Ivan Tashkinov
256ff09aa8
[ #1149 ] Merge remote-tracking branch 'remotes/upstream/develop' into 1149-oban-job-queue
...
# Conflicts:
# lib/pleroma/application.ex
# lib/pleroma/scheduled_activity_worker.ex
# lib/pleroma/web/federator/retry_queue.ex
# lib/pleroma/web/oauth/token/clean_worker.ex
# test/user_test.exs
# test/web/federator_test.exs
2019-08-22 20:59:58 +03:00
stwf
15ef521009
Isolate OAuth.Token.CleanWorker
2019-08-14 11:57:50 -04:00
stwf
51bdf0cab6
use default child_specs
2019-08-14 11:55:17 -04:00
Ivan Tashkinov
0e1c481a94
[ #1149 ] Added more oban workers. Refactoring.
2019-08-13 20:20:26 +03:00
Ariadne Conill
b93498eb52
constants: add as_public constant and use it everywhere
2019-07-29 02:43:19 +00:00
Egor Kislitsyn
5104f65b69
Wrap error messages into gettext helpers
2019-07-10 18:10:09 +07:00
93a0eeab16
Add license/copyright to all project files
2019-07-10 05:13:23 +00:00
Maksim
a0c4ebb4d7
[ #184 ] small refactoring reset password
2019-06-24 19:01:56 +00:00
Ivan Tashkinov
64bc7ac619
Minor edit (comment).
2019-06-18 17:15:26 +03:00
Ivan Tashkinov
9f45f93949
Added more redirect_uri
checks to prevent redirect to not explicitly listed URI.
2019-06-18 17:00:49 +03:00
kaniini
52b1b0e45d
Merge branch '963_oob_oauth_redirect_fix' into 'develop'
...
[#963 ] No redirect on OOB OAuth authorize request with existing authorization
See merge request pleroma/pleroma!1276
2019-06-15 13:45:50 +00:00
Alexander Strizhakov
c2ca1f22a2
it is changed in compile time
...
we can't change module attributes and endpoint settings in runtime
2019-06-14 15:45:05 +00:00
Ivan Tashkinov
4b2c29016c
[ #963 ] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring.
2019-06-12 21:30:06 +03:00
Ivan Tashkinov
3eefb274f4
OAuth consumer: tests fix, comments, Keycloak config notes.
2019-06-05 13:02:13 +03:00
Maksim
620908a2db
[ #699 ] add worker to clean expired oauth tokens
2019-05-22 15:44:50 +00:00
Alexander Strizhakov
7ed682213f
Fix/902 random compile failing
2019-05-17 07:25:20 +00:00
Maksim
52297920e7
Refactoring oauth response.
2019-05-14 14:49:45 +00:00
Mark Felder
498bfdf403
Switch to Jason over Poison
2019-05-13 15:37:38 -05:00
Alexander Strizhakov
a2be420f94
differences_in_mastoapi_responses.md: fullname & bio are optionnal
...
[ci skip]
2019-05-13 18:35:45 +00:00
Maksim
799e1f48b5
Refactoring functions for dealing with oauth scopes.
2019-05-08 10:52:13 +00:00
Maksim
1040caf096
fix format
...
Modified-by: Maksim Pechnikov <parallel588@gmail.com>
2019-05-06 17:51:03 +00:00
Egor
b9cdf6d3b9
Use User.get_cached*
everywhere
2019-04-22 07:20:43 +00:00
Ivan Tashkinov
9256d2d4b4
[ #923 ] Refactored OAuthController#authorize definitions, added test.
2019-04-21 10:51:32 +03:00
Ivan Tashkinov
128aae05f3
[ #923 ] Minor semantic adjustment.
2019-04-17 11:33:21 +03:00
Ivan Tashkinov
c3f12cf3c3
[ #923 ] OAuth consumer params handling refactoring.
...
Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic.
2019-04-10 21:40:38 +03:00
Ivan Tashkinov
bffddf5e31
[ #923 ] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# docs/config.md
# test/support/factory.ex
2019-04-08 12:20:26 +03:00
eugenijm
7aa53d52bd
Return 403 on oauth token exchange for a deactivated user
2019-04-06 23:27:55 +03:00
Ivan Tashkinov
47a236f753
[ #923 ] OAuth consumer mode refactoring, new tests, tests adjustments, readme.
2019-04-05 15:12:02 +03:00
Ivan Tashkinov
3e7f2bfc2f
[ #923 ] OAuthController#callback adjustments (with tests).
2019-04-05 09:19:17 +03:00
Ivan Tashkinov
f7cd9131d4
[ #923 ] OAuth consumer controller tests. Misc. improvements.
2019-04-04 22:41:03 +03:00
Ivan Tashkinov
37925cbe78
Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# lib/pleroma/web/oauth/oauth_controller.ex
# lib/pleroma/web/router.ex
2019-04-02 14:05:34 +03:00
lambda
091baf9316
Merge branch 'features/mastoapi/2.6.0-force-login-option' into 'develop'
...
MastoAPI 2.6.0 `force_login` option
Closes #734
See merge request pleroma/pleroma!999
2019-04-02 10:57:38 +00:00
Egor Kislitsyn
1b3d921921
change Repo.get(User, id)
=> User.get_by_id(id)
2019-04-02 17:01:26 +07:00
Ivan Tashkinov
6910fb371b
Fixed local MastoFE authentication / force_login
option.
2019-04-01 17:25:25 +03:00
Ivan Tashkinov
cbe09d94d1
Added force_login
authentication option (previously applied by default).
2019-04-01 14:46:50 +03:00
Ivan Tashkinov
eadafc88b8
[ #923 ] Deps config adjustment (no override
for httpoison
), code analysis issues fixes.
2019-04-01 09:28:56 +03:00
Ivan Tashkinov
baffdcc480
[ #923 ] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# mix.exs
2019-04-01 08:49:32 +03:00
Ivan Tashkinov
20e0f36605
Merge remote-tracking branch 'remotes/origin/develop' into twitter_oauth
2019-03-27 15:41:40 +03:00
Ivan Tashkinov
2a95014b9d
[ #923 ] OAuth consumer improvements, fixes, refactoring.
2019-03-27 15:39:35 +03:00
Ivan Tashkinov
b0759f821b
Comments split.
2019-03-26 15:24:29 +03:00
Ivan Tashkinov
263ca3dea2
Mastodon-based auth error messages. Defaulted User#auth_active?/1 to true
.
2019-03-26 15:09:06 +03:00
Ivan Tashkinov
af68a42ef7
[ #923 ] Support for multiple OAuth consumer strategies.
2019-03-20 20:25:48 +03:00
rinpatch
9a7b817c9a
Ecto 3.0.5 migration
...
kms
2019-03-20 15:59:54 +03:00
Ivan Tashkinov
e17a9a1f66
[ #923 ] Nickname & email selection for external registrations, option to connect to existing account.
2019-03-20 10:35:31 +03:00
Ivan Tashkinov
26b6354095
[ #923 ] Support for multiple (external) registrations per user via Registration.
2019-03-18 17:23:38 +03:00
Ivan Tashkinov
2a96283efb
[ #923 ] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
...
# Conflicts:
# config/config.exs
# lib/pleroma/web/auth/pleroma_authenticator.ex
2019-03-18 10:26:41 +03:00
lambda
28df397454
Merge branch 'feature/oauth-me' into 'develop'
...
oauth: add me property to token responses
See merge request pleroma/pleroma!942
2019-03-16 08:44:02 +00:00
William Pitcock
e0edc706cf
oauth: add me property to token responses
2019-03-16 01:12:50 +00:00
Ivan Tashkinov
2739057442
Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
2019-03-15 17:11:00 +03:00
Ivan Tashkinov
aacbf0f570
[ #923 ] OAuth: prototype of sign in / sign up with Twitter.
2019-03-15 17:08:03 +03:00
link0ff
54e7087ab4
Merge remote-tracking branch 'upstream/develop' into feature/openldap-support
2019-03-14 17:43:30 +02:00
Haelwenn (lanodan) Monnier
a3a9cec483
[Credo] fix Credo.Check.Readability.AliasOrder
2019-03-13 04:26:54 +01:00
Ivan Tashkinov
63ab61ed3f
Sign in via Twitter (WIP).
2019-03-11 20:37:26 +03:00
link0ff
88a672fe88
Move LDAP code to LDAPAuthenticator. Use Authenticator for token_exchange with grant_type as well
2019-03-03 21:20:36 +02:00
link0ff
19e2b85247
Merge remote-tracking branch 'upstream/develop' into feature/openldap-support
2019-03-03 18:29:37 +02:00
rinpatch
f38c316e6e
Merge branch 'bugfix/oauth-scopes-join' into 'develop'
...
Bugfix: OAuth scopes formatting
Closes #702
See merge request pleroma/pleroma!881
2019-03-02 06:39:07 +00:00
Haelwenn (lanodan) Monnier
b6a001a34c
Web.OAuth.OAuthController: Fix scopes Enum.join for OAuth response
2019-03-02 04:04:16 +01:00
Ivan Tashkinov
3281a3f074
Renamed *DatabaseAuthenticator to *Authenticator.
2019-02-28 14:12:41 +03:00
Ivan Tashkinov
4e77f68414
Added auth_template/0
to DatabaseAuthenticator.
2019-02-28 13:58:58 +03:00
Ivan Tashkinov
b6f915313f
Made auth customization be runtime-configurable.
2019-02-28 13:00:54 +03:00
Ivan Tashkinov
e82b70eb53
Database authenticator behaviour / Pleroma implementation refactoring.
2019-02-26 15:27:01 +03:00
link0ff
e278d47023
OpenLDAP support
2019-02-22 15:03:43 +02:00
Ivan Tashkinov
1097ce6d9f
Auth customization support.
...
OAuthController#create_authorization user retrieval / creation, errors handling, template & layout selection.
2019-02-21 18:55:19 +03:00
Ivan Tashkinov
c0ecbf6669
[ #468 ] Merged upstream/develop
.
2019-02-19 19:10:55 +03:00
kaniini
7456338ed3
Merge branch 'feature/add-oauth-tokens-endpoint' into 'develop'
...
Add OAuth tokens endpoint
See merge request pleroma/pleroma!805
2019-02-18 04:02:41 +00:00
Maxim Filippov
94708d6370
Render only "id", "valid_until" and "app_name" in TokenView
2019-02-17 23:57:35 +03:00
Ivan Tashkinov
bc4f77b10b
[ #468 ] Merged upstream/develop
, resolved conflicts.
2019-02-17 14:07:04 +03:00
Ivan Tashkinov
dcf24a3233
[ #468 ] Refactored OAuth scopes' defaults & missing selection handling.
2019-02-17 13:49:14 +03:00
Ivan Tashkinov
2a4a4f3342
[ #468 ] Defined OAuth restrictions for all applicable routes.
...
Improved missing "scopes" param handling.
Allowed "any of" / "all of" mode specification in OAuthScopesPlug.
Fixed auth UI / behavior when user selects no permissions at /oauth/authorize.
2019-02-15 19:54:37 +03:00
Ivan Tashkinov
027adbc9e5
[ #468 ] Refactored OAuth scopes parsing / defaults handling.
2019-02-14 17:03:19 +03:00
William Pitcock
e9ef4b8da6
oauth: never use base64 padding when returning tokens to applications
...
The normal Base64 alphabet uses the equals sign (=) as a padding character. Since
Base64 strings are self-synchronizing, padding characters are unnecessary, so don't
generate them in the first place.
2019-02-14 01:10:04 +00:00
Ivan Tashkinov
063baca5e4
[ #468 ] User UI for OAuth permissions restriction. Standardized storage format for scopes
fields, updated usages.
2019-02-14 00:29:29 +03:00
Maxim Filippov
760fec4cb8
Update token.ex
2019-02-13 12:59:56 +03:00
Maxim Filippov
62a45bdc11
Add revoke token
2019-02-13 12:59:56 +03:00
Maxim Filippov
61a4bc5095
Add OAuth tokens endpoint
2019-02-13 12:59:56 +03:00
Haelwenn (lanodan) Monnier
d924dc73ba
de-group import/s
2019-02-09 16:31:17 +01:00
Haelwenn (lanodan) Monnier
6a6a5b3251
de-group alias/es
2019-02-09 16:31:17 +01:00
Ivan Tashkinov
4ad843fb9d
[ #468 ] Prototype of OAuth2 scopes support. TwitterAPI scope restrictions.
2019-02-09 17:09:08 +03:00
Ivan Tashkinov
2c68cf7e9e
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
...
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
lain
1825118fd4
Correctly handle invalid credentials on auth login.
...
Closes #407
2019-01-28 11:41:47 +01:00
href
28d77e373c
Flake Ids for Users and Activities
2019-01-23 11:26:27 +01:00
William Pitcock
980b5288ed
update copyright years to 2019
2018-12-31 15:41:47 +00:00
William Pitcock
2791ce9a1f
add license boilerplate to pleroma core
2018-12-23 20:56:42 +00:00
Ivan Tashkinov
b096e30cff
[ #114 ] Added email confirmation resend action. Added tests
...
for registration, authentication, email confirmation, confirmation resending.
Made admin methods create confirmed users.
2018-12-18 17:22:46 +03:00
Ivan Tashkinov
1de0aa2f10
[ #114 ] Account confirmation email, registration as unconfirmed (config-based), auth prevention for unconfirmed.
2018-12-18 17:21:05 +03:00
Maksim Pechnikov
074fa790ba
fix compile warnings
2018-12-09 20:50:08 +03:00
William Pitcock
419ed3a0ca
oauth: fix token decode regression
2018-11-11 05:26:39 +00:00
lain
4f640c43ed
Unify Mastodon Login with OAuth login.
...
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
Haelwenn (lanodan) Monnier
eacab0fb05
Delete Tokens and Authorizations on password change
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/320
2018-10-14 02:14:54 +02:00
Dominique Feyer
801d645c6b
TASK: Fix formatting
2018-09-09 23:42:28 +02:00
Dominique Feyer
b79c126ee0
Add missing URL encoding in create authorization redirect
2018-09-09 23:31:47 +02:00
Martin Kühl
84d84e4ca4
OAuth: Support /revoke endpoint for revoking tokens
...
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl
ad2a7972e7
OAuth: Set created_at
in token exchange response
...
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
lambda
2c303b3302
Merge branch 'bugfix/oauth2-param-name' into 'develop'
...
oauth: support either name or username parameter with grant_type=password
Closes #180
See merge request pleroma/pleroma!219
2018-06-14 07:14:18 +00:00
William Pitcock
5442466569
oauth: fix password-based login when username is email address
...
closes #199
2018-06-14 02:32:30 +00:00
William Pitcock
4894b88b1b
oauth: support either name or username parameter with grant_type=password
...
closes #180
2018-06-14 02:07:43 +00:00
D Anzorge
3607dc4558
Make token exchange return errors with 400 as status code
2018-06-06 03:14:50 +02:00
D Anzorge
73904e8f78
Make OAuth token endpoint work with HTTP Basic auth
...
client_id/client_secret can now be supplied in an Authorization header
2018-06-04 00:59:00 +02:00
lain
ffe028cd73
More warning fixes.
2018-05-07 18:11:37 +02:00
lain
9e6ae44729
Formatting fixes.
2018-04-21 09:43:53 +02:00