Denis Arnst
58b0358600
Merge a6848065e1 into 1d0b7e383a
2026-02-24 13:49:53 +04:00
advplyr
6e0da3bf7a
Fix updating author name merging with same name authors in a different library #4628
CodeQL / Analyze (push) Waiting to run
Build and Push Docker Image / build (push) Waiting to run
Integration Test / build and test (push) Waiting to run
Run Unit Tests / Run Unit Tests (push) Waiting to run
2026-02-21 16:00:38 -06:00
advplyr
fa5fa7b788
Fix server crash on /me/progress/:libraryItemId/:episodeId? when episodeId is not passed in for a podcast library item #5058
CodeQL / Analyze (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
Integration Test / build and test (push) Has been cancelled
Run Unit Tests / Run Unit Tests (push) Has been cancelled
2026-02-14 17:17:12 -06:00
Denis Arnst
a6848065e1
OIDC: Skip nonce for mobile flow to fix app login
...
Some IdPs (e.g. Authentik) don't echo the nonce in the id_token for
the authorization code flow, causing "nonce mismatch, got: undefined"
errors when the mobile app attempts SSO login. The mobile flow already
uses PKCE which provides equivalent replay protection, so nonce is not
needed. Web flow continues to use nonce for defense-in-depth.
2026-02-13 12:35:03 +01:00
Denis Arnst
67f8eb6815
OIDC: Support object-shaped and string group claims
...
The group claim was assumed to always be an array, which crashes with
providers like Zitadel that return an object with role names as keys
(e.g. { "admin": {...}, "user": {...} }). Normalize all common formats:
array, single string, and object (extract keys).
Fixes #4744
2026-02-12 13:25:56 +01:00
Denis Arnst
84b3d4d215
Fix migration crash on upgrade from v2.31.0
...
Removed index definition from Session model since the migration already
creates it. This prevents .sync() from trying to create the index before
migrations run. Also bumped version to 2.34.0 to match migration files.
Fixes: SQLITE_ERROR: no such column: oidcSessionId
2026-02-07 22:19:33 +01:00
Denis Arnst
e428ba5657
OIDC: Fix CodeQL warnings
2026-02-05 20:31:07 +01:00
Denis Arnst
c2a7615319
OIDC: Improve error messages
2026-02-05 20:10:18 +01:00
Denis Arnst
49aeb2da19
Require email_verified to be explicitly true when enforcement is enabled
...
Previously the check only rejected email_verified === false, allowing
logins when the claim was missing entirely. Since the admin opted in,
the IdP is expected to provide the claim.
2026-02-05 19:56:58 +01:00
Denis Arnst
b3d63f4158
Fix backchannel logout always returning 501
...
global.ServerSettings is a plain JSON object from toJSON(), so the
isOpenIDAuthSettingsValid getter was always undefined. Use
Database.serverSettings instead, matching the rest of the codebase.
2026-02-05 19:35:50 +01:00
Denis Arnst
073eff74ef
Add OIDC Back-Channel Logout support
...
Implement OIDC Back-Channel Logout 1.0 (RFC). When enabled, the IdP can
POST a signed logout_token JWT to invalidate user sessions server-side.
- Add BackchannelLogoutHandler: JWT verification via jose, jti replay
protection with bounded cache, session destruction by sub or sid
- Add oidcSessionId column to sessions table with index for fast lookups
- Add backchannel logout route (POST /auth/openid/backchannel-logout)
- Notify connected clients via socket to redirect to login page
- Add authOpenIDBackchannelLogoutEnabled toggle in schema-driven settings UI
- Migration v2.34.0 adds oidcSessionId column and index
- Polish settings UI: auto-populate loading state, subfolder dropdown
options, KeyValueEditor fixes, localized descriptions via descriptionKey,
duplicate key detection, success/error toasts
- Localize backchannel logout toast (ToastSessionEndedByProvider)
- OidcAuthStrategy tests now use real class via require-cache stubbing
2026-02-05 17:55:10 +01:00
Denis Arnst
33bee70a12
Revamp OIDC auth: remove Passport wrapper, add schema-driven settings UI
...
- Remove Passport.js wrapper from OIDC auth, use openid-client directly
- Add schema-driven OIDC settings UI (OidcSettingsSchema.js drives form rendering)
- Add group mapping with KeyValueEditor (explicit mapping or legacy direct name match)
- Add scopes configuration (authOpenIDScopes)
- Add verified email enforcement option (authOpenIDRequireVerifiedEmail)
- Fix group claim validation rejecting URN-style claims (#4744 )
- Add auto-discover endpoint for OIDC provider configuration
- Store oidcIdToken in sessions table instead of cookie
- Add AuthError class for structured error handling in auth flows
- Migration v2.33.0 adds oidcIdToken column and new settings fields
2026-02-05 17:54:59 +01:00
advplyr
122fc34a75
Fix server crash filtering by decade with collapsed series
CodeQL / Analyze (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
Integration Test / build and test (push) Has been cancelled
Run Unit Tests / Run Unit Tests (push) Has been cancelled
2025-12-24 17:07:05 -06:00
advplyr
04eb3bc437
Fix server crash on audible match #4931
2025-12-23 16:44:29 -06:00
advplyr
7b37c98e88
Book tags genres dedupe ( #4927 )
...
* Update Audible provider dedupe genres/tags and return tags as array
* Update custom metadata provider to dedupe tags/genres and return tags as array
2025-12-21 15:38:34 -06:00
advplyr
e003544edd
Merge pull request #4766 from TN-SKYC/Authors-bug
...
Bug in matching author of a book when this author already exists in the db.
2025-12-21 14:49:37 -06:00
advplyr
076ece6fe7
Auto-formatting
2025-12-21 14:45:04 -06:00
mikiher
d7bfccdc4a
BackupManager: Remove backup fallback logic
2025-12-01 18:54:43 +02:00
mikiher
5f1edcb609
Wrap ensureDir in try-catch blocks
2025-12-01 18:00:34 +02:00
Finn Dittmar
a5d2c1bd64
Fix Upload Lookup
2025-11-29 11:02:42 +01:00
Finn Dittmar
3e9ca51088
Fix region parameter extraction in findChapters
2025-11-27 21:40:29 +01:00
advplyr
763d8810e3
Update Stream ac3/eac3 check
2025-11-08 17:08:43 -06:00
Finn Dittmar
3316505d1c
Really makes sure nothing can break
2025-11-07 19:12:38 +01:00
Finn Dittmar
2cf6e8a5fe
Support eac3
2025-11-07 19:02:32 +01:00
Tomasz N.
961d066bdd
Wrong branch.
2025-10-31 15:39:12 +01:00
Tomasz N.
372c9a5322
Increasing the timeout for bookfinder - some metadata providers heavily throttle the requests, original 10s is not enough.
2025-10-31 15:36:47 +01:00
Tomasz N.
a5750deaaf
The key change: Move the Database.bookAuthorModel.create() block outside the if (!author) check,
...
so it runs whether the author was just created OR already existed in the database.
This bug was visible when using "Match Books" for a library and the outcome was books had no author(s) assigned
despite the custom providers correctly providing those values.
2025-10-22 23:02:49 +02:00
advplyr
a92ba564bd
Merge pull request #4750 from mikiher/providers-api
...
Add metadata providers API and use them on web client
2025-10-21 17:24:11 -05:00
advplyr
e684a8dc43
Update JSDocs & auto-formatting of PodcastFinder
2025-10-21 17:22:10 -05:00
mikiher
57c7b123f0
Fix codeQL error: Return json error object
2025-10-21 11:00:29 +03:00
mikiher
fd593caafc
SearchController: simplify query param validation logic
2025-10-21 09:38:35 +03:00
advplyr
d0a3f74710
Merge pull request #4756 from Vito0912/tokenExpiry
...
CodeQL / Analyze (push) Waiting to run
Build and Push Docker Image / build (push) Waiting to run
Integration Test / build and test (push) Waiting to run
Run Unit Tests / Run Unit Tests (push) Waiting to run
Change token expiry
2025-10-20 17:19:54 -05:00
advplyr
b1921e7034
Fix podcast failed to parse rss feed when feed is not using CData in content:encoded #4757
CodeQL / Analyze (push) Waiting to run
Build and Push Docker Image / build (push) Waiting to run
Integration Test / build and test (push) Waiting to run
Run Unit Tests / Run Unit Tests (push) Waiting to run
2025-10-19 17:25:18 -05:00
mikiher
b01e7570d3
Remove custom providers from library filterdata request
2025-10-19 10:54:26 +03:00
mikiher
0a8662d198
Merge providers API into a single endpoint
2025-10-19 10:53:27 +03:00
Finn Dittmar
0a4de61eff
Chnage Auth Expiry
2025-10-19 09:22:12 +02:00
mikiher
0a82d6a41b
CoverSearchManager: Fix broken podcast cover search
2025-10-17 08:11:03 +03:00
mikiher
3f6162f53c
CodeQL fix: limit parameter sizes
2025-10-15 18:54:29 +03:00
mikiher
888190a6be
Fix codeQL failures
2025-10-15 18:28:15 +03:00
mikiher
1da3ab7fdc
ApiRouter: New provider API routes
2025-10-14 18:10:12 +03:00
mikiher
4f30cbf2f6
SearchController: New providers API, query param validation
2025-10-14 18:09:32 +03:00
advplyr
a87ea32715
Fix admin user unable to close sessions of other users #4746
CodeQL / Analyze (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
Integration Test / build and test (push) Has been cancelled
Run Unit Tests / Run Unit Tests (push) Has been cancelled
2025-10-13 09:50:01 -05:00
advplyr
feed827223
Update settings update endpoint to validate allowedOrigins is array
CodeQL / Analyze (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
Integration Test / build and test (push) Has been cancelled
Run Unit Tests / Run Unit Tests (push) Has been cancelled
2025-10-10 18:00:37 -05:00
mikiher
20de2ea388
Add "Best" option to book cover search
2025-10-03 08:23:53 +03:00
mikiher
dbb5ee79ac
Revert removal of audiobookcovers provider
2025-10-03 08:20:56 +03:00
mikiher
c6dabd2620
Shorten timeout and error message for remaining providers
2025-10-02 22:23:12 +03:00
mikiher
26f949b9ba
Remove audiobookcovers from provider list
2025-10-02 22:14:48 +03:00
mikiher
7630dbdcb7
Replace cover search with streaming version
2025-10-02 13:30:03 +03:00
mikiher
a164c17d38
Reduce provider timout to 10 secs, Shorten error message
2025-10-02 13:26:05 +03:00
advplyr
03da194953
Update for nextjs client, pass all remaining requests through to nextjs
CodeQL / Analyze (push) Has been cancelled
Build and Push Docker Image / build (push) Has been cancelled
Integration Test / build and test (push) Has been cancelled
Run Unit Tests / Run Unit Tests (push) Has been cancelled
2025-09-28 09:41:15 -05:00
