We would like to move away from the concept of finding and removing pending
jobs. The only place this is used is for album update notifications, and this
is done so that users who initially uploaded assets to an album will also
receive a notification if someone else then adds assets to the same album. This
can also be achieved with a job for each recipient. Multiple jobs also has the
advantage that it will scale better for albums with many users, it's possible
to send notifications concurrently, retries are possible without sending
duplicate notifications, and it's clear what recipient a job failed for.
* bump sharp
* test linking
* link in prod image too
* force global
* keep unnecessary libraries
* override sharp version
* revert dockerfile changes
* add node-gyp and napi
* dev dependency
* fix: ensure oauth state param matches before finishing oauth flow
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* chore: upgrade openid-client to v6
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* feat: use PKCE for oauth2 on supported clients
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* feat: use state and PKCE in mobile app
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: remove obsolete oauth repository init
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: rewrite callback url if mobile redirect url is enabled
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: propagate oidc client error cause when oauth callback fails
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: adapt auth service tests to required state and PKCE params
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: update sdk types
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: adapt oauth e2e test to work with PKCE
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
* fix: allow insecure (http) oauth clients
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
---------
Signed-off-by: Tin Pecirep <tin.pecirep@gmail.com>
Co-authored-by: Jason Rasmussen <jason@rasm.me>
* always patch package when running npm i, install immich CLI outside of directory so post install doesnt run
* handles case where query is an object and defined but origin is not.
* move patch-package from a dev dependency to a normal dependency. Also copy the patches folder for the docker build to use and patch with
* fix Dockerfile
* use query.reject instead of throw for queryError
* package-lock to reflect the dev dependency change
* dont throw the error, just provide an empty string for query.origin if it does not exist
* remove npm link and demote patch-package back to a dev dependency
* modify patch to add defensive check to catch queries that will fail to parse and reject
* add patch-package to dev dependencies
this allows us to patch upstream packages without waiting for PRs to be merged (or not!). Patch-package does a pretty good job of notifying if upstream does a change to invalidate the patch (its a git patch under the hood).
* Patch implementation of https://github.com/porsager/postgres/pull/944
This PR has not been merged by upstream and helps produce verbose error messages when postgres fails to connect (usually incorrect credentials). This is in contrast to error messages such as
`TypeError: Cannot read properties of undefined (reading 'replace'), stack: TypeError: Cannot read properties of undefined (reading 'replace')`
* have postinstall only run when not installing a global package (such as immich-cli in the Docker build)
