37925cbe78
Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# lib/pleroma/web/oauth/oauth_controller.ex
# lib/pleroma/web/router.ex
6 years ago
091baf9316
Merge branch 'features/mastoapi/2.6.0-force-login-option' into 'develop'
...
MastoAPI 2.6.0 `force_login` option
Closes #734
See merge request pleroma/pleroma!999
6 years ago
1b3d921921
change `Repo.get(User, id)` => `User.get_by_id(id)`
6 years ago
6910fb371b
Fixed local MastoFE authentication / `force_login` option.
6 years ago
cbe09d94d1
Added `force_login` authentication option (previously applied by default).
6 years ago
eadafc88b8
[ #923 ] Deps config adjustment (no `override` for `httpoison`), code analysis issues fixes.
6 years ago
baffdcc480
[ #923 ] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# mix.exs
6 years ago
2a95014b9d
[ #923 ] OAuth consumer improvements, fixes, refactoring.
6 years ago
b0759f821b
Comments split.
6 years ago
263ca3dea2
Mastodon-based auth error messages. Defaulted User#auth_active?/1 to `true`.
6 years ago
af68a42ef7
[ #923 ] Support for multiple OAuth consumer strategies.
6 years ago
e17a9a1f66
[ #923 ] Nickname & email selection for external registrations, option to connect to existing account.
6 years ago
26b6354095
[ #923 ] Support for multiple (external) registrations per user via Registration.
6 years ago
2a96283efb
[ #923 ] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# config/config.exs
# lib/pleroma/web/auth/pleroma_authenticator.ex
6 years ago
28df397454
Merge branch 'feature/oauth-me' into 'develop'
...
oauth: add me property to token responses
See merge request pleroma/pleroma!942
6 years ago
e0edc706cf
oauth: add me property to token responses
6 years ago
2739057442
Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
6 years ago
aacbf0f570
[ #923 ] OAuth: prototype of sign in / sign up with Twitter.
6 years ago
54e7087ab4
Merge remote-tracking branch 'upstream/develop' into feature/openldap-support
6 years ago
a3a9cec483
[Credo] fix Credo.Check.Readability.AliasOrder
6 years ago
63ab61ed3f
Sign in via Twitter (WIP).
6 years ago
88a672fe88
Move LDAP code to LDAPAuthenticator. Use Authenticator for token_exchange with grant_type as well
6 years ago
19e2b85247
Merge remote-tracking branch 'upstream/develop' into feature/openldap-support
6 years ago
f38c316e6e
Merge branch 'bugfix/oauth-scopes-join' into 'develop'
...
Bugfix: OAuth scopes formatting
Closes #702
See merge request pleroma/pleroma!881
6 years ago
b6a001a34c
Web.OAuth.OAuthController: Fix scopes Enum.join for OAuth response
6 years ago
3281a3f074
Renamed *DatabaseAuthenticator to *Authenticator.
6 years ago
4e77f68414
Added `auth_template/0` to DatabaseAuthenticator.
6 years ago
b6f915313f
Made auth customization be runtime-configurable.
6 years ago
e82b70eb53
Database authenticator behaviour / Pleroma implementation refactoring.
6 years ago
e278d47023
OpenLDAP support
6 years ago
1097ce6d9f
Auth customization support.
...
OAuthController#create_authorization user retrieval / creation, errors handling, template & layout selection.
6 years ago
bc4f77b10b
[ #468 ] Merged `upstream/develop`, resolved conflicts.
6 years ago
dcf24a3233
[ #468 ] Refactored OAuth scopes' defaults & missing selection handling.
6 years ago
2a4a4f3342
[ #468 ] Defined OAuth restrictions for all applicable routes.
...
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
6 years ago
027adbc9e5
[ #468 ] Refactored OAuth scopes parsing / defaults handling.
6 years ago
e9ef4b8da6
oauth: never use base64 padding when returning tokens to applications
...
The normal Base64 alphabet uses the equals sign (=) as a padding character. Since
Base64 strings are self-synchronizing, padding characters are unnecessary, so don't
generate them in the first place.
6 years ago
063baca5e4
[ #468 ] User UI for OAuth permissions restriction. Standardized storage format for `scopes` fields, updated usages.
6 years ago
6a6a5b3251
de-group alias/es
6 years ago
4ad843fb9d
[ #468 ] Prototype of OAuth2 scopes support. TwitterAPI scope restrictions.
6 years ago
2c68cf7e9e
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
...
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
6 years ago
980b5288ed
update copyright years to 2019
6 years ago
2791ce9a1f
add license boilerplate to pleroma core
6 years ago
b096e30cff
[ #114 ] Added email confirmation resend action. Added tests
...
for registration, authentication, email confirmation, confirmation resending.
Made admin methods create confirmed users.
6 years ago
1de0aa2f10
[ #114 ] Account confirmation email, registration as unconfirmed (config-based), auth prevention for unconfirmed.
6 years ago
074fa790ba
fix compile warnings
6 years ago
419ed3a0ca
oauth: fix token decode regression
6 years ago
4f640c43ed
Unify Mastodon Login with OAuth login.
...
This removes duplication in the login code.
6 years ago
801d645c6b
TASK: Fix formatting
6 years ago
b79c126ee0
Add missing URL encoding in create authorization redirect
6 years ago
84d84e4ca4
OAuth: Support /revoke endpoint for revoking tokens
...
(for compatibility with Mastodon)
6 years ago
Ivan Tashkinov