AkkomaGang/akkoma
AkkomaGang/akkoma
17
70
Fork 117
Code Issues 148 Pull requests 15 Projects 2 Releases 24 Packages Wiki Activity

oauth2 fixes #177

Merged
floatingghost merged 2 commits from oauth2-fixes into develop 2022-08-21 14:46:53 +00:00
Conversation 0 Commits 2 Files changed 12 +69 -243
floatingghost commented 2022-08-21 14:10:35 +00:00
Owner
Copy link

a lot of the oauth2 weirdness in pleroma was caused by it using the cookie-based session to pull out tokens - this meant that if you were to change frontends (and hence your token), your cookie would change as well, making the backend think you were a new user and skipping any checks for existing authorization

this change more or less removes session store for oauth2 (and honestly we should remove a lot more session stuff, oauth2 doesn't need state as well...)

a lot of the oauth2 weirdness in pleroma was caused by it using the cookie-based session to pull out tokens - this meant that if you were to change frontends (and hence your token), your cookie would change as well, making the backend think you were a new user and skipping any checks for existing authorization this change more or less removes session store for oauth2 (and honestly we should remove a lot more session stuff, oauth2 doesn't need state as well...)
👍 1
Do not use session for oauth tokens
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Details
d5004b02b4
totally ignore session when handling oauth2
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Details
ci/woodpecker/pr/woodpecker Pipeline was successful
Details
4b5e614d9a
floatingghost deleted branch oauth2-fixes 2022-08-21 14:46:53 +00:00
floatingghost referenced this pull request from a commit 2022-08-21 14:46:53 +00:00
oauth2 fixes (#177)
floatingghost referenced this pull request from a commit 2022-08-21 15:22:20 +00:00
Revert "oauth2 fixes (#177)"
rat referenced this pull request from a commit 2024-02-25 20:33:29 +00:00
oauth2 fixes (#177)
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
approved, awaiting change

   
broken setup

Issue arose from a misconfiguration by the admin, custom patches, manual db edits or similar

  
bug

Something is not working

  
cannot reproduce

   
configuration

This requires config changes

  
documentation

This is about human-readable docs

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
extremely low priority

   
feature request

Something new?

  
Fix it yourself

Support has been attempted

  
help wanted

Need some help

  
invalid

Something is wrong

  
mastodon_api

   
needs change/feedback

Issue or PR is stalled on response from the author or a third party

  
needs docs

   
needs tests

   
not a bug

   
not our bug

Bug in a dependency of ours (meaning we can't just fix it), or in another AP implementation or client interfacing with Akkoma (which needs to be fixed on their end)

  
planned

   
pleroma_api

   
privacy

   
question

More information is needed

  
static_fe

   
triage

   
wontfix

This won't be fixed

No labels
approved, awaiting change
broken setup
bug
cannot reproduce
configuration
documentation
duplicate
enhancement
extremely low priority
feature request
Fix it yourself
help wanted
invalid
mastodon_api
needs change/feedback
needs docs
needs tests
not a bug
not our bug
planned
pleroma_api
privacy
question
static_fe
triage
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
AkkomaGang/akkoma!177
No description provided.