Commit graph

74 commits

Author SHA1 Message Date
Mark Felder
54e2af8293 Merge branch 'develop' into fix/ldap-auth-issues 2020-08-07 14:55:22 -05:00
Mark Felder
0f9aecbca4 Remove fallback to local database when LDAP is unavailable.
In many environments this will not work as the LDAP password and the copy stored in Pleroma will stay synchronized.
2020-08-05 08:18:16 -05:00
Mark Felder
f7146583e5 Remove LDAP mail attribute as a requirement for registering an account 2020-08-05 08:15:57 -05:00
Alex Gleason
184742af5e
Unique apps.client_id for new installations, fixes 2020-08-04 13:31:40 -05:00
Alex Gleason
15f8921b11
Test that unapproved users can never log in regardless of admin settings 2020-07-17 12:26:52 -05:00
Alex Gleason
e4e5577818
Prevent unapproved users from logging in 2020-07-12 22:55:26 -05:00
Alex Gleason
b46811a074
Upgrade Comeonin to v5
https://github.com/riverrun/comeonin/blob/master/UPGRADE_v5.md
2020-05-12 17:14:59 -05:00
Maksim
3d0c567fbc Pleroma.Web.TwitterAPI.TwoFactorAuthenticationController -> Pleroma.Web.PleromaAPI.TwoFactorAuthenticationController 2020-05-07 08:14:54 +00:00
Haelwenn
e999c67cee Merge branch 'feature/funkwhale-audio' into 'develop'
Add support for funkwhale Audio activity

Closes  and 

See merge request 
2020-03-29 19:18:22 +00:00
Ivan Tashkinov
1c05f539aa Improved in-test clear_config/n applicability (setup / setup_all / in-test usage). 2020-03-20 18:33:00 +03:00
Ivan Tashkinov
ec3719f539 Improved in-test config management functions. 2020-03-18 20:30:31 +03:00
Haelwenn (lanodan) Monnier
863ec33ba2
Add support for funkwhale Audio activity
reel2bits fixture not included as it lacks the Actor fixture for it.

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1624
Closes: https://git.pleroma.social/pleroma/pleroma/issues/764
2020-03-11 13:46:42 +01:00
Mark Felder
05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Haelwenn (lanodan) Monnier
6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Haelwenn (lanodan) Monnier
6c0d869d9d
Bump copyright years of files changed after 2019-01-01
Done via the following command:
git diff 1e6c102b --stat --name-only | cat - | xargs sed -i 's/2017-2018 Pleroma Authors/2017-2019 Pleroma Authors/'
2020-03-02 05:54:56 +01:00
Ivan Tashkinov
4f8c3462a8 Tweaks to clear_config calls in tests in order to prevent side effects on config during test suite execution. 2020-02-13 21:55:47 +03:00
Maksim Pechnikov
108a39c876 updated error messages for authentication process 2020-01-17 15:01:37 +03:00
Ivan Tashkinov
39ce894a07 Merge remote-tracking branch 'remotes/origin/develop' into 1478-oauth-admin-scopes-tweaks
# Conflicts:
#	lib/pleroma/user.ex
2020-01-10 16:18:32 +03:00
Ivan Tashkinov
6c94b7498b [] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests. 2020-01-10 10:52:21 +03:00
Ivan Tashkinov
7973cbdb9f OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage. 2019-12-15 22:32:42 +03:00
Ivan Tashkinov
81b05340e9 [] Graceful clearance of OAuth admin scopes for non-admin users (no error raised).
PleromaFE and other clients may safely request admin scope(s): if user isn't an admin, request is successful but only non-admin scopes from request are granted.
2019-12-12 16:00:06 +03:00
AkiraFukushima
e1fc6cb78f Check client and token in GET /oauth/authorize 2019-11-05 23:52:47 +09:00
Ivan Tashkinov
10ff01acd9 [] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 21:59:21 +03:00
Ivan Tashkinov
06b3bb54c5 Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-06 11:43:49 +03:00
Ivan Tashkinov
64095961fe [] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-02 20:42:40 +03:00
Maxim Filippov
0f9c2c8b87 Send an identifier alongside with error message in OAuthController 2019-10-01 18:10:04 +03:00
Maksim Pechnikov
3d722dc200 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-26 16:16:30 +03:00
Egor Kislitsyn
209395c7e6 Add User.change_info/2 and User.update_info/2 2019-09-24 19:50:07 +07:00
Maksim Pechnikov
d75d0ae134 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-24 08:06:04 +03:00
Maksim Pechnikov
179fa32dd5 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-23 21:41:57 +03:00
Maxim Filippov
6f25668215 Admin API: Add ability to force user's password reset 2019-09-22 16:08:07 +03:00
Ivan Tashkinov
6f67aed3ac [] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	lib/pleroma/web/admin_api/admin_api_controller.ex
2019-09-19 10:59:09 +03:00
Haelwenn (lanodan) Monnier
447514dfa2
Bump copyright years of files changed in 2019
Done via the following command:
git diff 1e6c102bfc --stat --name-only | cat - | xargs sed -i 's/2017-2018 Pleroma Authors/2017-2019 Pleroma Authors/'
2019-09-18 23:21:11 +02:00
Ivan Tashkinov
e6f43a831b [] Permissions-related fixes / new functionality (Masto 2.4.3 scopes). 2019-09-15 18:22:08 +03:00
Maksim Pechnikov
ab2f21e470 tests for mastodon_api_controller.ex 2019-09-06 21:50:00 +03:00
Maksim
a320358703 added test helpers to clear config after tests 2019-08-19 15:34:29 +00:00
Sergey Suprunenko
05b5af8075 Add tests for users tasks and PleromaAuthenticator 2019-07-22 02:43:15 +00:00
Ivan Tashkinov
9f45f93949 Added more redirect_uri checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
Ivan Tashkinov
4b2c29016c [] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. 2019-06-12 21:30:06 +03:00
Maksim
620908a2db [] add worker to clean expired oauth tokens 2019-05-22 15:44:50 +00:00
Maksim
52297920e7 Refactoring oauth response. 2019-05-14 14:49:45 +00:00
Alexander Strizhakov
a2be420f94 differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
2019-05-13 18:35:45 +00:00
Maksim
1040caf096 fix format
Modified-by: Maksim Pechnikov <parallel588@gmail.com>
2019-05-06 17:51:03 +00:00
Ivan Tashkinov
9256d2d4b4 [] Refactored OAuthController#authorize definitions, added test. 2019-04-21 10:51:32 +03:00
Ivan Tashkinov
c3f12cf3c3 [] OAuth consumer params handling refactoring.
Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic.
2019-04-10 21:40:38 +03:00
Ivan Tashkinov
bffddf5e31 [] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
#	docs/config.md
#	test/support/factory.ex
2019-04-08 12:20:26 +03:00
eugenijm
7aa53d52bd Return 403 on oauth token exchange for a deactivated user 2019-04-06 23:27:55 +03:00
Ivan Tashkinov
47a236f753 [] OAuth consumer mode refactoring, new tests, tests adjustments, readme. 2019-04-05 15:12:02 +03:00
Ivan Tashkinov
3e7f2bfc2f [] OAuthController#callback adjustments (with tests). 2019-04-05 09:19:17 +03:00
Ivan Tashkinov
f7cd9131d4 [] OAuth consumer controller tests. Misc. improvements. 2019-04-04 22:41:03 +03:00