diaspora

Author	SHA1	Message	Date
augier	d028b5672e	Fix remarks	2016-01-04 16:49:57 +09:00
theworldbright	0fbcb71255	Add support for request_uri and claims	2016-01-04 16:49:56 +09:00
theworldbright	9c9880d880	Move JWKs files to database	2016-01-04 16:49:56 +09:00
theworldbright	da766d8e8b	Revoke previously issued tokens on duplicate request	2016-01-04 16:49:55 +09:00
theworldbright	fd467cd42b	Add private_key_jwt support See - http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication - https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata	2016-01-04 16:49:55 +09:00
theworldbright	1dcefdb998	Validate sector identifier uri and redirect uri	2016-01-04 16:49:55 +09:00
theworldbright	5f19d8ffe6	Add acr value	2016-01-04 16:49:55 +09:00
theworldbright	a76f51a6a5	Use redirect_uri if no sector identifier for ppid As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg: "If the Client has not provided a value for sector_identifier_uri in Dynamic Client Registration [OpenID.Registration], the Sector Identifier used for pairwise identifier calculation is the host component of the registered redirect_uri."	2016-01-04 16:49:55 +09:00
theworldbright	4be9f4d558	Make client name optional	2016-01-04 16:49:54 +09:00
theworldbright	9439a16d98	Fix failing auth code test and styles	2016-01-04 16:49:54 +09:00
augier	8c2af74447	Fixing last remarks	2016-01-04 16:49:54 +09:00
augier	c33cce0953	Styling user consent form	2016-01-04 16:49:54 +09:00
theworldbright	1a7f2edc01	Perform major refactoring - Add foreign_keys - Remove unused classes/methods - Fix pronto errors - Add method to retrieve client id from name - Remove TODO comments - Fix unnecessary private key generation	2016-01-04 16:49:54 +09:00
theworldbright	e55a0b0d0b	Replace scopes with constants in Authorization	2016-01-04 16:49:54 +09:00
theworldbright	858e8c2503	Prevent duplicate scopes in authorization	2016-01-04 16:49:54 +09:00
theworldbright	724f32604b	Add nonce to auth code flow	2016-01-04 16:49:53 +09:00
theworldbright	bb8fe6aa83	Adjust id token config to save private key to file	2016-01-04 16:49:53 +09:00
augier	07c12ba057	Using Camo for the application logo	2016-01-04 16:49:53 +09:00
augier	3fb2d262b8	Using entypo icon as default application image	2016-01-04 16:49:52 +09:00
theworldbright	3734e074a6	Fix pronto errors	2016-01-04 16:49:52 +09:00
theworldbright	98fd18077a	Add test for expired access token	2016-01-04 16:49:52 +09:00
augier	308170f691	Add applications information page	2016-01-04 16:49:52 +09:00
theworldbright	65c40f236e	Load scopes from seeds Signed-off-by: theworldbright <kent@kentshikama.com>	2016-01-04 16:49:51 +09:00
theworldbright	99d6d7b3e7	Add pairwise pseudonymous identifier support Squashed commits: [a182de7] Fix pronto/travis errors	2016-01-04 16:49:51 +09:00
theworldbright	e5932968fd	Add support for authorization code flow	2016-01-04 16:49:51 +09:00
theworldbright	bc5e5c7420	Fix pronto errors	2016-01-04 16:49:51 +09:00
theworldbright	3cbe75469b	Add support for scopes Remove scopes from tokens Squashed commits: [83db38f] Add redirect uris to supported metadata	2016-01-04 16:49:51 +09:00
augier	de4f68c289	Support for more metadata	2016-01-04 16:49:50 +09:00
theworldbright	979adca1e7	Fix account deleter specs Squashed commits: [7ff4276] Adjust discovery controller	2016-01-04 16:49:50 +09:00
augier	b173283692	Test for refresh token flow	2016-01-04 16:49:50 +09:00
augier	cc28199555	Fixing hounds remarks	2016-01-04 16:49:50 +09:00
theworldbright	7b80a7408d	Add integration tests for implicit flow Squashed commits: [d5001fe] Refactor [8d8a23f] Add test for when authorization is denied [659fc56] Adjust password flow integration test	2016-01-04 16:49:50 +09:00
theworldbright	ee9ac06e1a	Add support for access tokens in implicit flow Squashed commits: [7dbf618] Use Rail's find_or_create_by method	2016-01-04 16:49:50 +09:00
theworldbright	2d762da072	Adjust tokens to fit revised Authorization	2016-01-04 16:49:50 +09:00
theworldbright	17fde49d61	Implement ID Token for the implicit flow	2016-01-04 16:49:50 +09:00
theworldbright	1475672d72	Fix authorization and related models Squashed commits: [a844d37] Remove unnecessary class_name's from models [529a30c] Further adjust authorization and related models	2016-01-04 16:49:50 +09:00
augier	031679762a	Redesign the models	2016-01-04 16:49:49 +09:00
Augier	9140c8244b	Support for refresh tokens w/ no tests	2016-01-04 16:49:49 +09:00
Augier	73cc55940d	Fix travis errors and refactor	2016-01-04 16:49:49 +09:00
theworldbright	3cfbcbce8f	Implement authorization endpoint (part 1) The user can now authenticate with the authorization server's authorization endpoint and receive a fake id token.	2016-01-04 16:49:49 +09:00
theworldbright	059933f076	Add scopes and authorization models	2016-01-04 16:49:49 +09:00
theworldbright	88d02ea35b	Add client registration Client must now be registered prior to imitating a call to the token endpoint with the password flow. Squashed commits: [fdcef62] Rename authorization endpoint to protected resource endpoint	2016-01-04 16:49:48 +09:00
theworldbright	7c75eb5901	Make access tokens belong to user not client app	2016-01-04 16:49:48 +09:00
theworldbright	beae77102d	Allow current user to be obtained from access token	2016-01-04 16:49:16 +09:00
theworldbright	efdfe318fd	Add ability to get user info from access tokens	2016-01-04 16:48:42 +09:00
Augier	a1f3d5f5f9	Getting token from user credential flow	2016-01-04 16:45:21 +09:00
Dennis Schubert	d4fbbd86b3	Merge branch 'stable' into develop	2015-12-30 14:51:05 +01:00
Benjamin Neff	24f5244f76	move glue code back to the initializer	2015-12-30 14:48:38 +01:00
Jonne Haß	13029235d0	Merge branch 'stable' into develop	2015-12-13 12:28:04 +01:00
cmrd Senya	922d26f976	Implement integration tests for the federation messages receive feature These are some initial tests, more to come. It tests some features of Request, StatusMessage, Comment, Like, Participation, Retraction, SignedRetraction, RelayableRetraction entities receive process.	2015-12-13 12:24:52 +01:00

1 2 3 4 5 ...

2357 commits