diaspora

Author	SHA1	Message	Date
augier	7b2be0d3c6	Support displaying TOS and policy	2016-01-04 16:49:56 +09:00
theworldbright	9c9880d880	Move JWKs files to database	2016-01-04 16:49:56 +09:00
augier	2c7d102019	Design for authorization page when client_name not providen + XSS spec	2016-01-04 16:49:55 +09:00
theworldbright	80cbc7d915	Destroy previous auths on new auth request	2016-01-04 16:49:55 +09:00
theworldbright	b3b9b39690	Fix request with prompt=none when not logged in	2016-01-04 16:49:55 +09:00
theworldbright	fd467cd42b	Add private_key_jwt support See - http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication - https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata	2016-01-04 16:49:55 +09:00
theworldbright	1dcefdb998	Validate sector identifier uri and redirect uri	2016-01-04 16:49:55 +09:00
theworldbright	a76f51a6a5	Use redirect_uri if no sector identifier for ppid As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg: "If the Client has not provided a value for sector_identifier_uri in Dynamic Client Registration [OpenID.Registration], the Sector Identifier used for pairwise identifier calculation is the host component of the registered redirect_uri."	2016-01-04 16:49:55 +09:00
augier	8c2af74447	Fixing last remarks	2016-01-04 16:49:54 +09:00
augier	c33cce0953	Styling user consent form	2016-01-04 16:49:54 +09:00
theworldbright	1a7f2edc01	Perform major refactoring - Add foreign_keys - Remove unused classes/methods - Fix pronto errors - Add method to retrieve client id from name - Remove TODO comments - Fix unnecessary private key generation	2016-01-04 16:49:54 +09:00
theworldbright	e55a0b0d0b	Replace scopes with constants in Authorization	2016-01-04 16:49:54 +09:00
theworldbright	28fc65ae26	Add CORS support to OIDC	2016-01-04 16:49:54 +09:00
theworldbright	054e421829	Remove zone info claim	2016-01-04 16:49:53 +09:00
theworldbright	bb8fe6aa83	Adjust id token config to save private key to file	2016-01-04 16:49:53 +09:00
theworldbright	24fd70676c	Fix webfinger discovery route	2016-01-04 16:49:53 +09:00
theworldbright	ab65617958	Add support for max_age parameter Additionally add support for prompt's login option Signed-off-by: theworldbright <kent@kentshikama.com>	2016-01-04 16:49:53 +09:00
theworldbright	25f51c606a	Add support for prompt parameter	2016-01-04 16:49:53 +09:00
theworldbright	8be3be3e10	Refactor authorizations controller destroy action	2016-01-04 16:49:53 +09:00
augier	07c12ba057	Using Camo for the application logo	2016-01-04 16:49:53 +09:00
augier	469521c572	Addin scopes translation and description	2016-01-04 16:49:52 +09:00
theworldbright	3734e074a6	Fix pronto errors	2016-01-04 16:49:52 +09:00
augier	b9da104b28	Revoke button on applications page	2016-01-04 16:49:52 +09:00
theworldbright	dd337d4163	Remove JSON root from client controller Signed-off-by: theworldbright <kent@kentshikama.com>	2016-01-04 16:49:52 +09:00
augier	308170f691	Add applications information page	2016-01-04 16:49:52 +09:00
theworldbright	99d6d7b3e7	Add pairwise pseudonymous identifier support Squashed commits: [a182de7] Fix pronto/travis errors	2016-01-04 16:49:51 +09:00
theworldbright	d834a1d4d0	Replace user info endpoint with supported claims The route /api/v0/user/ will now be used as a non-OIDC route. In other words, the /api/v0/user/ will require the "read" scope while /api/openid_connect/user_info/ will require the "openid" scope	2016-01-04 16:49:51 +09:00
theworldbright	bc5e5c7420	Fix pronto errors	2016-01-04 16:49:51 +09:00
theworldbright	cd2f1215e8	Adjust protect resource endpoint spec	2016-01-04 16:49:51 +09:00
theworldbright	3cbe75469b	Add support for scopes Remove scopes from tokens Squashed commits: [83db38f] Add redirect uris to supported metadata	2016-01-04 16:49:51 +09:00
augier	de4f68c289	Support for more metadata	2016-01-04 16:49:50 +09:00
theworldbright	979adca1e7	Fix account deleter specs Squashed commits: [7ff4276] Adjust discovery controller	2016-01-04 16:49:50 +09:00
augier	cc28199555	Fixing hounds remarks	2016-01-04 16:49:50 +09:00
theworldbright	ee9ac06e1a	Add support for access tokens in implicit flow Squashed commits: [7dbf618] Use Rail's find_or_create_by method	2016-01-04 16:49:50 +09:00
theworldbright	2d762da072	Adjust tokens to fit revised Authorization	2016-01-04 16:49:50 +09:00
theworldbright	17fde49d61	Implement ID Token for the implicit flow	2016-01-04 16:49:50 +09:00
theworldbright	1475672d72	Fix authorization and related models Squashed commits: [a844d37] Remove unnecessary class_name's from models [529a30c] Further adjust authorization and related models	2016-01-04 16:49:50 +09:00
augier	031679762a	Redesign the models	2016-01-04 16:49:49 +09:00
theworldbright	9d9dc13272	Adjust discovery controller to current values	2016-01-04 16:49:49 +09:00
Augier	73cc55940d	Fix travis errors and refactor	2016-01-04 16:49:49 +09:00
theworldbright	3d26cbf657	Allow POST requests at authentication endpoint	2016-01-04 16:49:49 +09:00
theworldbright	3cfbcbce8f	Implement authorization endpoint (part 1) The user can now authenticate with the authorization server's authorization endpoint and receive a fake id token.	2016-01-04 16:49:49 +09:00
theworldbright	88d02ea35b	Add client registration Client must now be registered prior to imitating a call to the token endpoint with the password flow. Squashed commits: [fdcef62] Rename authorization endpoint to protected resource endpoint	2016-01-04 16:49:48 +09:00
theworldbright	3fc0f64c56	Move openid controllers to openid connect namespace	2016-01-04 16:49:48 +09:00
theworldbright	9de2837a63	Move new API from /api/v2 to /api/v0	2016-01-04 16:49:16 +09:00
theworldbright	beae77102d	Allow current user to be obtained from access token	2016-01-04 16:49:16 +09:00
theworldbright	68d96a3189	Add versionist gem	2016-01-04 16:49:16 +09:00
theworldbright	efdfe318fd	Add ability to get user info from access tokens	2016-01-04 16:48:42 +09:00
Augier	a1f3d5f5f9	Getting token from user credential flow	2016-01-04 16:45:21 +09:00
augier	8d8faf684c	OpenID Connect debut work	2016-01-04 16:45:21 +09:00

1 2 3 4 5 ...

2331 commits