77000b8ffd
update tests for oauth consumer
2023-12-17 21:48:19 +00:00
eb0dbf6b79
fix oauth consumer mode
...
the previous code passed a state parameter to ueberauth with info
about where to go after the user logged in, etc.
since ueberauth 0.7, this parameter is ignored and oauth state is used
for actual CSRF reasons.
we now set a cookie with the state we need to keep track of, and read
it once the callback happens.
2023-12-17 19:27:36 +00:00
6cb40bee26
Migrate to phoenix 1.7 ( #626 )
...
Closes #612
Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: AkkomaGang/akkoma#626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
87d5e5b06a
Allow moderators to get the admin scope again
...
Fixes #463
2023-03-08 17:39:35 +00:00
Atsuko Karagi
4a78c431cf
Simplified HTTP signature processing
2022-12-19 20:41:48 +00:00
233c4bb3ba
revert 28ab09d377
...
revert Remove unused dependencies
2022-12-19 02:34:46 +00:00
28ab09d377
Remove unused dependencies
2022-12-19 02:26:04 +00:00
3d546409b2
remove now-unused test
2022-12-17 23:21:24 +00:00
52d8183787
drop admin scopes on create app instead of rejecting
2022-12-17 23:14:49 +00:00
b8be8192fb
do not allow non-admins to register tokens with admin scopes
...
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
07a48b9293
giant massive dep upgrade and dialyxir-found error emporium ( #371 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#371
2022-12-14 12:38:48 +00:00
Tusooa Zhu
95e4018c1a
Disconnect streaming sessions when token is revoked
...
Use Websockex to replace websocket_client
Test that server will disconnect websocket upon token revocation
Lint
Execute session disconnect in background
Refactor streamer test
allow multi-streams
rebase websocket change
2022-08-27 19:07:48 +01:00
618cf7ff7f
reuse valid oauth tokens ( #182 )
...
Reviewed-on: AkkomaGang/akkoma#182
2022-08-25 14:37:51 +00:00
8d7b63a766
Revert "Fix oauth2 (for real) ( #179 )"
...
This reverts commit aa681d7e15
2022-08-21 17:52:02 +01:00
aa681d7e15
Fix oauth2 (for real) ( #179 )
...
Reviewed-on: AkkomaGang/akkoma#179
2022-08-21 16:24:37 +00:00
b0130bfa7b
Revert "oauth2 fixes ( #177 )"
...
This reverts commit 429e2ac832
2022-08-21 16:22:15 +01:00
429e2ac832
oauth2 fixes ( #177 )
...
Reviewed-on: AkkomaGang/akkoma#177
2022-08-21 14:46:52 +00:00
5b4d77eaa7
maintenance: dependency upgrade ( #81 )
...
Reviewed-on: AkkomaGang/akkoma#81
2022-07-18 00:56:35 +00:00
Tusooa Zhu
c6652fccae
Make mfa pages translatable
2022-06-29 20:45:03 +01:00
Tusooa Zhu
8f8d2abb12
Make oauth pages translatable
2022-06-29 20:44:48 +01:00
0d012ebea1
Revert "Merge branch 'remove/mastofe' into 'develop'"
...
This reverts commit 6b3842cf506b1282a829
2022-01-08 21:44:37 +00:00
Alex Gleason
f5c3d45120
Merge remote-tracking branch 'origin/develop' into apps-api-endpoint
2021-12-27 18:01:25 -06:00
Sean King
33f063204e
Add unit test for Pleroma API app controller
2021-08-28 23:18:12 -06:00
Sean King
6519732045
GET /api/v1/apps endpoint
2021-08-25 21:01:04 -06:00
Sean King
5d279a22b1
Merge develop branch upstream
2021-07-10 11:04:16 -06:00
Alex Gleason
45b7325b9e
Refactor skipped plugs into Pleroma.Web functions
...
Speeds up recompilation by reducing compile cycles
2021-06-08 19:15:04 -05:00
Alex Gleason
b99f60615c
Fix order of Pleroma.Web.Utils.Params aliases
2021-06-08 12:50:47 -05:00
Alex Gleason
ec65b7ae29
Pleroma.Web.Params --> Pleroma.Web.Utils.Params
2021-06-08 12:50:47 -05:00
Alex Gleason
0877b120c3
Pleroma.Web.ControllerHelper.truthy_param?/1 --> Pleroma.Web.Params.truthy_param?/1
...
Breaks cycle in lib/pleroma/web/api_spec/operations/status_operation.ex
2021-06-08 12:50:47 -05:00
Alex Gleason
1399b82f7b
Create WrapperAuthenticator and simplify Authenticator behaviour
...
Speeds up recompilation by reducing compile-time cycles
2021-06-07 18:18:39 -05:00
Sean King
26d2c677b7
Removing trailing space on empty line in OAuth controller
2021-06-04 15:50:57 -06:00
Sean King
839c2c6a12
Fix code mistake in OAuth controller
2021-06-04 14:50:16 -06:00
Sean King
dc4814f0cd
Fix merge conflicts with upstream
2021-06-04 14:42:44 -06:00
Alex Gleason
ad7d4ff8bc
Merge remote-tracking branch 'pleroma/develop' into alias-router-helpers
2021-05-19 12:49:00 -05:00
Alex Gleason
07fed0fda2
Switch to aliasing Router.Helpers instead of importing
2021-05-18 17:45:30 -05:00
Sean King
4f55d5123b
Remove MastoFE-related backend code and frontend pieces
2021-04-15 22:56:21 -06:00
Alex Gleason
b6a69b5efd
Return token's primary key with POST /oauth/token
2021-03-24 12:50:05 -05:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
...
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/ >;'
2021-01-13 07:49:50 +01:00
Ivan Tashkinov
7fff9c1bee
Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in).
2020-12-09 21:14:39 +03:00
Ivan Tashkinov
d50a3345ae
[ #3112 ] Allowed revoking same-user token from any apps. Added tests.
2020-11-30 21:55:48 +03:00
Ivan Tashkinov
f1b07a2b2b
OAuth form user remembering feature. Local MastoFE login / logout fixes.
2020-11-28 21:51:06 +03:00
Ivan Tashkinov
12a5981cc3
Session token setting on token exchange. Auth-related refactoring.
2020-11-25 21:47:23 +03:00
Ivan Tashkinov
ccc2cf0e87
Session-based OAuth auth fixes (token expiration check), refactoring, tweaks.
2020-11-21 19:47:25 +03:00
Alexander Strizhakov
9f4fe5485b
alias alphabetically order
2020-10-13 16:43:59 +03:00
Alexander Strizhakov
011525a3d1
EnsurePublicOrAuthenticatedPlug module name
2020-10-13 16:43:57 +03:00
Alexander Strizhakov
a6d8cef33e
OAuthScopesPlug module name
2020-10-13 16:43:54 +03:00
Alexander Strizhakov
4b1863ca4e
RateLimiter module name
2020-10-13 16:43:53 +03:00
Alexander Strizhakov
b5b4395e4a
oauth consistency
2020-10-13 16:38:18 +03:00
