Commit graph

92 commits

Author SHA1 Message Date
Ivan Tashkinov
6ffa2b5f66 [#1260] Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
#	CHANGELOG.md
2019-09-30 17:41:20 +03:00
Maxim Filippov
6f25668215 Admin API: Add ability to force user's password reset 2019-09-22 16:08:07 +03:00
Ivan Tashkinov
e7afb67c5c [#1260] Rate-limiting for create authentication and related requests. 2019-09-17 16:16:11 +03:00
Ariadne Conill
b93498eb52 constants: add as_public constant and use it everywhere 2019-07-29 02:43:19 +00:00
Egor Kislitsyn
5104f65b69 Wrap error messages into gettext helpers 2019-07-10 18:10:09 +07:00
Ivan Tashkinov
64bc7ac619 Minor edit (comment). 2019-06-18 17:15:26 +03:00
Ivan Tashkinov
9f45f93949 Added more redirect_uri checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
Ivan Tashkinov
4b2c29016c [#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. 2019-06-12 21:30:06 +03:00
Ivan Tashkinov
3eefb274f4 OAuth consumer: tests fix, comments, Keycloak config notes. 2019-06-05 13:02:13 +03:00
Maksim
52297920e7 Refactoring oauth response. 2019-05-14 14:49:45 +00:00
Mark Felder
498bfdf403 Switch to Jason over Poison 2019-05-13 15:37:38 -05:00
Alexander Strizhakov
a2be420f94 differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
2019-05-13 18:35:45 +00:00
Maksim
799e1f48b5 Refactoring functions for dealing with oauth scopes. 2019-05-08 10:52:13 +00:00
Maksim
1040caf096 fix format
Modified-by: Maksim Pechnikov <parallel588@gmail.com>
2019-05-06 17:51:03 +00:00
Egor
b9cdf6d3b9 Use User.get_cached* everywhere 2019-04-22 07:20:43 +00:00
Ivan Tashkinov
9256d2d4b4 [#923] Refactored OAuthController#authorize definitions, added test. 2019-04-21 10:51:32 +03:00
Ivan Tashkinov
128aae05f3 [#923] Minor semantic adjustment. 2019-04-17 11:33:21 +03:00
Ivan Tashkinov
c3f12cf3c3 [#923] OAuth consumer params handling refactoring.
Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic.
2019-04-10 21:40:38 +03:00
Ivan Tashkinov
bffddf5e31 [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
#	docs/config.md
#	test/support/factory.ex
2019-04-08 12:20:26 +03:00
eugenijm
7aa53d52bd Return 403 on oauth token exchange for a deactivated user 2019-04-06 23:27:55 +03:00
Ivan Tashkinov
47a236f753 [#923] OAuth consumer mode refactoring, new tests, tests adjustments, readme. 2019-04-05 15:12:02 +03:00
Ivan Tashkinov
3e7f2bfc2f [#923] OAuthController#callback adjustments (with tests). 2019-04-05 09:19:17 +03:00
Ivan Tashkinov
f7cd9131d4 [#923] OAuth consumer controller tests. Misc. improvements. 2019-04-04 22:41:03 +03:00
Ivan Tashkinov
37925cbe78 Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
#	lib/pleroma/web/oauth/oauth_controller.ex
#	lib/pleroma/web/router.ex
2019-04-02 14:05:34 +03:00
lambda
091baf9316 Merge branch 'features/mastoapi/2.6.0-force-login-option' into 'develop'
MastoAPI 2.6.0 `force_login` option

Closes #734

See merge request pleroma/pleroma!999
2019-04-02 10:57:38 +00:00
Egor Kislitsyn
1b3d921921 change Repo.get(User, id) => User.get_by_id(id) 2019-04-02 17:01:26 +07:00
Ivan Tashkinov
6910fb371b Fixed local MastoFE authentication / force_login option. 2019-04-01 17:25:25 +03:00
Ivan Tashkinov
cbe09d94d1 Added force_login authentication option (previously applied by default). 2019-04-01 14:46:50 +03:00
Ivan Tashkinov
eadafc88b8 [#923] Deps config adjustment (no override for httpoison), code analysis issues fixes. 2019-04-01 09:28:56 +03:00
Ivan Tashkinov
baffdcc480 [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
#	mix.exs
2019-04-01 08:49:32 +03:00
Ivan Tashkinov
2a95014b9d [#923] OAuth consumer improvements, fixes, refactoring. 2019-03-27 15:39:35 +03:00
Ivan Tashkinov
b0759f821b Comments split. 2019-03-26 15:24:29 +03:00
Ivan Tashkinov
263ca3dea2 Mastodon-based auth error messages. Defaulted User#auth_active?/1 to true. 2019-03-26 15:09:06 +03:00
Ivan Tashkinov
af68a42ef7 [#923] Support for multiple OAuth consumer strategies. 2019-03-20 20:25:48 +03:00
Ivan Tashkinov
e17a9a1f66 [#923] Nickname & email selection for external registrations, option to connect to existing account. 2019-03-20 10:35:31 +03:00
Ivan Tashkinov
26b6354095 [#923] Support for multiple (external) registrations per user via Registration. 2019-03-18 17:23:38 +03:00
Ivan Tashkinov
2a96283efb [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
#	config/config.exs
#	lib/pleroma/web/auth/pleroma_authenticator.ex
2019-03-18 10:26:41 +03:00
lambda
28df397454 Merge branch 'feature/oauth-me' into 'develop'
oauth: add me property to token responses

See merge request pleroma/pleroma!942
2019-03-16 08:44:02 +00:00
William Pitcock
e0edc706cf oauth: add me property to token responses 2019-03-16 01:12:50 +00:00
Ivan Tashkinov
2739057442 Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth 2019-03-15 17:11:00 +03:00
Ivan Tashkinov
aacbf0f570 [#923] OAuth: prototype of sign in / sign up with Twitter. 2019-03-15 17:08:03 +03:00
link0ff
54e7087ab4 Merge remote-tracking branch 'upstream/develop' into feature/openldap-support 2019-03-14 17:43:30 +02:00
Haelwenn (lanodan) Monnier
a3a9cec483
[Credo] fix Credo.Check.Readability.AliasOrder 2019-03-13 04:26:54 +01:00
Ivan Tashkinov
63ab61ed3f Sign in via Twitter (WIP). 2019-03-11 20:37:26 +03:00
link0ff
88a672fe88 Move LDAP code to LDAPAuthenticator. Use Authenticator for token_exchange with grant_type as well 2019-03-03 21:20:36 +02:00
link0ff
19e2b85247 Merge remote-tracking branch 'upstream/develop' into feature/openldap-support 2019-03-03 18:29:37 +02:00
rinpatch
f38c316e6e Merge branch 'bugfix/oauth-scopes-join' into 'develop'
Bugfix: OAuth scopes formatting

Closes #702

See merge request pleroma/pleroma!881
2019-03-02 06:39:07 +00:00
Haelwenn (lanodan) Monnier
b6a001a34c
Web.OAuth.OAuthController: Fix scopes Enum.join for OAuth response 2019-03-02 04:04:16 +01:00
Ivan Tashkinov
3281a3f074 Renamed *DatabaseAuthenticator to *Authenticator. 2019-02-28 14:12:41 +03:00
Ivan Tashkinov
4e77f68414 Added auth_template/0 to DatabaseAuthenticator. 2019-02-28 13:58:58 +03:00