8a4437d2be
Allow expires_at in filter requests
...
Fixes #492
2023-03-09 19:13:14 +00:00
87d5e5b06a
Allow moderators to get the admin scope again
...
Fixes #463
2023-03-08 17:39:35 +00:00
9be6caf125
argon2 password hashing ( #406 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#406
2022-12-30 02:46:58 +00:00
3d546409b2
remove now-unused test
2022-12-17 23:21:24 +00:00
52d8183787
drop admin scopes on create app instead of rejecting
2022-12-17 23:14:49 +00:00
6d8e4d5e05
add test for metrics controller
2022-12-16 10:56:17 +00:00
b8be8192fb
do not allow non-admins to register tokens with admin scopes
...
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
1bb8b76311
Fix tests in ldap registration
2022-11-01 14:21:35 +00:00
618cf7ff7f
reuse valid oauth tokens ( #182 )
...
Reviewed-on: AkkomaGang/akkoma#182
2022-08-25 14:37:51 +00:00
8d7b63a766
Revert "Fix oauth2 (for real) ( #179 )"
...
This reverts commit aa681d7e15
.
2022-08-21 17:52:02 +01:00
aa681d7e15
Fix oauth2 (for real) ( #179 )
...
Reviewed-on: AkkomaGang/akkoma#179
2022-08-21 16:24:37 +00:00
b0130bfa7b
Revert "oauth2 fixes ( #177 )"
...
This reverts commit 429e2ac832
.
2022-08-21 16:22:15 +01:00
429e2ac832
oauth2 fixes ( #177 )
...
Reviewed-on: AkkomaGang/akkoma#177
2022-08-21 14:46:52 +00:00
645f0390bc
Prepare for ubuntu22 murdering openssl ( #120 )
...
Reviewed-on: AkkomaGang/akkoma#120
2022-07-27 21:48:13 +00:00
729f45ccd2
purge ldap authenticator ( #92 )
...
Reviewed-on: AkkomaGang/akkoma#92
2022-07-20 12:49:13 +00:00
Ilja
8b843be03e
Fix test get_user_apps/1
...
For some reason I had a test who suddenly failed, mix test test/pleroma/web/o_auth/app_test.exs:54. A user has a list of applications and this test adds them and then sees if the list it gets back is the same as the apps it added.
When I ran mix test a day before I didn't have this problem and when I pushed code today in a different MR, the pipeline succeeded (see https://git.pleroma.social/ilja/pleroma/-/jobs/205827 ), yet locally it failed. So it seems the test can sometimes succeed and sometimes fail, which makes it untrustworthy.
The failure I see is because the returned list is in reverse order. I assume that's not per sé wrong. You just want to know if the apps you added are actually there. I fixed the test by first ordering the lists before comparing.
AFAICT (and as far as that's relevant) the test got introduced in commit cb2a072e62
2022-06-29 20:43:41 +01:00
Alex Gleason
cb2a072e62
Apps: add test for get_user_apps/1
2021-12-27 18:29:03 -06:00
Alex Gleason
b6a69b5efd
Return token's primary key with POST /oauth/token
2021-03-24 12:50:05 -05:00
e854c35e65
Convert tests to all use clear_config instead of Pleroma.Config.put
2021-01-26 11:58:43 -06:00
28581e03ad
Merge branch 'develop' into refactor/deactivated_user_field
2021-01-18 14:58:21 -06:00
44a86951a3
Merge branch 'develop' into refactor/approval_pending_user_field
2021-01-18 12:05:05 -06:00
Mark Felder
2c0fe2ea9e
Remove toggle_confirmation; require explicit state change
...
Also cosmetic changes to make the code clearer
2021-01-15 13:11:51 -06:00
Mark Felder
d36182c088
Change user.confirmation_pending field to user.is_confirmed
2021-01-15 12:44:41 -06:00
Mark Felder
860b5c7804
Change user.deactivated field to user.is_active
2021-01-15 11:24:46 -06:00
f7e59c28ed
Change user.approval_pending field to user.is_approved
2021-01-15 10:42:02 -06:00
Lain Soykaf
39f3683a06
Pbkdf2: Use it everywhere.
2021-01-14 15:06:16 +01:00
Lain Soykaf
aff83eb7c1
Linting
2021-01-13 16:00:12 +01:00
lain
9106048c61
Password: Replace Pbkdf2 with Password.
2021-01-13 15:11:11 +01:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
...
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/ >;'
2021-01-13 07:49:50 +01:00
lain
9ba60f70d2
Tests: Make as many tests as possible async.
...
In general, tests that match these criteria can be made async:
- Doesn't use real Cachex.
- Doesn't write to the Config / Application Environment.
- Uses Mock. Using Mox is fine.
- Uses the streamer.
2020-12-21 12:21:40 +01:00
Ivan Tashkinov
7fff9c1bee
Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in).
2020-12-09 21:14:39 +03:00
Ivan Tashkinov
d50a3345ae
[ #3112 ] Allowed revoking same-user token from any apps. Added tests.
2020-11-30 21:55:48 +03:00
Ivan Tashkinov
f1b07a2b2b
OAuth form user remembering feature. Local MastoFE login / logout fixes.
2020-11-28 21:51:06 +03:00
Ivan Tashkinov
62993db499
Merge remote-tracking branch 'remotes/origin/develop' into auth-improvements
2020-11-25 21:48:18 +03:00
Ivan Tashkinov
12a5981cc3
Session token setting on token exchange. Auth-related refactoring.
2020-11-25 21:47:23 +03:00
Mark Felder
3283d0805f
Use Jason instead of Poison in tests
2020-11-23 13:28:55 -06:00
Egor Kislitsyn
3985c1b450
Fix warnings
2020-10-15 16:54:59 +04:00
Alexander Strizhakov
7dffaef479
tests consistency
2020-10-13 16:35:09 +03:00