Commit graph

39 commits

Author SHA1 Message Date
FloatingGhost b8be8192fb do not allow non-admins to register tokens with admin scopes
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
floatingghost 07a48b9293 giant massive dep upgrade and dialyxir-found error emporium (#371)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/371
2022-12-14 12:38:48 +00:00
Tusooa Zhu 95e4018c1a Disconnect streaming sessions when token is revoked
Use Websockex to replace websocket_client

Test that server will disconnect websocket upon token revocation

Lint

Execute session disconnect in background

Refactor streamer test

allow multi-streams

rebase websocket change
2022-08-27 19:07:48 +01:00
floatingghost 618cf7ff7f reuse valid oauth tokens (#182)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/182
2022-08-25 14:37:51 +00:00
FloatingGhost 8d7b63a766 Revert "Fix oauth2 (for real) (#179)"
This reverts commit aa681d7e15.
2022-08-21 17:52:02 +01:00
floatingghost aa681d7e15 Fix oauth2 (for real) (#179)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/179
2022-08-21 16:24:37 +00:00
FloatingGhost b0130bfa7b Revert "oauth2 fixes (#177)"
This reverts commit 429e2ac832.
2022-08-21 16:22:15 +01:00
floatingghost 429e2ac832 oauth2 fixes (#177)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/177
2022-08-21 14:46:52 +00:00
floatingghost 5b4d77eaa7 maintenance: dependency upgrade (#81)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/81
2022-07-18 00:56:35 +00:00
Tusooa Zhu c6652fccae Make mfa pages translatable 2022-06-29 20:45:03 +01:00
Tusooa Zhu 8f8d2abb12 Make oauth pages translatable 2022-06-29 20:44:48 +01:00
FloatingGhost 0d012ebea1 Revert "Merge branch 'remove/mastofe' into 'develop'"
This reverts commit 6b3842cf50, reversing
changes made to 6b1282a829.
2022-01-08 21:44:37 +00:00
Alex Gleason f5c3d45120
Merge remote-tracking branch 'origin/develop' into apps-api-endpoint 2021-12-27 18:01:25 -06:00
Sean King 33f063204e
Add unit test for Pleroma API app controller 2021-08-28 23:18:12 -06:00
Sean King 6519732045
GET /api/v1/apps endpoint 2021-08-25 21:01:04 -06:00
Sean King 5d279a22b1 Merge develop branch upstream 2021-07-10 11:04:16 -06:00
Alex Gleason 45b7325b9e
Refactor skipped plugs into Pleroma.Web functions
Speeds up recompilation by reducing compile cycles
2021-06-08 19:15:04 -05:00
Alex Gleason b99f60615c Fix order of Pleroma.Web.Utils.Params aliases 2021-06-08 12:50:47 -05:00
Alex Gleason ec65b7ae29 Pleroma.Web.Params --> Pleroma.Web.Utils.Params 2021-06-08 12:50:47 -05:00
Alex Gleason 0877b120c3 Pleroma.Web.ControllerHelper.truthy_param?/1 --> Pleroma.Web.Params.truthy_param?/1
Breaks cycle in lib/pleroma/web/api_spec/operations/status_operation.ex
2021-06-08 12:50:47 -05:00
Alex Gleason 1399b82f7b
Create WrapperAuthenticator and simplify Authenticator behaviour
Speeds up recompilation by reducing compile-time cycles
2021-06-07 18:18:39 -05:00
Sean King 26d2c677b7
Removing trailing space on empty line in OAuth controller 2021-06-04 15:50:57 -06:00
Sean King 839c2c6a12
Fix code mistake in OAuth controller 2021-06-04 14:50:16 -06:00
Sean King dc4814f0cd
Fix merge conflicts with upstream 2021-06-04 14:42:44 -06:00
Alex Gleason ad7d4ff8bc
Merge remote-tracking branch 'pleroma/develop' into alias-router-helpers 2021-05-19 12:49:00 -05:00
Alex Gleason 07fed0fda2
Switch to aliasing Router.Helpers instead of importing 2021-05-18 17:45:30 -05:00
Sean King 4f55d5123b
Remove MastoFE-related backend code and frontend pieces 2021-04-15 22:56:21 -06:00
Alex Gleason b6a69b5efd
Return token's primary key with POST /oauth/token 2021-03-24 12:50:05 -05:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Ivan Tashkinov 7fff9c1bee Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in). 2020-12-09 21:14:39 +03:00
Ivan Tashkinov d50a3345ae [#3112] Allowed revoking same-user token from any apps. Added tests. 2020-11-30 21:55:48 +03:00
Ivan Tashkinov f1b07a2b2b OAuth form user remembering feature. Local MastoFE login / logout fixes. 2020-11-28 21:51:06 +03:00
Ivan Tashkinov 12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Ivan Tashkinov ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
Alexander Strizhakov 9f4fe5485b
alias alphabetically order 2020-10-13 16:43:59 +03:00
Alexander Strizhakov 011525a3d1
EnsurePublicOrAuthenticatedPlug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov a6d8cef33e
OAuthScopesPlug module name 2020-10-13 16:43:54 +03:00
Alexander Strizhakov 4b1863ca4e
RateLimiter module name 2020-10-13 16:43:53 +03:00
Alexander Strizhakov b5b4395e4a
oauth consistency 2020-10-13 16:38:18 +03:00