b8be8192fb
do not allow non-admins to register tokens with admin scopes
...
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
07a48b9293
giant massive dep upgrade and dialyxir-found error emporium ( #371 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#371
2022-12-14 12:38:48 +00:00
Tusooa Zhu
95e4018c1a
Disconnect streaming sessions when token is revoked
...
Use Websockex to replace websocket_client
Test that server will disconnect websocket upon token revocation
Lint
Execute session disconnect in background
Refactor streamer test
allow multi-streams
rebase websocket change
2022-08-27 19:07:48 +01:00
618cf7ff7f
reuse valid oauth tokens ( #182 )
...
Reviewed-on: AkkomaGang/akkoma#182
2022-08-25 14:37:51 +00:00
8d7b63a766
Revert "Fix oauth2 (for real) ( #179 )"
...
This reverts commit aa681d7e15
.
2022-08-21 17:52:02 +01:00
aa681d7e15
Fix oauth2 (for real) ( #179 )
...
Reviewed-on: AkkomaGang/akkoma#179
2022-08-21 16:24:37 +00:00
b0130bfa7b
Revert "oauth2 fixes ( #177 )"
...
This reverts commit 429e2ac832
.
2022-08-21 16:22:15 +01:00
429e2ac832
oauth2 fixes ( #177 )
...
Reviewed-on: AkkomaGang/akkoma#177
2022-08-21 14:46:52 +00:00
5b4d77eaa7
maintenance: dependency upgrade ( #81 )
...
Reviewed-on: AkkomaGang/akkoma#81
2022-07-18 00:56:35 +00:00
Tusooa Zhu
c6652fccae
Make mfa pages translatable
2022-06-29 20:45:03 +01:00
Tusooa Zhu
8f8d2abb12
Make oauth pages translatable
2022-06-29 20:44:48 +01:00
0d012ebea1
Revert "Merge branch 'remove/mastofe' into 'develop'"
...
This reverts commit 6b3842cf50
, reversing
changes made to 6b1282a829
.
2022-01-08 21:44:37 +00:00
Alex Gleason
f5c3d45120
Merge remote-tracking branch 'origin/develop' into apps-api-endpoint
2021-12-27 18:01:25 -06:00
Sean King
33f063204e
Add unit test for Pleroma API app controller
2021-08-28 23:18:12 -06:00
Sean King
6519732045
GET /api/v1/apps endpoint
2021-08-25 21:01:04 -06:00
Sean King
5d279a22b1
Merge develop branch upstream
2021-07-10 11:04:16 -06:00
Alex Gleason
45b7325b9e
Refactor skipped plugs into Pleroma.Web functions
...
Speeds up recompilation by reducing compile cycles
2021-06-08 19:15:04 -05:00
Alex Gleason
b99f60615c
Fix order of Pleroma.Web.Utils.Params aliases
2021-06-08 12:50:47 -05:00
Alex Gleason
ec65b7ae29
Pleroma.Web.Params --> Pleroma.Web.Utils.Params
2021-06-08 12:50:47 -05:00
Alex Gleason
0877b120c3
Pleroma.Web.ControllerHelper.truthy_param?/1 --> Pleroma.Web.Params.truthy_param?/1
...
Breaks cycle in lib/pleroma/web/api_spec/operations/status_operation.ex
2021-06-08 12:50:47 -05:00
Alex Gleason
1399b82f7b
Create WrapperAuthenticator and simplify Authenticator behaviour
...
Speeds up recompilation by reducing compile-time cycles
2021-06-07 18:18:39 -05:00
Sean King
26d2c677b7
Removing trailing space on empty line in OAuth controller
2021-06-04 15:50:57 -06:00
Sean King
839c2c6a12
Fix code mistake in OAuth controller
2021-06-04 14:50:16 -06:00
Sean King
dc4814f0cd
Fix merge conflicts with upstream
2021-06-04 14:42:44 -06:00
Alex Gleason
ad7d4ff8bc
Merge remote-tracking branch 'pleroma/develop' into alias-router-helpers
2021-05-19 12:49:00 -05:00
Alex Gleason
07fed0fda2
Switch to aliasing Router.Helpers
instead of importing
2021-05-18 17:45:30 -05:00
Sean King
4f55d5123b
Remove MastoFE-related backend code and frontend pieces
2021-04-15 22:56:21 -06:00
Alex Gleason
b6a69b5efd
Return token's primary key with POST /oauth/token
2021-03-24 12:50:05 -05:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
...
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/ >;'
2021-01-13 07:49:50 +01:00
Ivan Tashkinov
7fff9c1bee
Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in).
2020-12-09 21:14:39 +03:00
Ivan Tashkinov
d50a3345ae
[ #3112 ] Allowed revoking same-user token from any apps. Added tests.
2020-11-30 21:55:48 +03:00
Ivan Tashkinov
f1b07a2b2b
OAuth form user remembering feature. Local MastoFE login / logout fixes.
2020-11-28 21:51:06 +03:00
Ivan Tashkinov
12a5981cc3
Session token setting on token exchange. Auth-related refactoring.
2020-11-25 21:47:23 +03:00
Ivan Tashkinov
ccc2cf0e87
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks.
2020-11-21 19:47:25 +03:00
Alexander Strizhakov
9f4fe5485b
alias alphabetically order
2020-10-13 16:43:59 +03:00
Alexander Strizhakov
011525a3d1
EnsurePublicOrAuthenticatedPlug module name
2020-10-13 16:43:57 +03:00
Alexander Strizhakov
a6d8cef33e
OAuthScopesPlug module name
2020-10-13 16:43:54 +03:00
Alexander Strizhakov
4b1863ca4e
RateLimiter module name
2020-10-13 16:43:53 +03:00
Alexander Strizhakov
b5b4395e4a
oauth consistency
2020-10-13 16:38:18 +03:00