oadmin/sub2api
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
3,078 Commits 2 Branches 0 Tags
8cf83c984e10042eaddcb687cc0702f935c2b663
Commit Graph

1566 Commits

Author SHA1 Message Date
IanShaw027
147ed42ad3 fix: restrict payment return urls to internal result page 2026-04-21 14:10:30 +08:00
IanShaw027
62ff2d803f fix: normalize chat completions service tier 2026-04-21 13:56:02 +08:00
IanShaw027
ace082066a fix: honor ws transport when scheduler is disabled 2026-04-21 13:50:55 +08:00
IanShaw027
65efef1eee feat: support replacing bound primary email 2026-04-21 13:47:15 +08:00
IanShaw027
0934f737d5 fix: snapshot merchant identity for alipay and easypay 2026-04-21 13:35:54 +08:00
IanShaw027
267844ebe6 fix: fail closed for legacy refund provider resolution 2026-04-21 13:10:59 +08:00
IanShaw027
64e401e224 fix: tighten payment legacy fallback paths 2026-04-21 13:03:53 +08:00
IanShaw027
276ce052a3 fix: align payment recovery query refs and resume authority 2026-04-21 13:01:21 +08:00
IanShaw027
119f784d19 fix: validate wxpay payments against order snapshots 2026-04-21 12:57:35 +08:00
IanShaw027
35aeeaa6e1 fix: pin payment read paths to provider snapshots 2026-04-21 12:50:55 +08:00
IanShaw027
561405ab00 feat: add payment order provider snapshots 2026-04-21 12:41:27 +08:00
IanShaw027
9742796ee7 fix: retire public payment verify and backfill trade no 2026-04-21 11:41:02 +08:00
IanShaw027
f398650166 fix: harden oidc compat email and email bind tx 2026-04-21 11:00:08 +08:00
IanShaw027
7e89bca5e6 fix: tighten pending oauth email routing and binding state 2026-04-21 10:41:29 +08:00
IanShaw027
dcd5c43da4 feat: complete email binding and pending oauth verification flows 2026-04-21 10:00:06 +08:00
IanShaw027
6da08262d7 feat avatar compress uploads to 20kb 2026-04-21 08:53:59 +08:00
Wesley Liddick
ffc9c38722 Merge pull request #1766 from touwaeriol/fix/codex-drop-removed-models 
fix(openai): drop removed Codex models and fix normalization fallback side-effects
 2026-04-21 08:50:00 +08:00
IanShaw027
2626e8f22c fix legacy email identity backfill grants 2026-04-21 08:28:48 +08:00
IanShaw027
09351e9459 fix auth completion and payment resume hardening 2026-04-21 08:23:26 +08:00
IanShaw027
ebe7524415 fix profile activity and migration remediation 2026-04-21 02:08:56 +08:00
IanShaw027
a27a7add3d fix payment resume result consistency 2026-04-21 02:08:34 +08:00
IanShaw027
e12599c1b9 fix settings auth source default persistence 2026-04-21 02:08:04 +08:00
IanShaw027
7c6491c2d3 fix auth pending session hardening 2026-04-21 01:45:25 +08:00
IanShaw027
1d8432b8a4 fix: harden payment resume and wxpay webhook routing 2026-04-21 01:40:56 +08:00
IanShaw027
ea27ac6fd7 fix: unify email identity sync and retry first-bind defaults 2026-04-21 01:00:59 +08:00
IanShaw027
067eb23d8e Tighten WeChat OAuth capability mode selection 2026-04-21 00:46:40 +08:00
IanShaw027
e4fe9fae2a Fix profile refresh identity compatibility 2026-04-21 00:42:55 +08:00
IanShaw027
55e8dd550a Tighten WeChat payment resume flow 2026-04-21 00:33:23 +08:00
IanShaw027
1521d50399 fix: apply email first-bind defaults on legacy login 2026-04-21 00:31:52 +08:00
IanShaw027
bf3ef2d19a add admin user last used support 2026-04-21 00:22:17 +08:00
IanShaw027
b79052aaf2 Decouple email sync tests from local stubs 2026-04-21 00:16:06 +08:00
IanShaw027
16be82b959 fix payment visible methods and resume recovery 2026-04-21 00:14:05 +08:00
IanShaw027
5d58c7c6fb Add auth identity legacy backfill and email sync 2026-04-21 00:13:40 +08:00
IanShaw027
9204145746 Close profile identity and avatar loop 2026-04-21 00:11:03 +08:00
IanShaw027
9e84e2fd2b fix: persist admin payment visibility and scheduler settings 2026-04-21 00:05:17 +08:00
IanShaw027
7ef7fd19e7 fix: restore wechat payment oauth and jsapi flow 2026-04-20 23:34:57 +08:00
IanShaw027
724f8e89a1 feat: resolve auth identity migration reports 2026-04-20 22:29:21 +08:00
IanShaw027
452e55a53c feat: add admin auth identity repair binding 2026-04-20 22:22:14 +08:00
IanShaw027
3bd3027251 feat: expose auth identity migration reports 2026-04-20 22:05:33 +08:00
erio
bbc4aed3d9 fix(openai): 移除已下线 Codex 模型并修复归一化兜底副作用 
- backend: 删除 gpt-5 / 5.1 / 5.1-codex / 5.1-codex-max / 5.1-codex-mini / 5.2-codex / 5.4-nano 的内置映射与 DefaultModels 条目
- backend: normalizeCodexModel 默认兜底由 gpt-5.1 改为 gpt-5.4,gpt-5.3-codex-spark 独立保留映射
- backend: 修复 isOpenAIGPT54Model 与 shouldAutoInjectPromptCacheKeyForCompat 对 claude / gpt-4o 的误判(之前依赖 gpt-5.1 作为非 GPT 族的隐式 sentinel,改后需要显式前缀守卫)
- backend: 清理 billing_service 中已不可达的 fallback 价格与 switch 分支
- frontend: 从白名单、OpenCode 配置、预设映射中移除已下线模型
- 同步更新所有相关单测

Refs: #1758, parallels upstream #1759 but adds downstream guard fixes
 2026-04-20 22:01:41 +08:00
IanShaw027
b309822199 fix: tighten legacy payment provider resolution 2026-04-20 21:46:24 +08:00
IanShaw027
bdcd3d87e5 fix: resolve unique legacy payment providers 2026-04-20 21:09:38 +08:00
IanShaw027
32059ae9d5 fix: backfill email identities on successful login 2026-04-20 20:58:19 +08:00
IanShaw027
9bebf1c1a6 feat: resolve payment results by resume token 2026-04-20 20:53:46 +08:00
IanShaw027
c0b24aefba feat: snapshot payment provider keys on orders 2026-04-20 20:47:14 +08:00
IanShaw027
e3f69e0246 fix: tighten webhook provider resolution 2026-04-20 20:42:01 +08:00
IanShaw027
7c7924e9fa fix: guard payment fulfillment provider mismatch 2026-04-20 20:31:19 +08:00
IanShaw027
b51bc7ee24 feat: wire payment return url payloads 2026-04-20 20:19:23 +08:00
IanShaw027
fb6204ea8b feat: apply oauth first-bind defaults and pending bind 2fa 2026-04-20 19:53:22 +08:00
erio
79192cf65b feat(payment): harden wxpay config validation with structured errors 
Motivation: platform-certificate mode is being phased out by WeChat (2024-10+,
newly-provisioned merchants already cannot download platform certificates at
all), and wxpay config errors currently surface only when an order is being
created — admins have no feedback at save time. Also, errors were returned as
natural-language strings, leaving the frontend no way to localize them.

Changes:

- backend/internal/payment/provider/wxpay.go
  - Replace fmt.Errorf with structured infraerrors.BadRequest errors:
    - WXPAY_CONFIG_MISSING_KEY    (metadata: key)
    - WXPAY_CONFIG_INVALID_KEY_LENGTH  (metadata: key, expected, actual)
    - WXPAY_CONFIG_INVALID_KEY    (metadata: key) for malformed PEMs
  - Parse privateKey and publicKey PEMs in NewWxpay so malformed keys fail
    at save time instead of at order creation.
  - Keep the pubkey verifier (NewSHA256WithRSAPubkeyVerifier) as the single
    supported verifier; no more loadKeyPair helper.

- backend/internal/service/payment_order.go invokeProvider
  - If CreateProvider or CreatePayment returns a structured ApplicationError,
    pass it through (optionally enriching metadata with provider/instance_id)
    instead of wrapping it as generic PAYMENT_GATEWAY_ERROR — so clients see
    the actual reason code (e.g. WXPAY_CONFIG_MISSING_KEY) and can localize.
  - Simplify a few messages (TOO_MANY_PENDING, DAILY_LIMIT_EXCEEDED,
    PAYMENT_GATEWAY_ERROR, NO_AVAILABLE_INSTANCE) to keyword form with
    metadata for template variables.

- backend/internal/service/payment_config_providers.go
  - New helper validateProviderConfig calls provider.CreateProvider at save
    time. Enabled instances are validated on both Create and Update so admins
    see config errors immediately in the dialog, not later at order creation.
  - Disabled instances are not validated (half-filled drafts are allowed).

- backend/internal/payment/provider/wxpay_test.go
  - Add generateTestKeyPair helper that produces valid RSA-2048 PKCS8/PKIX
    PEMs per test, used by the valid-config baseline (prior fake strings no
    longer pass the eager PEM check).
  - Cover each structured-error branch (missing/invalid-length/malformed PEM).
 2026-04-20 19:49:45 +08:00