nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
17430 commits 4 branches 0 tags 121 MiB
Commit graph

8543 commits

Author SHA1 Message Date
Steffen van Bergerem
3f72b231d4 Enable autosize for all textareas 2016-02-06 15:10:32 +01:00
Steffen van Bergerem
ada0ad6eb5 Unify settings ui 2016-02-06 14:15:04 +01:00
Steffen van Bergerem
03ef5bd064 Set max-width to 1200px for container-fluid 2016-02-06 14:15:04 +01:00
Steffen van Bergerem
0c34452840 Merge pull request #6654 from korun/set-default-resize-style-01 
CSS: set "resize: vertical" as default for textarea
 2016-02-06 12:00:44 +01:00
Steffen van Bergerem
0c05b474c5 Merge pull request #6509 from AugierLe42e/fix-mobile-comment 
Refactor mobile comment section
 2016-02-05 11:30:04 +01:00
Faldrian
6da2720168 Check for collapsible content_view again after images are loaded 2016-02-04 21:39:28 +01:00
Augier
a5198e9a01 Fix no reaction case 2016-02-03 16:06:24 +01:00
Jonne Haß
1832c2956e Merge branch 'stable' into develop 2016-02-01 11:27:06 +01:00
Sayed Abdelhaleem
fa97a5a5a2 Issue #6662: fix refresh my photos routing error 
closes #6667
 2016-02-01 11:24:16 +01:00
Steffen van Bergerem
17e8d2fcbb Fix blueimp gallery indicators 2016-02-01 02:32:49 +01:00
Jonne Haß
f4454f4488 Merge branch 'stable' into develop 2016-01-30 15:04:29 +01:00
Jonne Haß
32bda8fe20 Merge branch 'stable' into develop 2016-01-28 18:47:18 +01:00
Faldrian
8e3816e64e let mention-regex only match usable strings 
closes #6658
 2016-01-28 18:47:13 +01:00
Steffen van Bergerem
40c42eb5b3 Merge pull request #6641 from Flaburgan/add-poll-result 
Add answer poll counts
 2016-01-26 23:54:37 +01:00
Dennis Schubert
7c197756dd Merge branch 'stable' into develop 2016-01-26 15:19:55 +01:00
Dennis Schubert
211365c169 Merge branch 'master' into stable 2016-01-26 15:19:27 +01:00
Dennis Schubert
ad20bb052c Fix include_root_in_json misuse 
since it is no longer exposed for instances, our post_presenter failed
hard.
 2016-01-26 15:18:02 +01:00
fla
1e27b509f9 Add number of votes on poll answers 2016-01-24 14:31:06 +01:00
Ivan
b631b4c0e5 set "resize: vertical" as default for textarea 2016-01-24 10:53:19 +03:00
cmrd Senya
ed61ef6d6a Replace sidetiq with sidekiq-cron 
closes #6616
 2016-01-24 07:20:44 +01:00
Dennis Schubert
515cda7658 Merge branch 'stable' into develop 2016-01-24 07:15:04 +01:00
Benjamin Neff
44ab0df02b fix suppress_annoying_errors 
closes #6653
 2016-01-24 07:14:58 +01:00
Dennis Schubert
b1aa8aacfd Merge branch 'stable' into develop 2016-01-24 07:13:11 +01:00
Steffen van Bergerem
0213bbc028 Add podmin email to 500 error page 
closes #6652
 2016-01-24 07:12:06 +01:00
Steffen van Bergerem
a3adc2fb36 Fix timeago tooltips for reshares 2016-01-21 22:42:30 +01:00
Dennis Schubert
dd93cb6cad Merge pull request #6646 from svbergerem/commenting-when-ignored 
Tell user that the author might ignore them when commenting/liking failed
 2016-01-21 21:07:37 +01:00
Steffen van Bergerem
a52c8a2f55 Tell user that the author might ignore them when commenting/liking failed 2016-01-21 21:02:39 +01:00
Dennis Schubert
ff867cd471 Merge branch 'stable' into develop 2016-01-21 21:00:32 +01:00
Steffen van Bergerem
749016a7b4 Fix keyboard shortcuts on profile pages 
closes #6647
 2016-01-21 21:00:26 +01:00
Steffen van Bergerem
6fce81fc99 Merge branch 'stable' into develop 2016-01-20 21:37:30 +01:00
tamatsyk
960e651764 internationalize controller rescue_from text 
Fix typos

change forbitten to forbidden

fix styling issue and copypaste

improve code style for aspec_memberships_controller.rb with rubocop

fix styling issues

aligned elements of hash literals

fix typo

fix locale name and styling of its usage

fix failing tests

closes #6554
 2016-01-20 21:37:02 +01:00
augier
054971c7de Big refactor on mobile comments 2016-01-15 15:54:34 +01:00
Marien Fressinaud
bde3b47c02 [WIP] [mobile] Embedded new comment form in HTML 2016-01-15 15:54:34 +01:00
Steffen van Bergerem
5bd15e23f8 Clean up scss code for original white background 2016-01-10 00:48:30 +01:00
jpope
cab192b69e add original white background color theme 2016-01-10 00:48:30 +01:00
Steffen van Bergerem
67922f8ad4 Merge pull request #6483 from Flaburgan/add-not-connected-header-to-mobile 
Add header on not connected pages on mobile version
 2016-01-08 13:33:04 +01:00
Jonne Haß
baeff22451 Merge pull request #6095 from AugierLe42e/openid 
OpenID Connect
 2016-01-06 12:30:15 +01:00
Manuel Vögele
4f34ecafa4 Show posts of ignored users on their profile page 2016-01-04 18:29:30 +01:00
theworldbright
38439277d6 Add licenses where appropriate 2016-01-04 17:22:44 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
augier
ef7ea1a855 General text error + CSS styling 
Minor merge conflict fix by theworldbright
 2016-01-04 16:49:59 +09:00
augier
10314ffc8c Fixing more remarks 2016-01-04 16:49:58 +09:00
theworldbright
c1e1f9bf69 Fix 500 error when unknown algorithm is used for JWT 2016-01-04 16:49:58 +09:00
theworldbright
4cde41486b Fix handling of prompt=login 2016-01-04 16:49:58 +09:00
theworldbright
9f85a90f55 Update code_used to false after issues new code 2016-01-04 16:49:58 +09:00
theworldbright
a4095692b7 Add default kid to jwks.json 2016-01-04 16:49:58 +09:00
theworldbright
1e3421713a Handle error when request object is signed 2016-01-04 16:49:58 +09:00
theworldbright
7e8bd0f411 Add fallback for failed app logo rendering 2016-01-04 16:49:58 +09:00
theworldbright
fd4022a55c Fix pronto remarks 2016-01-04 16:49:58 +09:00
theworldbright
773a5a67d9 Add default kid to ID token 2016-01-04 16:49:58 +09:00
theworldbright
ed1dc256a8 Fix handling of error message in authorization controller 2016-01-04 16:49:58 +09:00
augier
ebeafb7894 Add custom error page when prompt=none 2016-01-04 16:49:57 +09:00
augier
73c1f0bc70 Fix pronto remarks 2016-01-04 16:49:57 +09:00
theworldbright
c6bec2f2dc Return error to RP instead of user for prompt=none 2016-01-04 16:49:57 +09:00
theworldbright
7865a30fec Return an JSON error response for invalid jwks_uri 2016-01-04 16:49:57 +09:00
theworldbright
3440709ec5 Explicitly state no support for user info alg 2016-01-04 16:49:57 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
augier
d028b5672e Fix remarks 2016-01-04 16:49:57 +09:00
theworldbright
2f8c391ac6 Fix pronto and travis errors 2016-01-04 16:49:57 +09:00
theworldbright
8f5094c29e Gracefully handle SSL verification failure 2016-01-04 16:49:56 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
82600003b3 Flash error messages when redirect_uri is invalid 2016-01-04 16:49:56 +09:00
theworldbright
e4edad0646 Fix test for the auth missing the response_type parameter 2016-01-04 16:49:56 +09:00
theworldbright
adcf2ab7ab Fix test for prompt == "none" 2016-01-04 16:49:56 +09:00
augier
d351db1982 Filter for prompt handling 2016-01-04 16:49:56 +09:00
augier
7b2be0d3c6 Support displaying TOS and policy 2016-01-04 16:49:56 +09:00
augier
6fcb9a9d3a Add XSS spec for application's name 2016-01-04 16:49:56 +09:00
theworldbright
9c9880d880 Move JWKs files to database 2016-01-04 16:49:56 +09:00
augier
2c7d102019 Design for authorization page when client_name not providen + XSS spec 2016-01-04 16:49:55 +09:00
theworldbright
80cbc7d915 Destroy previous auths on new auth request 2016-01-04 16:49:55 +09:00
theworldbright
da766d8e8b Revoke previously issued tokens on duplicate request 2016-01-04 16:49:55 +09:00
theworldbright
b3b9b39690 Fix request with prompt=none when not logged in 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
5f19d8ffe6 Add acr value 2016-01-04 16:49:55 +09:00
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
theworldbright
4be9f4d558 Make client name optional 2016-01-04 16:49:54 +09:00
theworldbright
9439a16d98 Fix failing auth code test and styles 2016-01-04 16:49:54 +09:00
augier
8c2af74447 Fixing last remarks 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
28fc65ae26 Add CORS support to OIDC 2016-01-04 16:49:54 +09:00
theworldbright
858e8c2503 Prevent duplicate scopes in authorization 2016-01-04 16:49:54 +09:00
theworldbright
054e421829 Remove zone info claim 2016-01-04 16:49:53 +09:00
theworldbright
724f32604b Add nonce to auth code flow 2016-01-04 16:49:53 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
24fd70676c Fix webfinger discovery route 2016-01-04 16:49:53 +09:00
theworldbright
ab65617958 Add support for max_age parameter 
Additionally add support for prompt's login option

Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:53 +09:00
theworldbright
25f51c606a Add support for prompt parameter 2016-01-04 16:49:53 +09:00
theworldbright
8be3be3e10 Refactor authorizations controller destroy action 2016-01-04 16:49:53 +09:00
augier
07c12ba057 Using Camo for the application logo 2016-01-04 16:49:53 +09:00
augier
3fb2d262b8 Using entypo icon as default application image 2016-01-04 16:49:52 +09:00
augier
098e8e46dd CSS for applications settings page 2016-01-04 16:49:52 +09:00
augier
469521c572 Addin scopes translation and description 2016-01-04 16:49:52 +09:00
theworldbright
3734e074a6 Fix pronto errors 2016-01-04 16:49:52 +09:00
theworldbright
98fd18077a Add test for expired access token 2016-01-04 16:49:52 +09:00
augier
b9da104b28 Revoke button on applications page 2016-01-04 16:49:52 +09:00
theworldbright
dd337d4163 Remove JSON root from client controller 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:52 +09:00
augier
308170f691 Add applications information page 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
theworldbright
cd2f1215e8 Adjust protect resource endpoint spec 2016-01-04 16:49:51 +09:00
theworldbright
3cbe75469b Add support for scopes 
Remove scopes from tokens

Squashed commits:

[83db38f] Add redirect uris to supported metadata
 2016-01-04 16:49:51 +09:00
augier
de4f68c289 Support for more metadata 2016-01-04 16:49:50 +09:00
theworldbright
979adca1e7 Fix account deleter specs 
Squashed commits:

[7ff4276] Adjust discovery controller
 2016-01-04 16:49:50 +09:00
augier
b173283692 Test for refresh token flow 2016-01-04 16:49:50 +09:00
augier
cc28199555 Fixing hounds remarks 2016-01-04 16:49:50 +09:00
theworldbright
7b80a7408d Add integration tests for implicit flow 
Squashed commits:
[d5001fe] Refactor
[8d8a23f] Add test for when authorization is denied
[659fc56] Adjust password flow integration test
 2016-01-04 16:49:50 +09:00
theworldbright
ee9ac06e1a Add support for access tokens in implicit flow 
Squashed commits:
[7dbf618] Use Rail's find_or_create_by method
 2016-01-04 16:49:50 +09:00
theworldbright
2d762da072 Adjust tokens to fit revised Authorization 2016-01-04 16:49:50 +09:00
theworldbright
17fde49d61 Implement ID Token for the implicit flow 2016-01-04 16:49:50 +09:00
theworldbright
1475672d72 Fix authorization and related models 
Squashed commits:
[a844d37] Remove unnecessary class_name's from models
[529a30c] Further adjust authorization and related models
 2016-01-04 16:49:50 +09:00
augier
031679762a Redesign the models 2016-01-04 16:49:49 +09:00
Augier
9140c8244b Support for refresh tokens w/ no tests 2016-01-04 16:49:49 +09:00
theworldbright
9d9dc13272 Adjust discovery controller to current values 2016-01-04 16:49:49 +09:00
Augier
73cc55940d Fix travis errors and refactor 2016-01-04 16:49:49 +09:00
Augier
c6eb722517 Replace ERB by HAML, added locales, corrected Gemfile 2016-01-04 16:49:49 +09:00
theworldbright
3d26cbf657 Allow POST requests at authentication endpoint 2016-01-04 16:49:49 +09:00
theworldbright
3cfbcbce8f Implement authorization endpoint (part 1) 
The user can now authenticate with the authorization
server's authorization endpoint and receive a fake
id token.
 2016-01-04 16:49:49 +09:00
theworldbright
059933f076 Add scopes and authorization models 2016-01-04 16:49:49 +09:00
theworldbright
88d02ea35b Add client registration 
Client must now be registered prior to imitating a
call to the token endpoint with the password flow.

Squashed commits:

[fdcef62] Rename authorization endpoint to protected resource endpoint
 2016-01-04 16:49:48 +09:00
theworldbright
7c75eb5901 Make access tokens belong to user not client app 2016-01-04 16:49:48 +09:00
theworldbright
3fc0f64c56 Move openid controllers to openid connect namespace 2016-01-04 16:49:48 +09:00
theworldbright
9de2837a63 Move new API from /api/v2 to /api/v0 2016-01-04 16:49:16 +09:00
theworldbright
beae77102d Allow current user to be obtained from access token 2016-01-04 16:49:16 +09:00
theworldbright
68d96a3189 Add versionist gem 2016-01-04 16:49:16 +09:00
theworldbright
efdfe318fd Add ability to get user info from access tokens 2016-01-04 16:48:42 +09:00
Augier
a1f3d5f5f9 Getting token from user credential flow 2016-01-04 16:45:21 +09:00
augier
8d8faf684c OpenID Connect debut work 2016-01-04 16:45:21 +09:00
Steffen van Bergerem
99289491ef Merge pull request #6607 from jhass/link_profile_in_user_menu 
Link user menu button to the users profile
 2015-12-30 18:37:16 +01:00
Jonne Haß
f70cefb983 Link user menu button to the users profile 2015-12-30 15:14:29 +01:00
Dennis Schubert
d4fbbd86b3 Merge branch 'stable' into develop 2015-12-30 14:51:05 +01:00
Benjamin Neff
082e300a40 remove PublicsController completely 2015-12-30 14:50:34 +01:00
Benjamin Neff
5c8f0c1671 create queue callbacks and remove receive routes 2015-12-30 14:50:34 +01:00
Benjamin Neff
24f5244f76 move glue code back to the initializer 2015-12-30 14:48:38 +01:00
fla
3a1235e2b2 Unify not connected header on desktop and mobile 2015-12-30 00:04:13 +01:00
fla
119ded6fdc remove landing header on sign in mobile page 2015-12-29 23:55:46 +01:00
fla
96af4a0aec Add header on not connected pages on mobile version 2015-12-29 23:55:46 +01:00
Thor77
056b00fff4 fix flash mesage clickthrough on profile-page 2015-12-29 18:32:13 +01:00
Jonne Haß
434deaa75a Merge branch 'stable' into develop 2015-12-29 13:07:08 +01:00
Steffen van Bergerem
f3e897ab43 Activate hovercards for logged out users 
closes #6603
 2015-12-29 13:07:03 +01:00
Lukas Matt
cf49276aa8 bump jsxc to v0.1.4 
Signed-off-by: Lukas Matt <lukas@zauberstuhl.de>

closes #6569
 2015-12-21 17:29:42 +01:00
Steffen van Bergerem
7f146a8af9 Merge pull request #6570 from Zauberstuhl/bump_jsxc_develop 
[develop] bump jsxc to v0.1.5.develop
 2015-12-20 15:58:13 +01:00
Steffen van Bergerem
f6a409924b Merge pull request #6567 from AugierLe42e/chat-height-fix 
[Quickfix] Use BS variable to stick chat to header
 2015-12-20 15:54:24 +01:00
Dennis Schubert
86fead30a4 Merge branch 'stable' into develop 2015-12-20 00:47:42 +01:00
Dennis Schubert
c238329cd8 Merge branch 'master' into stable 2015-12-20 00:41:49 +01:00