nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
17632 commits 4 branches 0 tags 121 MiB
Commit graph

1869 commits

Author SHA1 Message Date
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
augier
8c2af74447 Fixing last remarks 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
858e8c2503 Prevent duplicate scopes in authorization 2016-01-04 16:49:54 +09:00
theworldbright
724f32604b Add nonce to auth code flow 2016-01-04 16:49:53 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
3734e074a6 Fix pronto errors 2016-01-04 16:49:52 +09:00
theworldbright
98fd18077a Add test for expired access token 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
2be932ceff Delete password flow 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
theworldbright
3cbe75469b Add support for scopes 
Remove scopes from tokens

Squashed commits:

[83db38f] Add redirect uris to supported metadata
 2016-01-04 16:49:51 +09:00
theworldbright
979adca1e7 Fix account deleter specs 
Squashed commits:

[7ff4276] Adjust discovery controller
 2016-01-04 16:49:50 +09:00
augier
b173283692 Test for refresh token flow 2016-01-04 16:49:50 +09:00
augier
cc28199555 Fixing hounds remarks 2016-01-04 16:49:50 +09:00
theworldbright
7b80a7408d Add integration tests for implicit flow 
Squashed commits:
[d5001fe] Refactor
[8d8a23f] Add test for when authorization is denied
[659fc56] Adjust password flow integration test
 2016-01-04 16:49:50 +09:00
theworldbright
ee9ac06e1a Add support for access tokens in implicit flow 
Squashed commits:
[7dbf618] Use Rail's find_or_create_by method
 2016-01-04 16:49:50 +09:00
theworldbright
2d762da072 Adjust tokens to fit revised Authorization 2016-01-04 16:49:50 +09:00
theworldbright
17fde49d61 Implement ID Token for the implicit flow 2016-01-04 16:49:50 +09:00
theworldbright
1475672d72 Fix authorization and related models 
Squashed commits:
[a844d37] Remove unnecessary class_name's from models
[529a30c] Further adjust authorization and related models
 2016-01-04 16:49:50 +09:00
augier
031679762a Redesign the models 2016-01-04 16:49:49 +09:00
Augier
9140c8244b Support for refresh tokens w/ no tests 2016-01-04 16:49:49 +09:00
Augier
73cc55940d Fix travis errors and refactor 2016-01-04 16:49:49 +09:00
theworldbright
3d26cbf657 Allow POST requests at authentication endpoint 2016-01-04 16:49:49 +09:00
theworldbright
3cfbcbce8f Implement authorization endpoint (part 1) 
The user can now authenticate with the authorization
server's authorization endpoint and receive a fake
id token.
 2016-01-04 16:49:49 +09:00
theworldbright
88d02ea35b Add client registration 
Client must now be registered prior to imitating a
call to the token endpoint with the password flow.

Squashed commits:

[fdcef62] Rename authorization endpoint to protected resource endpoint
 2016-01-04 16:49:48 +09:00
theworldbright
beae77102d Allow current user to be obtained from access token 2016-01-04 16:49:16 +09:00
theworldbright
efdfe318fd Add ability to get user info from access tokens 2016-01-04 16:48:42 +09:00
Augier
a1f3d5f5f9 Getting token from user credential flow 2016-01-04 16:45:21 +09:00
augier
8d8faf684c OpenID Connect debut work 2016-01-04 16:45:21 +09:00
cmrd Senya
a2ce47fae5 Remove parent author signature for relayables from the DB 
since it is considered redundant
 2015-12-16 22:00:35 +03:00
Jonne Haß
13029235d0 Merge branch 'stable' into develop 2015-12-13 12:28:04 +01:00
cmrd Senya
f0fc62e94d Fix a security issue that author_signature is not checked on the to-downstream receive of a federated relayable entity, allowing to forge relayables if you are an owner of the pod where a parent object is stored. 
closes #6539
 2015-12-13 12:26:59 +01:00
cmrd Senya
4e41b8dc86 Allow Retraction to deal with Relayables 2015-12-13 12:23:51 +01:00
Steffen van Bergerem
75e3085ca9 Merge branch 'stable' into develop 2015-11-27 12:46:46 +01:00
Manoj Mishra
ab21e6b134 Fix: Adding mention through paste user name from clipboard is not successfull 
Input buffer wasn't getting updated with the user input when user did a
paste from clipboard, it caused search for the available contacts
to not trigger

closes #6510
 2015-11-27 12:46:02 +01:00
Dennis Schubert
5081d69847 Merge branch 'stable' into develop 2015-11-22 02:52:37 +01:00
Jason Robinson
66925918b1 Send comment to reshare author when commenting on reshare 
As posts are always delivered also to reshare root, comments should also be delivered to reshare root, for concistency.
 2015-11-22 02:45:27 +01:00
Jonne Haß
c815ed4d7c Cache bookmarklet code in public/assets/bookmarklet.js 
tmp/cache is not something you would include in a packaging situation.
 2015-11-03 18:06:55 +01:00
Jonne Haß
99d4e0b332 Merge branch 'stable' into develop 2015-10-14 22:33:14 +02:00
cmrd Senya
69b46df3d6 Notifications for comments on local posts by non-contacts 2015-10-14 22:32:19 +02:00
cmrd Senya
dc02c5384b Notify a remote user when a non-contact user likes or comment her public post 2015-10-14 22:30:35 +02:00
Florian Staudacher
f8e93e1554 forgot to pass my own exceptions through 2015-09-01 01:36:04 +02:00
Florian Staudacher
461c8e67cd make the error handling more robust 
catch more exceptions higher up in the hierarchy
 - don't stop checking all pods if there's just one malfolmed pod
avoid echoing the complete body on json error
 2015-08-31 19:39:00 +02:00
Florian Staudacher
ea397ffdfb Add connection test for pods in the network 
* add a class for checking pod connectivity
* extend pod model to handle new functionality
* add an admin frontend to list pods and re-trigger checks manually
* add a daily worker to run through all the pods
* add unit tests for most of the new code
 2015-08-24 22:04:53 +02:00
Steffen van Bergerem
89a3ea6d20 Merge branch 'stable' into develop 2015-08-23 14:45:33 +02:00
Jonne Haß
a1ca45b201 Update NodeInfo to final 1.0 schema 
closes #6340
 2015-08-23 14:45:20 +02:00
Jonne Haß
d396d5555f Merge branch 'stable' into develop 2015-08-21 14:23:46 +02:00
Benjamin Neff
663835ed3a remove old webfinger/hcard code 
closes #6310
 2015-08-21 14:23:08 +02:00
Benjamin Neff
d28e03f053 use discovery from diaspora_federation gem 2015-08-21 14:21:43 +02:00
Dennis Schubert
be8f920c29 Merge branch 'stable' into develop 2015-07-24 04:05:32 +02:00
Jonne Haß
487b0d90ca Implement NodeInfo 2015-07-24 03:50:02 +02:00
Jonne Haß
0cbe7ec9a8 Merge branch 'stable' into develop 2015-07-22 10:05:46 +02:00
Steffen van Bergerem
f8bbe71f54 Remove correlations 
closes #6223
 2015-07-22 09:46:52 +02:00
Steffen van Bergerem
c8f482064c Remove rake_helpers 2015-07-22 09:41:53 +02:00
Benjamin Neff
804784ed3f fix @pod_uri/@pod_url and add url_to to AppConfig 2015-07-14 05:50:26 +02:00
Benjamin Neff
94fc378eb7 fix @pod_uri/@pod_url and add url_to to AppConfig 2015-07-11 11:19:42 +02:00
Jonne Haß
1e4224813e Merge branch 'stable' into develop 2015-07-05 20:50:42 +02:00
Benjamin Neff
2294e59ee3 change public_url to atom_url and profile_url 2015-07-05 20:44:24 +02:00
Jonne Haß
188e554b7b Merge branch 'stable' into develop 2015-06-21 20:48:57 +02:00
fap
1061e101fd Adds welcome message on registration Welcome message is only send out if podmin account is defined and welcome message is enabled in the config. 
This also enables the podmin account to send messages
to any local user.

closes #6128
 2015-06-21 20:48:48 +02:00
Steffen van Bergerem
92a3dd53f0 Replace jquery.autoresize with autosize 2015-06-14 20:03:15 +02:00
Jonne Haß
40913f000a make assets:generate_error_pages depend on environment [ci skip] 2015-06-08 10:37:37 +02:00
Dennis Schubert
8a4ec1d4c6 Merge branch 'stable' into develop 2015-06-08 04:18:38 +02:00
Benjamin Neff
d42b5c128e update photos when received over public path 
closes #6082
 2015-06-08 04:18:31 +02:00
Benjamin Neff
e16b9af7e6 make public and private receiver work similar ... 2015-06-08 04:15:17 +02:00
Benjamin Neff
c75f92d07a add XMLLogger to debug federation 2015-06-08 04:15:17 +02:00
Dennis Schubert
0c6ca1d235 Merge branch 'stable' into develop 2015-06-08 00:58:20 +02:00
Benjamin Neff
aa2297a8c0 retry receive share-visibility when failed while receiving parallel 
refactoring:
- remove unused return-values (were used for caching, which was removed again)
- remove transaction (doesn't help here, added in 2615126)

closes #6068
 2015-06-08 00:58:00 +02:00
Jonne Haß
ab1e879cc2 Merge branch 'stable' into develop 2015-06-07 11:36:12 +02:00
Benjamin Neff
2571b042c6 only log private stuff to debug 
closes #6069
 2015-06-07 11:36:07 +02:00
Jonne Haß
7bfa0f857c Merge branch 'stable' into develop 2015-06-06 15:23:44 +02:00
Jonne Haß
6c71d9f257 Only strip text direction markers around hashtags for now 
Fixes #6067
 2015-06-06 15:23:12 +02:00
Dennis Schubert
b41007fae7 Merge branch 'stable' into develop 2015-06-04 04:18:34 +02:00
Benjamin Neff
27b4a44e4a replace Rails.logger with logging-logger 
closes #6041
 2015-06-04 04:17:15 +02:00
Benjamin Neff
b6c46b3fc4 add logging mixin and replace federation-logger 2015-06-04 04:16:03 +02:00
Jonne Haß
3850118e4e Merge branch 'stable' into develop 2015-06-02 12:14:42 +02:00
Steffen van Bergerem
1b77258d0e Set default for post title truncation to 70 characters 
closes #6022
 2015-06-02 12:14:35 +02:00
Dennis Schubert
8c4bcd8bd3 Merge branch 'stable' into develop 2015-05-31 01:47:09 +02:00
Steffen van Bergerem
fdad348898 Fix tag rendering in emails 
closes #6009
 2015-05-31 01:47:05 +02:00
Dennis Schubert
44919233c0 Merge branch 'stable' into develop 2015-05-28 01:34:28 +02:00
Benjamin Neff
21ae93e658 handle when the diaspora xml parser returns nil 
closes #5991
 2015-05-28 01:34:24 +02:00
Dennis Schubert
f9f73f56db Merge branch 'stable' into develop 2015-05-25 04:18:46 +02:00
Jason Robinson
7c0e50c2c2 Introduce 'authorized' configuration option for services 
Since the Facebook API has changed and additional permissions are required for all users on a pod to cross-post, an additional 'authorized' flag is needed to be set for the Facebook service.
This flag allows either all users, one user or no users to use the cross-posting service.

Clarifies the situation for #5923, #5260 and #5085.

closes #5985
 2015-05-25 04:18:38 +02:00
Dennis Schubert
944c57f874 Merge branch 'stable' into develop 2015-05-18 03:23:43 +02:00
Benjamin Neff
196e438286 remove some hardcoded diasporahq hax 2015-05-18 03:23:14 +02:00
Jonne Haß
13b69f81d1 Merge branch 'stable' into develop 2015-05-16 13:54:05 +02:00
Benjamin Neff
d74e20a790 fetch public posts when someone starts sharing with you 
closes #5960
 2015-05-16 13:54:01 +02:00
Jonne Haß
ca33e984d3 Merge branch 'stable' into develop 2015-05-16 12:48:41 +02:00
Benjamin Neff
30cc330747 fix empty searchable in hcard, parse empty as false 
closes #5962
 2015-05-16 12:48:33 +02:00
Dennis Schubert
42a408045e Merge branch 'stable' into develop 2015-05-16 03:44:35 +02:00
Benjamin Neff
c01fdb6e1c fix the url for the public-posts json 
closes #5958
 2015-05-16 03:44:31 +02:00
Jonne Haß
59e77675ce Merge branch 'stable' into develop 2015-05-10 00:10:19 +02:00
Dennis Schubert
6273c2959a Rescue from private objects sent to the public api 
closes #5938
 2015-05-10 00:10:12 +02:00
Jonne Haß
fc00e94afa Merge branch 'stable' into develop 2015-05-07 22:30:47 +02:00