nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19703 commits 4 branches 0 tags 121 MiB
Commit graph

47 commits

Author SHA1 Message Date
Hank Grabowski
f07912ebdd API Branch Final Cleanup Before PR 2018-12-30 11:50:58 -05:00
Hank Grabowski
a8d69c48dc OpenID Scopes and Security updates 2018-12-26 14:13:13 -05:00
Benjamin Neff
4c4c3d8bf0
Bump json-jwt and openid_connect 
Fixes CVE-2018-1000539
 2018-09-05 02:19:34 +02:00
Benjamin Neff
b8094544a0
Bump faraday 2018-04-12 02:41:54 +02:00
Benjamin Neff
e82690963d
Add # frozen_string_literal: true to all files 2017-09-17 19:29:15 +02:00
Benjamin Neff
385ab76077
Refactor OpenID specs to prevent duplicate client names 2017-08-12 15:39:24 +02:00
Benjamin Neff
2a6515fab9
Add params keyword to controller specs 2017-08-12 15:39:23 +02:00
Benjamin Neff
4f9e560ab3
Use RFC 7033 webfinger from diaspora_federation gem 2017-07-03 03:14:41 +02:00
Steffen van Bergerem
612455d41f
Bump faraday and twitter 
closes #7348
 2017-03-04 22:10:23 +01:00
cmrd Senya
31a31ecbe1
pass "state" parameter back to openid client 2016-12-01 03:16:50 +01:00
Justin Ramos
fa71af71c1 require spec_helper in .rspec 
closes #7223
 2016-11-27 21:27:12 +01:00
cmrd Senya
cdcf2d747e
Override forgery settings in controllers 
ClientsController and TokenEndpointController are called from the outside,
so CSRF verification prevents them from normal operation.

closes #7062
 2016-10-01 10:24:15 +02:00
cmrd Senya
4ae26e1ded Upgrade devise to 4.2 2016-08-11 12:25:36 +03:00
theworldbright
bb3849e4b1 Fix API privilege scope escalation 2016-03-11 17:18:21 -08:00
theworldbright
b09ee87912 Update json-jwt legacy methods 2016-01-04 17:01:41 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
theworldbright
ed1dc256a8 Fix handling of error message in authorization controller 2016-01-04 16:49:58 +09:00
theworldbright
10938404e9 Fix HTTP request test mocks 2016-01-04 16:49:57 +09:00
theworldbright
c6bec2f2dc Return error to RP instead of user for prompt=none 2016-01-04 16:49:57 +09:00
theworldbright
9fc8c63cae Fix hash styles for stub_request 2016-01-04 16:49:57 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
theworldbright
2f8c391ac6 Fix pronto and travis errors 2016-01-04 16:49:57 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
82600003b3 Flash error messages when redirect_uri is invalid 2016-01-04 16:49:56 +09:00
theworldbright
adcf2ab7ab Fix test for prompt == "none" 2016-01-04 16:49:56 +09:00
augier
d351db1982 Filter for prompt handling 2016-01-04 16:49:56 +09:00
augier
7b2be0d3c6 Support displaying TOS and policy 2016-01-04 16:49:56 +09:00
augier
6fcb9a9d3a Add XSS spec for application's name 2016-01-04 16:49:56 +09:00
augier
2c7d102019 Design for authorization page when client_name not providen + XSS spec 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
4be9f4d558 Make client name optional 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
theworldbright
24fd70676c Fix webfinger discovery route 2016-01-04 16:49:53 +09:00
theworldbright
ab65617958 Add support for max_age parameter 
Additionally add support for prompt's login option

Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:53 +09:00
theworldbright
25f51c606a Add support for prompt parameter 2016-01-04 16:49:53 +09:00
theworldbright
8be3be3e10 Refactor authorizations controller destroy action 2016-01-04 16:49:53 +09:00
theworldbright
6e1a673459 Replace let!() with factory girl 2016-01-04 16:49:52 +09:00
theworldbright
dd337d4163 Remove JSON root from client controller 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
d834a1d4d0 Replace user info endpoint with supported claims 
The route /api/v0/user/ will now be used as a
non-OIDC route. In other words, the /api/v0/user/
will require the "read" scope while
/api/openid_connect/user_info/ will require the
"openid" scope
 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00