Ivan Tashkinov
|
a781f41f96
|
[#2497] Media preview proxy: misc. improvements (`static` param support, dynamic fifo pipe path), refactoring.
|
2020-09-16 22:30:42 +03:00 |
rinpatch
|
0254696e30
|
Merge branch 'feature/1790-oban-overuse-clear-oauth-token' into 'develop'
Feature/1790 removing expired tokens through Oban scheduled jobs
See merge request pleroma/pleroma!2957
|
2020-09-10 18:45:04 +00:00 |
Alexander Strizhakov
|
7dd986a563
|
expire mfa tokens through Oban
|
2020-09-10 16:01:19 +03:00 |
Ivan Tashkinov
|
cad69669fc
|
[#2130] Fixed OAuth OOB authentication for users with enabled MFA.
|
2020-09-09 22:44:38 +03:00 |
Ivan Tashkinov
|
135ae4e35a
|
[#2025] Defaulted OAuth login scopes choice to all scopes when user selects no scopes.
|
2020-08-06 16:00:00 +03:00 |
Ivan Tashkinov
|
27b0a8b155
|
[#1985] Prevented force login on registration if account approval and/or email confirmation needed.
Refactored login code in OAuthController, reused in AccountController. Added tests.
|
2020-07-31 14:13:38 +03:00 |
Alex Gleason
|
e4e5577818
|
Prevent unapproved users from logging in
|
2020-07-12 22:55:26 -05:00 |
lain
|
59540131c1
|
Credo fixes.
|
2020-06-29 14:09:03 +02:00 |
lain
|
bb168ed94a
|
OAuth: Extract view-type functions to a view.
|
2020-06-29 13:39:09 +02:00 |
Haelwenn
|
54bae06b4f
|
Create Pleroma.Maps.put_if_present(map, key, value, value_fun // &{:ok, &1})
Unifies all the similar functions to one and simplify some blocks with it.
|
2020-06-05 14:48:02 +00:00 |
Maksim
|
3d0c567fbc
|
Pleroma.Web.TwitterAPI.TwoFactorAuthenticationController -> Pleroma.Web.PleromaAPI.TwoFactorAuthenticationController
|
2020-05-07 08:14:54 +00:00 |
Ivan Tashkinov
|
00e62161f6
|
[#2409] Tested all auth setup configs in AuthTestControllerTest. Adjusted :skip_plug definitions for some endpoints.
|
2020-04-24 16:52:38 +03:00 |
Ivan Tashkinov
|
fc81e5a49c
|
Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled).
|
2020-04-06 10:20:44 +03:00 |
Haelwenn (lanodan) Monnier
|
6da6540036
|
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
|
2020-03-02 06:08:45 +01:00 |
Mark Felder
|
d770cffce0
|
Merge branch 'develop' into issue/1280
|
2020-01-26 11:23:05 -06:00 |
Haelwenn (lanodan) Monnier
|
5c533e10e7
|
Bump credo to 1.1.5
|
2020-01-20 12:17:14 +01:00 |
Maksim Pechnikov
|
108a39c876
|
updated error messages for authentication process
|
2020-01-17 15:01:37 +03:00 |
Ivan Tashkinov
|
6c94b7498b
|
[#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests.
|
2020-01-10 10:52:21 +03:00 |
Ivan Tashkinov
|
51111e286b
|
[#1427] Initial support for OAuth admin scopes.
|
2019-11-29 18:57:19 +03:00 |
lain
|
1ca7b877a1
|
Merge branch 'iss-1376' into 'develop'
Check client and token in GET /oauth/authorize
See merge request pleroma/pleroma!1940
|
2019-11-11 12:27:33 +00:00 |
Steven Fuchs
|
94627baa5c
|
New rate limiter
|
2019-11-11 12:13:06 +00:00 |
AkiraFukushima
|
e1fc6cb78f
|
Check client and token in GET /oauth/authorize
|
2019-11-05 23:52:47 +09:00 |
Ivan Tashkinov
|
10ff01acd9
|
[#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP.
|
2019-10-16 21:59:21 +03:00 |
Ivan Tashkinov
|
28fb98d69e
|
Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
# CHANGELOG.md
|
2019-10-07 11:06:30 +03:00 |
Ivan Tashkinov
|
06b3bb54c5
|
Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
# CHANGELOG.md
# lib/pleroma/web/mastodon_api/controllers/account_controller.ex
# lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
# lib/pleroma/web/router.ex
|
2019-10-06 11:43:49 +03:00 |
Ivan Tashkinov
|
f459aabdfa
|
Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
# CHANGELOG.md
|
2019-10-06 09:30:49 +03:00 |
Egor Kislitsyn
|
d3ac4e8083
|
Fix OAuthController
|
2019-10-04 13:30:46 +07:00 |
Ivan Tashkinov
|
64095961fe
|
[#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
# CHANGELOG.md
# lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
# lib/pleroma/web/router.ex
|
2019-10-02 20:42:40 +03:00 |
Maxim Filippov
|
0f9c2c8b87
|
Send an identifier alongside with error message in OAuthController
|
2019-10-01 18:10:04 +03:00 |
Ivan Tashkinov
|
6ffa2b5f66
|
[#1260] Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
# CHANGELOG.md
|
2019-09-30 17:41:20 +03:00 |
Maxim Filippov
|
6f25668215
|
Admin API: Add ability to force user's password reset
|
2019-09-22 16:08:07 +03:00 |
Ivan Tashkinov
|
e7afb67c5c
|
[#1260] Rate-limiting for create authentication and related requests.
|
2019-09-17 16:16:11 +03:00 |
Ivan Tashkinov
|
b63faf9819
|
[#1234] Mastodon 2.4.3 hierarchical scopes initial support (WIP).
|
2019-09-08 15:00:03 +03:00 |
Ariadne Conill
|
b93498eb52
|
constants: add as_public constant and use it everywhere
|
2019-07-29 02:43:19 +00:00 |
Egor Kislitsyn
|
5104f65b69
|
Wrap error messages into gettext helpers
|
2019-07-10 18:10:09 +07:00 |
Ivan Tashkinov
|
64bc7ac619
|
Minor edit (comment).
|
2019-06-18 17:15:26 +03:00 |
Ivan Tashkinov
|
9f45f93949
|
Added more `redirect_uri` checks to prevent redirect to not explicitly listed URI.
|
2019-06-18 17:00:49 +03:00 |
Ivan Tashkinov
|
4b2c29016c
|
[#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring.
|
2019-06-12 21:30:06 +03:00 |
Ivan Tashkinov
|
3eefb274f4
|
OAuth consumer: tests fix, comments, Keycloak config notes.
|
2019-06-05 13:02:13 +03:00 |
Maksim
|
52297920e7
|
Refactoring oauth response.
|
2019-05-14 14:49:45 +00:00 |
Mark Felder
|
498bfdf403
|
Switch to Jason over Poison
|
2019-05-13 15:37:38 -05:00 |
Alexander Strizhakov
|
a2be420f94
|
differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
|
2019-05-13 18:35:45 +00:00 |
Maksim
|
799e1f48b5
|
Refactoring functions for dealing with oauth scopes.
|
2019-05-08 10:52:13 +00:00 |
Maksim
|
1040caf096
|
fix format
Modified-by: Maksim Pechnikov <parallel588@gmail.com>
|
2019-05-06 17:51:03 +00:00 |
Egor
|
b9cdf6d3b9
|
Use `User.get_cached*` everywhere
|
2019-04-22 07:20:43 +00:00 |
Ivan Tashkinov
|
9256d2d4b4
|
[#923] Refactored OAuthController#authorize definitions, added test.
|
2019-04-21 10:51:32 +03:00 |
Ivan Tashkinov
|
128aae05f3
|
[#923] Minor semantic adjustment.
|
2019-04-17 11:33:21 +03:00 |
Ivan Tashkinov
|
c3f12cf3c3
|
[#923] OAuth consumer params handling refactoring.
Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic.
|
2019-04-10 21:40:38 +03:00 |
Ivan Tashkinov
|
bffddf5e31
|
[#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
# docs/config.md
# test/support/factory.ex
|
2019-04-08 12:20:26 +03:00 |
eugenijm
|
7aa53d52bd
|
Return 403 on oauth token exchange for a deactivated user
|
2019-04-06 23:27:55 +03:00 |