Commit graph

152 commits

Author SHA1 Message Date
Maksim Pechnikov b8d5c09f48 Merge branch 'develop' into issue/1383 2020-01-22 09:30:30 +03:00
Haelwenn (lanodan) Monnier 5c533e10e7
Bump credo to 1.1.5 2020-01-20 12:17:14 +01:00
Ivan Tashkinov 6c94b7498b [#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests. 2020-01-10 10:52:21 +03:00
Maksim Pechnikov 67cb46e15d Merge branch 'develop' into issue/1383 2019-12-14 21:44:10 +03:00
Ivan Tashkinov 81b05340e9 [#1427] Graceful clearance of OAuth admin scopes for non-admin users (no error raised).
PleromaFE and other clients may safely request admin scope(s): if user isn't an admin, request is successful but only non-admin scopes from request are granted.
2019-12-12 16:00:06 +03:00
Ivan Tashkinov 835ac2157c Merge remote-tracking branch 'remotes/upstream/develop' into 1427-oauth-admin-scopes
# Conflicts:
#	CHANGELOG.md
2019-12-10 08:55:14 +03:00
rinpatch bd3aa8500c OAuth token cleanup: Get rid of compile-time configuration 2019-12-08 20:03:33 +03:00
Ivan Tashkinov af42c00cff [#1427] Reworked admin scopes support.
Requalified users.is_admin flag as legacy accessor to admin actions in case token lacks admin scope(s).
2019-12-06 00:25:44 +03:00
Ivan Tashkinov 51111e286b [#1427] Initial support for OAuth admin scopes. 2019-11-29 18:57:19 +03:00
Maksim Pechnikov 0e9be6bafa moved OAuth.Token.CleanWorker to Oban Periodic jobs 2019-11-25 14:32:20 +03:00
lain 1ca7b877a1 Merge branch 'iss-1376' into 'develop'
Check client and token in GET /oauth/authorize

See merge request pleroma/pleroma!1940
2019-11-11 12:27:33 +00:00
Steven Fuchs 94627baa5c New rate limiter 2019-11-11 12:13:06 +00:00
AkiraFukushima e1fc6cb78f Check client and token in GET /oauth/authorize 2019-11-05 23:52:47 +09:00
Ivan Tashkinov 10ff01acd9 [#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 21:59:21 +03:00
Ivan Tashkinov 28fb98d69e Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
#	CHANGELOG.md
2019-10-07 11:06:30 +03:00
Ivan Tashkinov 06b3bb54c5 Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-06 11:43:49 +03:00
Ivan Tashkinov f459aabdfa Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
#	CHANGELOG.md
2019-10-06 09:30:49 +03:00
Egor Kislitsyn d3ac4e8083
Fix OAuthController 2019-10-04 13:30:46 +07:00
Ivan Tashkinov 64095961fe [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-02 20:42:40 +03:00
Maxim Filippov 0f9c2c8b87 Send an identifier alongside with error message in OAuthController 2019-10-01 18:10:04 +03:00
Ivan Tashkinov 6ffa2b5f66 [#1260] Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions
# Conflicts:
#	CHANGELOG.md
2019-09-30 17:41:20 +03:00
Maksim Pechnikov 3d722dc200 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-26 16:16:30 +03:00
kaniini 3ff57f1fd3 Merge branch 'hex-flake-id' into 'develop'
Replace `Pleroma.FlakeId` with `flake_id` hex package

See merge request pleroma/pleroma!1692
2019-09-26 02:51:54 +00:00
Egor Kislitsyn b5dfe83433 Replace Pleroma.FlakeId with flake_id hex package 2019-09-25 17:14:31 +07:00
Maksim Pechnikov d75d0ae134 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-24 08:06:04 +03:00
Maksim Pechnikov 179fa32dd5 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-23 21:41:57 +03:00
Maxim Filippov 6f25668215 Admin API: Add ability to force user's password reset 2019-09-22 16:08:07 +03:00
Ivan Tashkinov 6f67aed3ac [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	lib/pleroma/web/admin_api/admin_api_controller.ex
2019-09-19 10:59:09 +03:00
Haelwenn (lanodan) Monnier 447514dfa2
Bump copyright years of files changed in 2019
Done via the following command:
git diff 1e6c102bfc --stat --name-only | cat - | xargs sed -i 's/2017-2018 Pleroma Authors/2017-2019 Pleroma Authors/'
2019-09-18 23:21:11 +02:00
Ivan Tashkinov 01c1078015 [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	lib/pleroma/web/activity_pub/activity_pub_controller.ex
2019-09-17 22:53:26 +03:00
Ivan Tashkinov e7afb67c5c [#1260] Rate-limiting for create authentication and related requests. 2019-09-17 16:16:11 +03:00
Ivan Tashkinov b63faf9819 [#1234] Mastodon 2.4.3 hierarchical scopes initial support (WIP). 2019-09-08 15:00:03 +03:00
Maksim Pechnikov ab2f21e470 tests for mastodon_api_controller.ex 2019-09-06 21:50:00 +03:00
Ivan Tashkinov dd017c65a4 [#1149] Refactored Oban workers API (introduced enqueue/3). 2019-08-31 21:58:42 +03:00
Ivan Tashkinov a90ea8ba15 [#1149] Addressed code review comments (code style, jobs pruning etc.). 2019-08-31 19:08:56 +03:00
Ivan Tashkinov 256ff09aa8 [#1149] Merge remote-tracking branch 'remotes/upstream/develop' into 1149-oban-job-queue
# Conflicts:
#	lib/pleroma/application.ex
#	lib/pleroma/scheduled_activity_worker.ex
#	lib/pleroma/web/federator/retry_queue.ex
#	lib/pleroma/web/oauth/token/clean_worker.ex
#	test/user_test.exs
#	test/web/federator_test.exs
2019-08-22 20:59:58 +03:00
stwf 15ef521009 Isolate OAuth.Token.CleanWorker 2019-08-14 11:57:50 -04:00
stwf 51bdf0cab6 use default child_specs 2019-08-14 11:55:17 -04:00
Ivan Tashkinov 0e1c481a94 [#1149] Added more oban workers. Refactoring. 2019-08-13 20:20:26 +03:00
Ariadne Conill b93498eb52 constants: add as_public constant and use it everywhere 2019-07-29 02:43:19 +00:00
Egor Kislitsyn 5104f65b69 Wrap error messages into gettext helpers 2019-07-10 18:10:09 +07:00
feld 93a0eeab16 Add license/copyright to all project files 2019-07-10 05:13:23 +00:00
Maksim a0c4ebb4d7 [#184] small refactoring reset password 2019-06-24 19:01:56 +00:00
Ivan Tashkinov 64bc7ac619 Minor edit (comment). 2019-06-18 17:15:26 +03:00
Ivan Tashkinov 9f45f93949 Added more redirect_uri checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
kaniini 52b1b0e45d Merge branch '963_oob_oauth_redirect_fix' into 'develop'
[#963] No redirect on OOB OAuth authorize request with existing authorization

See merge request pleroma/pleroma!1276
2019-06-15 13:45:50 +00:00
Alexander Strizhakov c2ca1f22a2 it is changed in compile time
we can't change module attributes and endpoint settings in runtime
2019-06-14 15:45:05 +00:00
Ivan Tashkinov 4b2c29016c [#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. 2019-06-12 21:30:06 +03:00
Ivan Tashkinov 3eefb274f4 OAuth consumer: tests fix, comments, Keycloak config notes. 2019-06-05 13:02:13 +03:00
Maksim 620908a2db [#699] add worker to clean expired oauth tokens 2019-05-22 15:44:50 +00:00