Commit graph

48 commits

Author SHA1 Message Date
Aria 77000b8ffd update tests for oauth consumer 2023-12-17 21:48:19 +00:00
Aria eb0dbf6b79 fix oauth consumer mode
the previous code passed a state parameter to ueberauth with info
about where to go after the user logged in, etc.
since ueberauth 0.7, this parameter is ignored and oauth state is used
for actual CSRF reasons.

we now set a cookie with the state we need to keep track of, and read
it once the callback happens.
2023-12-17 19:27:36 +00:00
FloatingGhost 6cb40bee26 Migrate to phoenix 1.7 (#626)
Closes #612

Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
FloatingGhost 87d5e5b06a Allow moderators to get the admin scope again
Fixes #463
2023-03-08 17:39:35 +00:00
Atsuko Karagi 4a78c431cf Simplified HTTP signature processing 2022-12-19 20:41:48 +00:00
floatingghost 233c4bb3ba revert 28ab09d377
revert Remove unused dependencies
2022-12-19 02:34:46 +00:00
FloatingGhost 28ab09d377 Remove unused dependencies 2022-12-19 02:26:04 +00:00
FloatingGhost 3d546409b2 remove now-unused test 2022-12-17 23:21:24 +00:00
FloatingGhost 52d8183787 drop admin scopes on create app instead of rejecting 2022-12-17 23:14:49 +00:00
FloatingGhost b8be8192fb do not allow non-admins to register tokens with admin scopes
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
floatingghost 07a48b9293 giant massive dep upgrade and dialyxir-found error emporium (#371)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/371
2022-12-14 12:38:48 +00:00
Tusooa Zhu 95e4018c1a Disconnect streaming sessions when token is revoked
Use Websockex to replace websocket_client

Test that server will disconnect websocket upon token revocation

Lint

Execute session disconnect in background

Refactor streamer test

allow multi-streams

rebase websocket change
2022-08-27 19:07:48 +01:00
floatingghost 618cf7ff7f reuse valid oauth tokens (#182)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/182
2022-08-25 14:37:51 +00:00
FloatingGhost 8d7b63a766 Revert "Fix oauth2 (for real) (#179)"
This reverts commit aa681d7e15.
2022-08-21 17:52:02 +01:00
floatingghost aa681d7e15 Fix oauth2 (for real) (#179)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/179
2022-08-21 16:24:37 +00:00
FloatingGhost b0130bfa7b Revert "oauth2 fixes (#177)"
This reverts commit 429e2ac832.
2022-08-21 16:22:15 +01:00
floatingghost 429e2ac832 oauth2 fixes (#177)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/177
2022-08-21 14:46:52 +00:00
floatingghost 5b4d77eaa7 maintenance: dependency upgrade (#81)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/81
2022-07-18 00:56:35 +00:00
Tusooa Zhu c6652fccae Make mfa pages translatable 2022-06-29 20:45:03 +01:00
Tusooa Zhu 8f8d2abb12 Make oauth pages translatable 2022-06-29 20:44:48 +01:00
FloatingGhost 0d012ebea1 Revert "Merge branch 'remove/mastofe' into 'develop'"
This reverts commit 6b3842cf50, reversing
changes made to 6b1282a829.
2022-01-08 21:44:37 +00:00
Alex Gleason f5c3d45120
Merge remote-tracking branch 'origin/develop' into apps-api-endpoint 2021-12-27 18:01:25 -06:00
Sean King 33f063204e
Add unit test for Pleroma API app controller 2021-08-28 23:18:12 -06:00
Sean King 6519732045
GET /api/v1/apps endpoint 2021-08-25 21:01:04 -06:00
Sean King 5d279a22b1 Merge develop branch upstream 2021-07-10 11:04:16 -06:00
Alex Gleason 45b7325b9e
Refactor skipped plugs into Pleroma.Web functions
Speeds up recompilation by reducing compile cycles
2021-06-08 19:15:04 -05:00
Alex Gleason b99f60615c Fix order of Pleroma.Web.Utils.Params aliases 2021-06-08 12:50:47 -05:00
Alex Gleason ec65b7ae29 Pleroma.Web.Params --> Pleroma.Web.Utils.Params 2021-06-08 12:50:47 -05:00
Alex Gleason 0877b120c3 Pleroma.Web.ControllerHelper.truthy_param?/1 --> Pleroma.Web.Params.truthy_param?/1
Breaks cycle in lib/pleroma/web/api_spec/operations/status_operation.ex
2021-06-08 12:50:47 -05:00
Alex Gleason 1399b82f7b
Create WrapperAuthenticator and simplify Authenticator behaviour
Speeds up recompilation by reducing compile-time cycles
2021-06-07 18:18:39 -05:00
Sean King 26d2c677b7
Removing trailing space on empty line in OAuth controller 2021-06-04 15:50:57 -06:00
Sean King 839c2c6a12
Fix code mistake in OAuth controller 2021-06-04 14:50:16 -06:00
Sean King dc4814f0cd
Fix merge conflicts with upstream 2021-06-04 14:42:44 -06:00
Alex Gleason ad7d4ff8bc
Merge remote-tracking branch 'pleroma/develop' into alias-router-helpers 2021-05-19 12:49:00 -05:00
Alex Gleason 07fed0fda2
Switch to aliasing Router.Helpers instead of importing 2021-05-18 17:45:30 -05:00
Sean King 4f55d5123b
Remove MastoFE-related backend code and frontend pieces 2021-04-15 22:56:21 -06:00
Alex Gleason b6a69b5efd
Return token's primary key with POST /oauth/token 2021-03-24 12:50:05 -05:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Ivan Tashkinov 7fff9c1bee Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in). 2020-12-09 21:14:39 +03:00
Ivan Tashkinov d50a3345ae [#3112] Allowed revoking same-user token from any apps. Added tests. 2020-11-30 21:55:48 +03:00
Ivan Tashkinov f1b07a2b2b OAuth form user remembering feature. Local MastoFE login / logout fixes. 2020-11-28 21:51:06 +03:00
Ivan Tashkinov 12a5981cc3 Session token setting on token exchange. Auth-related refactoring. 2020-11-25 21:47:23 +03:00
Ivan Tashkinov ccc2cf0e87 Session-based OAuth auth fixes (token expiration check), refactoring, tweaks. 2020-11-21 19:47:25 +03:00
Alexander Strizhakov 9f4fe5485b
alias alphabetically order 2020-10-13 16:43:59 +03:00
Alexander Strizhakov 011525a3d1
EnsurePublicOrAuthenticatedPlug module name 2020-10-13 16:43:57 +03:00
Alexander Strizhakov a6d8cef33e
OAuthScopesPlug module name 2020-10-13 16:43:54 +03:00
Alexander Strizhakov 4b1863ca4e
RateLimiter module name 2020-10-13 16:43:53 +03:00
Alexander Strizhakov b5b4395e4a
oauth consistency 2020-10-13 16:38:18 +03:00