Ivan Tashkinov
60b025b782
[ #2074 ] OAuth scope checking in Streaming API.
2020-09-19 19:16:55 +03:00
Ivan Tashkinov
2958a7d246
Fixed OAuth restrictions for :api routes. Made auth info dropped for :api routes if OAuth check was neither performed nor explicitly skipped.
2020-04-22 18:50:25 +03:00
Ivan Tashkinov
f685cbd309
Automatic checks of authentication / instance publicity. Definition of missing OAuth scopes in AdminAPIController. Refactoring.
2020-04-21 16:29:19 +03:00
Ivan Tashkinov
bde1189c34
[ #2349 ] Made :skip_plug/2 prevent plug from being executed even if explicitly called. Refactoring. Tests.
2020-04-15 21:19:16 +03:00
Ivan Tashkinov
fc81e5a49c
Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled).
2020-04-06 10:20:44 +03:00
Haelwenn (lanodan) Monnier
6da6540036
Bump copyright years of files changed after 2020-01-07
...
Done via the following command:
git diff fcd5dd259a
--stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Ivan Tashkinov
7973cbdb9f
OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage.
2019-12-15 22:32:42 +03:00
Ivan Tashkinov
3920244be5
[ #1427 ] Fixed :admin
option handling in OAuthScopesPlug, added tests.
2019-12-11 11:42:02 +03:00
Ivan Tashkinov
40e1817f70
[ #1427 ] Fixes / improvements of admin scopes support. Added tests.
2019-12-06 20:33:47 +03:00
Ivan Tashkinov
e4f3d7f69d
Apply suggestion to lib/pleroma/plugs/oauth_scopes_plug.ex
2019-09-18 10:31:10 +00:00
Ivan Tashkinov
e6f43a831b
[ #1234 ] Permissions-related fixes / new functionality (Masto 2.4.3 scopes).
2019-09-15 18:22:08 +03:00
Ivan Tashkinov
b63faf9819
[ #1234 ] Mastodon 2.4.3 hierarchical scopes initial support (WIP).
2019-09-08 15:00:03 +03:00
Egor Kislitsyn
5104f65b69
Wrap error messages into gettext helpers
2019-07-10 18:10:09 +07:00
Ivan Tashkinov
2a4a4f3342
[ #468 ] Defined OAuth restrictions for all applicable routes.
...
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
2019-02-15 19:54:37 +03:00
Ivan Tashkinov
063baca5e4
[ #468 ] User UI for OAuth permissions restriction. Standardized storage format for scopes
fields, updated usages.
2019-02-14 00:29:29 +03:00
Ivan Tashkinov
4ad843fb9d
[ #468 ] Prototype of OAuth2 scopes support. TwitterAPI scope restrictions.
2019-02-09 17:09:08 +03:00