This repository has been archived on 2019-05-14. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/spec/controllers
Eugen Rochko 1618b68bfa HTTP signatures (#4146)
* Add Request class with HTTP signature generator

Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06

* Add HTTP signature verification concern

* Add test for SignatureVerification concern

* Add basic test for Request class

* Make PuSH subscribe/unsubscribe requests use new Request class

Accidentally fix lease_seconds not being set and sent properly, and
change the new minimum subscription duration to 1 day

* Make all PuSH workers use new Request class

* Make Salmon sender use new Request class

* Make FetchLinkService use new Request class

* Make FetchAtomService use the new Request class

* Make Remotable use the new Request class

* Make ResolveRemoteAccountService use the new Request class

* Add more tests

* Allow +-30 seconds window for signed request to remain valid

* Disable time window validation for signed requests, restore 7 days
as PuSH subscription duration (which was previous default due to a bug)
2017-07-14 20:41:49 +02:00
..
admin Improve UI of admin site settings (#4163) 2017-07-12 03:24:04 +02:00
api Web Push Notifications (#3243) 2017-07-13 22:15:32 +02:00
auth Cover Auth::RegistrationsController more (#3353) 2017-06-25 21:42:55 +02:00
concerns HTTP signatures (#4146) 2017-07-14 20:41:49 +02:00
oauth Cover Oauth::AuthorizedApplicationsController (#3359) 2017-05-29 18:08:05 +02:00
settings Fix #3910 - Require OTP authentication to disable 2FA (#3935) 2017-06-25 23:51:46 +02:00
well_known Fix spec for #2388 (#3526) 2017-06-03 14:40:55 +02:00
about_controller_spec.rb Cover AboutController more in spec (#3226) 2017-05-22 16:27:19 +02:00
account_follow_controller_spec.rb Cover AccountFollowController more in spec (#3227) 2017-05-22 16:29:48 +02:00
account_unfollow_controller_spec.rb Cover AccountUnfollowController more in spec (#3228) 2017-05-22 17:58:49 +02:00
accounts_controller_spec.rb Cover AccountsController more in spec (#3229) 2017-05-23 02:53:01 +02:00
application_controller_spec.rb Use "match_array" only for order independent assertions (#3626) 2017-06-07 12:59:28 -04:00
authorize_follows_controller_spec.rb Remote following success page (#4129) 2017-07-10 18:05:06 +02:00
follower_accounts_controller_spec.rb Introduce recent to Follow (#3247) 2017-05-23 13:12:19 +02:00
following_accounts_controller_spec.rb Introduce recent to Follow (#3247) 2017-05-23 13:12:19 +02:00
home_controller_spec.rb Replace OEmbed and initial state Rabl templates with serializers (#4110) 2017-07-08 14:51:05 +02:00
manifests_controller_spec.rb Add controller spec for manifests controller (#4003) 2017-06-30 13:43:34 +02:00
media_controller_spec.rb Extract authorization policy for viewing statuses (#3150) 2017-05-29 18:22:22 +02:00
remote_follow_controller_spec.rb Fix #2027 - Accept own ID for remote follow with and without preceding @ (#2991) 2017-05-11 21:54:30 +02:00
statuses_controller_spec.rb Use "match_array" only for order independent assertions (#3626) 2017-06-07 12:59:28 -04:00
stream_entries_controller_spec.rb Use "match_array" only for order independent assertions (#3626) 2017-06-07 12:59:28 -04:00
tags_controller_spec.rb Cover TagsController more (#3306) 2017-05-25 16:07:38 +02:00