nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
18213 commits 4 branches 0 tags 121 MiB
Commit graph

2426 commits

Author SHA1 Message Date
cmrd Senya
77bd220e24
Redirect to "/users/sign_in" after AccountDeletion 
There is no point to redirect to "/stream" after the account deletion
because the user is logged off.
 2016-04-07 12:02:46 +03:00
theworldbright
bb3849e4b1 Fix API privilege scope escalation 2016-03-11 17:18:21 -08:00
Benjamin Neff
0c8588eec8 PostService: create find! 
* find returns nil if nothing found
* find! raises errors if not found or not visible
 2016-03-07 05:52:54 +01:00
Benjamin Neff
e6b72b526f remove "not public" error page 
this is not used anymore:
* not logged in users are redirected to the login page
* logged in users see the normal 404 page
 2016-03-07 05:52:54 +01:00
Benjamin Neff
d94eae0d45 refactoring PostService 
* move presenters back to controllers, this is view-logic
* use PostService in CommentService
* remove iframe route, this is not used anymore
* id/guid limit at 16 chars, hex(8) is 16 chars long
 2016-03-07 05:52:54 +01:00
Benjamin Neff
b398b115bc refactoring CommentService 2016-03-07 05:52:54 +01:00
Benjamin Neff
5a46da47c3 refactoring StatusMessageCreationService 
* move parameter normalization back to controller, because this is
  frontend-specific.
* if the StatusMessage is public, save also public photos
 2016-03-07 00:00:27 +01:00
Jonne Haß
39ae5e741e Merge pull request #6732 from SuperTux88/cleanup-aspect_visibilities 
Cleanup aspect visibilities
 2016-03-05 11:05:55 +01:00
Benjamin Neff
acb91c79d2 improve pod connection check 
* use port for check
* respect entries in /etc/hosts
* test /.well-known/host-meta
* don't allow redirects to other domains
 2016-03-05 02:57:11 +01:00
Benjamin Neff
f913128967 don't add public shareables to aspect_visibilities 2016-03-04 20:13:52 +01:00
Steffen van Bergerem
d9e3f3a734 Merge branch 'stable' into develop 2016-02-23 09:38:53 +01:00
Dennis Schubert
9f2e5b1868 Only mark unread notifications as read otherwise, the UPDATE statement would update all the notifications... 
closes #6711
 2016-02-23 09:38:34 +01:00
Dennis Schubert
dbdf352a6b Merge branch 'stable' into develop 2016-02-23 06:35:26 +01:00
Steffen van Bergerem
0392549702 Add footer on conversations page 
closes #6710
 2016-02-23 06:35:15 +01:00
Dennis Schubert
535057aca4 Merge branch 'stable' into develop 2016-02-21 04:26:25 +01:00
Marien Fressinaud
27a8e0fbca Test if user is nil in #reset_authentication_token 
Actually it redirects to stream page and says that user is already logged in.

Fix https://github.com/diaspora/diaspora/issues/6326
 2016-02-21 04:24:50 +01:00
Steffen van Bergerem
89f21e87f8 Remove unused code 2016-02-14 02:48:51 +01:00
Dennis Schubert
15d5e0febc Merge branch 'stable' into develop 2016-02-07 16:31:53 +01:00
Steffen van Bergerem
785665b9ad Fix mobile registration layout after failed registration 
closes #6677
 2016-02-07 16:31:48 +01:00
Jonne Haß
32bda8fe20 Merge branch 'stable' into develop 2016-01-28 18:47:18 +01:00
Faldrian
8e3816e64e let mention-regex only match usable strings 
closes #6658
 2016-01-28 18:47:13 +01:00
Steffen van Bergerem
6fce81fc99 Merge branch 'stable' into develop 2016-01-20 21:37:30 +01:00
tamatsyk
960e651764 internationalize controller rescue_from text 
Fix typos

change forbitten to forbidden

fix styling issue and copypaste

improve code style for aspec_memberships_controller.rb with rubocop

fix styling issues

aligned elements of hash literals

fix typo

fix locale name and styling of its usage

fix failing tests

closes #6554
 2016-01-20 21:37:02 +01:00
theworldbright
38439277d6 Add licenses where appropriate 2016-01-04 17:22:44 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
augier
ef7ea1a855 General text error + CSS styling 
Minor merge conflict fix by theworldbright
 2016-01-04 16:49:59 +09:00
theworldbright
c1e1f9bf69 Fix 500 error when unknown algorithm is used for JWT 2016-01-04 16:49:58 +09:00
theworldbright
4cde41486b Fix handling of prompt=login 2016-01-04 16:49:58 +09:00
theworldbright
a4095692b7 Add default kid to jwks.json 2016-01-04 16:49:58 +09:00
theworldbright
1e3421713a Handle error when request object is signed 2016-01-04 16:49:58 +09:00
theworldbright
fd4022a55c Fix pronto remarks 2016-01-04 16:49:58 +09:00
theworldbright
ed1dc256a8 Fix handling of error message in authorization controller 2016-01-04 16:49:58 +09:00
augier
ebeafb7894 Add custom error page when prompt=none 2016-01-04 16:49:57 +09:00
theworldbright
c6bec2f2dc Return error to RP instead of user for prompt=none 2016-01-04 16:49:57 +09:00
theworldbright
7865a30fec Return an JSON error response for invalid jwks_uri 2016-01-04 16:49:57 +09:00
theworldbright
3440709ec5 Explicitly state no support for user info alg 2016-01-04 16:49:57 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
augier
d028b5672e Fix remarks 2016-01-04 16:49:57 +09:00
theworldbright
2f8c391ac6 Fix pronto and travis errors 2016-01-04 16:49:57 +09:00
theworldbright
8f5094c29e Gracefully handle SSL verification failure 2016-01-04 16:49:56 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
82600003b3 Flash error messages when redirect_uri is invalid 2016-01-04 16:49:56 +09:00
theworldbright
e4edad0646 Fix test for the auth missing the response_type parameter 2016-01-04 16:49:56 +09:00
theworldbright
adcf2ab7ab Fix test for prompt == "none" 2016-01-04 16:49:56 +09:00
augier
d351db1982 Filter for prompt handling 2016-01-04 16:49:56 +09:00
augier
7b2be0d3c6 Support displaying TOS and policy 2016-01-04 16:49:56 +09:00
theworldbright
9c9880d880 Move JWKs files to database 2016-01-04 16:49:56 +09:00
augier
2c7d102019 Design for authorization page when client_name not providen + XSS spec 2016-01-04 16:49:55 +09:00
theworldbright
80cbc7d915 Destroy previous auths on new auth request 2016-01-04 16:49:55 +09:00
theworldbright
b3b9b39690 Fix request with prompt=none when not logged in 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
augier
8c2af74447 Fixing last remarks 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
28fc65ae26 Add CORS support to OIDC 2016-01-04 16:49:54 +09:00
theworldbright
054e421829 Remove zone info claim 2016-01-04 16:49:53 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
24fd70676c Fix webfinger discovery route 2016-01-04 16:49:53 +09:00
theworldbright
ab65617958 Add support for max_age parameter 
Additionally add support for prompt's login option

Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:53 +09:00
theworldbright
25f51c606a Add support for prompt parameter 2016-01-04 16:49:53 +09:00
theworldbright
8be3be3e10 Refactor authorizations controller destroy action 2016-01-04 16:49:53 +09:00
augier
07c12ba057 Using Camo for the application logo 2016-01-04 16:49:53 +09:00
augier
469521c572 Addin scopes translation and description 2016-01-04 16:49:52 +09:00
theworldbright
3734e074a6 Fix pronto errors 2016-01-04 16:49:52 +09:00
augier
b9da104b28 Revoke button on applications page 2016-01-04 16:49:52 +09:00
theworldbright
dd337d4163 Remove JSON root from client controller 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:52 +09:00
augier
308170f691 Add applications information page 2016-01-04 16:49:52 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00
theworldbright
cd2f1215e8 Adjust protect resource endpoint spec 2016-01-04 16:49:51 +09:00
theworldbright
3cbe75469b Add support for scopes 
Remove scopes from tokens

Squashed commits:

[83db38f] Add redirect uris to supported metadata
 2016-01-04 16:49:51 +09:00
augier
de4f68c289 Support for more metadata 2016-01-04 16:49:50 +09:00
theworldbright
979adca1e7 Fix account deleter specs 
Squashed commits:

[7ff4276] Adjust discovery controller
 2016-01-04 16:49:50 +09:00
augier
cc28199555 Fixing hounds remarks 2016-01-04 16:49:50 +09:00
theworldbright
ee9ac06e1a Add support for access tokens in implicit flow 
Squashed commits:
[7dbf618] Use Rail's find_or_create_by method
 2016-01-04 16:49:50 +09:00
theworldbright
2d762da072 Adjust tokens to fit revised Authorization 2016-01-04 16:49:50 +09:00
theworldbright
17fde49d61 Implement ID Token for the implicit flow 2016-01-04 16:49:50 +09:00
theworldbright
1475672d72 Fix authorization and related models 
Squashed commits:
[a844d37] Remove unnecessary class_name's from models
[529a30c] Further adjust authorization and related models
 2016-01-04 16:49:50 +09:00
augier
031679762a Redesign the models 2016-01-04 16:49:49 +09:00
theworldbright
9d9dc13272 Adjust discovery controller to current values 2016-01-04 16:49:49 +09:00
Augier
73cc55940d Fix travis errors and refactor 2016-01-04 16:49:49 +09:00
theworldbright
3d26cbf657 Allow POST requests at authentication endpoint 2016-01-04 16:49:49 +09:00
theworldbright
3cfbcbce8f Implement authorization endpoint (part 1) 
The user can now authenticate with the authorization
server's authorization endpoint and receive a fake
id token.
 2016-01-04 16:49:49 +09:00
theworldbright
88d02ea35b Add client registration 
Client must now be registered prior to imitating a
call to the token endpoint with the password flow.

Squashed commits:

[fdcef62] Rename authorization endpoint to protected resource endpoint
 2016-01-04 16:49:48 +09:00
theworldbright
3fc0f64c56 Move openid controllers to openid connect namespace 2016-01-04 16:49:48 +09:00
theworldbright
9de2837a63 Move new API from /api/v2 to /api/v0 2016-01-04 16:49:16 +09:00
theworldbright
beae77102d Allow current user to be obtained from access token 2016-01-04 16:49:16 +09:00
theworldbright
68d96a3189 Add versionist gem 2016-01-04 16:49:16 +09:00
theworldbright
efdfe318fd Add ability to get user info from access tokens 2016-01-04 16:48:42 +09:00
Augier
a1f3d5f5f9 Getting token from user credential flow 2016-01-04 16:45:21 +09:00
augier
8d8faf684c OpenID Connect debut work 2016-01-04 16:45:21 +09:00
Dennis Schubert
d4fbbd86b3 Merge branch 'stable' into develop 2015-12-30 14:51:05 +01:00
Benjamin Neff
082e300a40 remove PublicsController completely 2015-12-30 14:50:34 +01:00
Benjamin Neff
5c8f0c1671 create queue callbacks and remove receive routes 2015-12-30 14:50:34 +01:00
Jonne Haß
434deaa75a Merge branch 'stable' into develop 2015-12-29 13:07:08 +01:00
Steffen van Bergerem
f3e897ab43 Activate hovercards for logged out users 
closes #6603
 2015-12-29 13:07:03 +01:00