # The name of the app as it is displayed to the user.
 
-    appVersion = 227,
+    appVersion = 229,
     # Increment this for every release.
 
-    appMarketingVersion = (defaultText = "2.25.0~2019-02-23"),
+    appMarketingVersion = (defaultText = "2.27.0~2019-02-27"),
     # Human-readable presentation of the app version.
 
     minUpgradableAppVersion = 0,

server/authentication.js

@@ -76,8 +76,8 @@ Meteor.startup(() => {
             authorizationEndpoint: process.env.OAUTH2_AUTH_ENDPOINT,
             userinfoEndpoint: process.env.OAUTH2_USERINFO_ENDPOINT,
             tokenEndpoint: process.env.OAUTH2_TOKEN_ENDPOINT,
-            idTokenWhitelistFields: process.env.OAUTH2_ID_TOKEN_WHITELIST_FIELDS || [],
-            requestPermissions: process.env.OAUTH2_REQUEST_PERMISSIONS || ['openid'],
+            idTokenWhitelistFields: [],
+            requestPermissions: ['openid'],
           },
         }
       );

server/notifications/email.js

@@ -36,7 +36,7 @@ Meteor.startup(() => {
       } catch (e) {
         return;
       }
-    }, 30000);
+    }, process.env.EMAIL_NOTIFICATION_TIMEOUT || 30000);
   });
 });
 

snap-src/bin/config

@@ -3,7 +3,7 @@
 # All supported keys are defined here together with descriptions and default values
 
 # list of supported keys
-keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_EMAIL_MAP OAUTH2_ID_TOKEN_WHITELIST_FIELDS OAUTH2_REQUEST_PERMISSIONS LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
+keys="DEBUG MONGODB_BIND_UNIX_SOCKET MONGODB_BIND_IP MONGODB_PORT MAIL_URL MAIL_FROM ROOT_URL PORT DISABLE_MONGODB CADDY_ENABLED CADDY_BIND_PORT WITH_API EMAIL_NOTIFICATION_TIMEOUT CORS MATOMO_ADDRESS MATOMO_SITE_ID MATOMO_DO_NOT_TRACK MATOMO_WITH_USERNAME BROWSER_POLICY_ENABLED TRUSTED_URL WEBHOOKS_ATTRIBUTES OAUTH2_ENABLED OAUTH2_CLIENT_ID OAUTH2_SECRET OAUTH2_SERVER_URL OAUTH2_AUTH_ENDPOINT OAUTH2_USERINFO_ENDPOINT OAUTH2_TOKEN_ENDPOINT OAUTH2_ID_MAP OAUTH2_USERNAME_MAP OAUTH2_FULLNAME_MAP OAUTH2_EMAIL_MAP LDAP_ENABLE LDAP_PORT LDAP_HOST LDAP_BASEDN LDAP_LOGIN_FALLBACK LDAP_RECONNECT LDAP_TIMEOUT LDAP_IDLE_TIMEOUT LDAP_CONNECT_TIMEOUT LDAP_AUTHENTIFICATION LDAP_AUTHENTIFICATION_USERDN LDAP_AUTHENTIFICATION_PASSWORD LDAP_LOG_ENABLED LDAP_BACKGROUND_SYNC LDAP_BACKGROUND_SYNC_INTERVAL LDAP_BACKGROUND_SYNC_KEEP_EXISTANT_USERS_UPDATED LDAP_BACKGROUND_SYNC_IMPORT_NEW_USERS LDAP_ENCRYPTION LDAP_CA_CERT LDAP_REJECT_UNAUTHORIZED LDAP_USER_SEARCH_FILTER LDAP_USER_SEARCH_SCOPE LDAP_USER_SEARCH_FIELD LDAP_SEARCH_PAGE_SIZE LDAP_SEARCH_SIZE_LIMIT LDAP_GROUP_FILTER_ENABLE LDAP_GROUP_FILTER_OBJECTCLASS LDAP_GROUP_FILTER_GROUP_ID_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_ATTRIBUTE LDAP_GROUP_FILTER_GROUP_MEMBER_FORMAT LDAP_GROUP_FILTER_GROUP_NAME LDAP_UNIQUE_IDENTIFIER_FIELD LDAP_UTF8_NAMES_SLUGIFY LDAP_USERNAME_FIELD LDAP_FULLNAME_FIELD LDAP_MERGE_EXISTING_USERS LDAP_SYNC_USER_DATA LDAP_SYNC_USER_DATA_FIELDMAP LDAP_SYNC_GROUP_ROLES LDAP_DEFAULT_DOMAIN LDAP_EMAIL_MATCH_ENABLE LDAP_EMAIL_MATCH_REQUIRE LDAP_EMAIL_MATCH_VERIFIED LDAP_EMAIL_FIELD LOGOUT_WITH_TIMER LOGOUT_IN LOGOUT_ON_HOURS LOGOUT_ON_MINUTES DEFAULT_AUTHENTICATION_METHOD"
 
 # default values
 DESCRIPTION_DEBUG="Debug OIDC OAuth2 etc. Example: sudo snap set wekan debug='true'"
@@ -56,6 +56,10 @@ DESCRIPTION_WITH_API="Enable/disable the api of wekan"
 DEFAULT_WITH_API="true"
 KEY_WITH_API="with-api"
 
+DESCRIPTION_EMAIL_NOTIFICATION_TIMEOUT="Email notification timeout, ms. Default: 30000 (=30s)."
+DEFAULT_EMAIL_NOTIFICATION_TIMEOUT="30000"
+KEY_EMAIL_NOTIFICATION_TIMEOUT="email-notification-timeout"
+
 DESCRIPTION_CORS="Enable/disable CORS: Set Access-Control-Allow-Origin header. Example: *"
 DEFAULT_CORS=""
 KEY_CORS="cors"
@@ -138,14 +142,6 @@ DESCRIPTION_OAUTH2_EMAIL_MAP="OAuth2 Email Mapping. Example: email"
 DEFAULT_OAUTH2_EMAIL_MAP=""
 KEY_OAUTH2_EMAIL_MAP="oauth2-email-map"
 
-DESCRIPTION_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="OAuth2 ID Token Whitelist Fields. Example: []"
-DEFAULT_OAUTH2_ID_TOKEN_WHITELIST_FIELDS=""
-KEY_OAUTH2_ID_TOKEN_WHITELIST_FIELDS="oauth2-id-token-whitelist-fields"
-
-DESCRIPTION_OAUTH2_REQUEST_PERMISSIONS="OAuth2 Request Permissions. Example: [openid profile email]"
-DEFAULT_OAUTH2_REQUEST_PERMISSIONS=""
-KEY_OAUTH2_REQUEST_PERMISSIONS="oauth2-request-permissions"
-
 DESCRIPTION_LDAP_ENABLE="Enable or not the connection by the LDAP"
 DEFAULT_LDAP_ENABLE="false"
 KEY_LDAP_ENABLE="ldap-enable"

snap-src/bin/wekan-help

@@ -40,6 +40,11 @@ echo -e "\t$ snap set $SNAP_NAME with-api='true'"
 echo -e "\t-Disable the API:"
 echo -e "\t$ snap set $SNAP_NAME with-api='false'"
 echo -e "\n"
+echo -e "To enable the Email Notification Timeout of wekan in ms, default 30000 (=30s):"
+echo -e "\t$ snap set $SNAP_NAME email-notification-timeout='10000'"
+echo -e "\t-Disable the Email Notification Timeout of Wekan:"
+echo -e "\t$ snap set $SNAP_NAME email-notification-timeout='30000'"
+echo -e "\n"
 echo -e "To enable the CORS of wekan, to set Access-Control-Allow-Origin header:"
 echo -e "\t$ snap set $SNAP_NAME cors='*'"
 echo -e "\t-Disable the CORS:"
@@ -125,18 +130,6 @@ echo -e "\t$ snap set $SNAP_NAME oauth2-email-map='email'"
 echo -e "\t-Disable the OAuth2 Email Mapping of Wekan:"
 echo -e "\t$ snap set $SNAP_NAME oauth2-email-map=''"
 echo -e "\n"
-echo -e "OAuth2 ID Token Whitelist Fields."
-echo -e "To enable the OAuth2 ID Token Whitelist Fields of Wekan:"
-echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields='[]'"
-echo -e "\t-Disable the OAuth2 ID Token Whitelist Fields of Wekan:"
-echo -e "\t$ snap set $SNAP_NAME oauth2-id-token-whitelist-fields=''"
-echo -e "\n"
-echo -e "OAuth2 Request Permissions."
-echo -e "To enable the OAuth2 Request Permissions of Wekan:"
-echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions='[openid profile email]'"
-echo -e "\t-Disable the OAuth2 Request Permissions of Wekan:"
-echo -e "\t$ snap set $SNAP_NAME oauth2-request-permissions=''"
-echo -e "\n"
 echo -e "Ldap Enable."
 echo -e "To enable the ldap of Wekan:"
 echo -e "\t$ snap set $SNAP_NAME ldap-enable='true'"

start-wekan.bat

@@ -74,11 +74,6 @@ REM # OAuth2 Token Endpoint. Example: /oauth/token
 REM # example: OAUTH2_TOKEN_ENDPOINT=/oauth/token
 REM SET OAUTH2_TOKEN_ENDPOINT=
 
-REM # OAUTH2 ID Token Whitelist Fields.
-REM SET OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
-REM # OAUTH2 Request Permissions.
-REM SET OAUTH2_REQUEST_PERMISSIONS=[openid email profile]
-
 REM ------------------------------------------------------------
 
 REM # LDAP_ENABLE : Enable or not the connection by the LDAP

start-wekan.sh

@@ -95,10 +95,6 @@ function wekan_repo_check(){
       #export OAUTH2_FULLNAME_MAP=name
       # The claim name you want to map to the email field:
       #export OAUTH2_EMAIL_MAP=email
-      # OAUTH2 ID Token Whitelist Fields.
-      #export OAUTH2_ID_TOKEN_WHITELIST_FIELDS=[]
-      # OAUTH2 Request Permissions.
-      #export OAUTH2_REQUEST_PERMISSIONS=[openid profile email]
       #-----------------------------------------------------------------
       # ==== OAUTH2 KEYCLOAK ====
       # https://github.com/wekan/wekan/wiki/Keycloak  <== MAPPING INFO, REQUIRED