nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
17659 commits 4 branches 0 tags 121 MiB
Commit graph

731 commits

Author SHA1 Message Date
Benjamin Neff
b1d30aa9cc add more "diaspora to federation entity" methods 
move it to Diaspora::Federation::Entities and use it in some tests, but most of the tests can be removed later.
 2016-06-26 06:20:58 +02:00
Dennis Schubert
652050a87e Add rel="noopener noreferrer" to autolinks 2016-06-19 13:43:43 +02:00
Dennis Schubert
49395c0a11
Merge pull request #6812 from cmrd-senya/6811-visibilities-id-overlap 
Don't include wrong shareable types in scopes
 2016-06-19 01:40:01 +02:00
Benjamin Neff
d68c1ad974 remove REDISTOGO_URL deprecation 2016-06-14 06:40:34 +02:00
cmrd Senya
2737280fa4
Don't include wrong shareable types in scopes 2016-05-31 18:20:07 +03:00
cmrd Senya
ab718dbbc6
A minor refactor of the Publisher 
There was a minor copy-paste issue with publisher_public and
publisher_explain methods. Fix it and do a little refactoring
of the publisher's code.
 2016-04-28 21:45:49 +03:00
Dennis Schubert
a414fb2381 Merge pull request #6747 from cmrd-senya/rspec-fixup 
Fix usage of hard-coded pod URI in rspec testsuite
 2016-04-05 17:52:50 +02:00
cmrd Senya
0f04414a4f Fix usage of hard-coded pod URI in rspec testsuite 2016-03-22 15:06:30 +03:00
Jonne Haß
6bec0dbbb9 Merge branch 'stable' into develop 2016-03-21 14:04:33 +01:00
Benjamin Neff
d97448e552 remove ChromeFrame 
Google Chrome Frame was a plugin for Internet Explorer, but is no longer
supported. And it was included with http and not https which triggered a
warning on most pods.

Also set the minimum version to 9 to support #6557

closes #6751
 2016-03-21 14:04:24 +01:00
Benjamin Neff
80201d452e fix randomly failing specs for public posts 2016-03-09 03:00:47 +01:00
Dennis Schubert
d5560430ce Merge pull request #6740 from svbergerem/refactor-cukes 
Refactor invitations and public stream cukes
 2016-03-07 18:47:52 +01:00
Benjamin Neff
10af3a8b11 fix pod table migration if someone deleted a user (owner) manually 2016-03-06 23:55:28 +01:00
Steffen van Bergerem
e4f8023b91 Add rspec test for public stream 2016-03-05 21:07:00 +01:00
Steffen van Bergerem
9d591c6433 Move some multi stream and person stream cukes to rspec 2016-03-05 11:18:55 +01:00
Steffen van Bergerem
6e6a5c1e29 Move multiple participations test to rspec 2016-03-05 11:18:55 +01:00
Benjamin Neff
acb91c79d2 improve pod connection check 
* use port for check
* respect entries in /etc/hosts
* test /.well-known/host-meta
* don't allow redirects to other domains
 2016-03-05 02:57:11 +01:00
Benjamin Neff
b1a6516474 add migration for pods-table 
* add port to pods
* remove url from person and link people with pod-table
 2016-03-05 00:12:54 +01:00
Benjamin Neff
7011f2961d Revert "Back out #6723 due to Postgres breakage" 
This reverts commit 84cfbd22fc.
 2016-03-04 14:01:31 +01:00
Dennis Schubert
84cfbd22fc Back out #6723 due to Postgres breakage 
This reverts commit 832a56134b, reversing
changes made to 75c3e6068c.
 2016-03-04 13:33:32 +01:00
Benjamin Neff
7583568be8 update queries for new ShareVisibility 
Also:
* remove ShareablesFromPerson evil-query
* improve multi-stream and aspect-stream queries
* fix logging for recieve
* don't add last 100 public posts to users streams after sharing
* delete share visibility when shareable is deleted
 2016-03-03 21:43:11 +01:00
Steffen van Bergerem
b808ac08ef Activate "Stream::Person returns the most recent posts" spec 2016-02-21 11:31:40 +01:00
Jonne Haß
32bda8fe20 Merge branch 'stable' into develop 2016-01-28 18:47:18 +01:00
Faldrian
8e3816e64e let mention-regex only match usable strings 
closes #6658
 2016-01-28 18:47:13 +01:00
theworldbright
773a5a67d9 Add default kid to ID token 2016-01-04 16:49:58 +09:00
theworldbright
9c9880d880 Move JWKs files to database 2016-01-04 16:49:56 +09:00
theworldbright
da766d8e8b Revoke previously issued tokens on duplicate request 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
98fd18077a Add test for expired access token 2016-01-04 16:49:52 +09:00
theworldbright
6e1a673459 Replace let!() with factory girl 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00
theworldbright
2be932ceff Delete password flow 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
theworldbright
cd2f1215e8 Adjust protect resource endpoint spec 2016-01-04 16:49:51 +09:00
theworldbright
3cbe75469b Add support for scopes 
Remove scopes from tokens

Squashed commits:

[83db38f] Add redirect uris to supported metadata
 2016-01-04 16:49:51 +09:00
augier
de4f68c289 Support for more metadata 2016-01-04 16:49:50 +09:00
augier
b173283692 Test for refresh token flow 2016-01-04 16:49:50 +09:00
theworldbright
2d762da072 Adjust tokens to fit revised Authorization 2016-01-04 16:49:50 +09:00
theworldbright
1475672d72 Fix authorization and related models 
Squashed commits:
[a844d37] Remove unnecessary class_name's from models
[529a30c] Further adjust authorization and related models
 2016-01-04 16:49:50 +09:00
augier
031679762a Redesign the models 2016-01-04 16:49:49 +09:00
Augier
73cc55940d Fix travis errors and refactor 2016-01-04 16:49:49 +09:00
theworldbright
88d02ea35b Add client registration 
Client must now be registered prior to imitating a
call to the token endpoint with the password flow.

Squashed commits:

[fdcef62] Rename authorization endpoint to protected resource endpoint
 2016-01-04 16:49:48 +09:00
theworldbright
beae77102d Allow current user to be obtained from access token 2016-01-04 16:49:16 +09:00