| 
								
								
									 Ivan Tashkinov | 6c94b7498b | [#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests. | 2020-01-10 10:52:21 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 51111e286b | [#1427] Initial support for OAuth admin scopes. | 2019-11-29 18:57:19 +03:00 |  | 
				
					
						| 
								
								
									 lain | 1ca7b877a1 | Merge branch 'iss-1376' into 'develop' Check client and token in GET /oauth/authorize
See merge request pleroma/pleroma!1940 | 2019-11-11 12:27:33 +00:00 |  | 
				
					
						| 
								
								
									 Steven Fuchs | 94627baa5c | New rate limiter | 2019-11-11 12:13:06 +00:00 |  | 
				
					
						| 
								
								
									 AkiraFukushima | e1fc6cb78f | Check client and token in GET /oauth/authorize | 2019-11-05 23:52:47 +09:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 10ff01acd9 | [#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. | 2019-10-16 21:59:21 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 28fb98d69e | Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions # Conflicts:
#	CHANGELOG.md | 2019-10-07 11:06:30 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 06b3bb54c5 | Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes # Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex | 2019-10-06 11:43:49 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | f459aabdfa | Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions # Conflicts:
#	CHANGELOG.md | 2019-10-06 09:30:49 +03:00 |  | 
				
					
						| 
								
								
									 Egor Kislitsyn | d3ac4e8083 | Fix OAuthController | 2019-10-04 13:30:46 +07:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 64095961fe | [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes # Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex | 2019-10-02 20:42:40 +03:00 |  | 
				
					
						| 
								
								
									 Maxim Filippov | 0f9c2c8b87 | Send an identifier alongside with error message in OAuthController | 2019-10-01 18:10:04 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 6ffa2b5f66 | [#1260] Merge remote-tracking branch 'remotes/upstream/develop' into 1260-rate-limited-auth-actions # Conflicts:
#	CHANGELOG.md | 2019-09-30 17:41:20 +03:00 |  | 
				
					
						| 
								
								
									 Maxim Filippov | 6f25668215 | Admin API: Add ability to force user's password reset | 2019-09-22 16:08:07 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | e7afb67c5c | [#1260] Rate-limiting for create authentication and related requests. | 2019-09-17 16:16:11 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | b63faf9819 | [#1234] Mastodon 2.4.3 hierarchical scopes initial support (WIP). | 2019-09-08 15:00:03 +03:00 |  | 
				
					
						| 
								
								
									 Ariadne Conill | b93498eb52 | constants: add as_public constant and use it everywhere | 2019-07-29 02:43:19 +00:00 |  | 
				
					
						| 
								
								
									 Egor Kislitsyn | 5104f65b69 | Wrap error messages into gettext helpers | 2019-07-10 18:10:09 +07:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 64bc7ac619 | Minor edit (comment). | 2019-06-18 17:15:26 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 9f45f93949 | Added more redirect_urichecks to prevent redirect to not explicitly listed URI. | 2019-06-18 17:00:49 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 4b2c29016c | [#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. | 2019-06-12 21:30:06 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 3eefb274f4 | OAuth consumer: tests fix, comments, Keycloak config notes. | 2019-06-05 13:02:13 +03:00 |  | 
				
					
						| 
								
								
									 Maksim | 52297920e7 | Refactoring  oauth response. | 2019-05-14 14:49:45 +00:00 |  | 
				
					
						| 
								
								
									 Mark Felder | 498bfdf403 | Switch to Jason over Poison | 2019-05-13 15:37:38 -05:00 |  | 
				
					
						| 
								
								
									 Alexander Strizhakov | a2be420f94 | differences_in_mastoapi_responses.md: fullname & bio are optionnal [ci skip] | 2019-05-13 18:35:45 +00:00 |  | 
				
					
						| 
								
								
									 Maksim | 799e1f48b5 | Refactoring functions for dealing with oauth scopes. | 2019-05-08 10:52:13 +00:00 |  | 
				
					
						| 
								
								
									 Maksim | 1040caf096 | fix format Modified-by: Maksim Pechnikov <parallel588@gmail.com> | 2019-05-06 17:51:03 +00:00 |  | 
				
					
						| 
								
								
									 Egor | b9cdf6d3b9 | Use User.get_cached*everywhere | 2019-04-22 07:20:43 +00:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 9256d2d4b4 | [#923] Refactored OAuthController#authorize definitions, added test. | 2019-04-21 10:51:32 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 128aae05f3 | [#923] Minor semantic adjustment. | 2019-04-17 11:33:21 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | c3f12cf3c3 | [#923] OAuth consumer params handling refactoring. Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic. | 2019-04-10 21:40:38 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | bffddf5e31 | [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth # Conflicts:
#	docs/config.md
#	test/support/factory.ex | 2019-04-08 12:20:26 +03:00 |  | 
				
					
						| 
								
								
									 eugenijm | 7aa53d52bd | Return 403 on oauth token exchange for a deactivated user | 2019-04-06 23:27:55 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 47a236f753 | [#923] OAuth consumer mode refactoring, new tests, tests adjustments, readme. | 2019-04-05 15:12:02 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 3e7f2bfc2f | [#923] OAuthController#callback adjustments (with tests). | 2019-04-05 09:19:17 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | f7cd9131d4 | [#923] OAuth consumer controller tests. Misc. improvements. | 2019-04-04 22:41:03 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 37925cbe78 | Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth # Conflicts:
#	lib/pleroma/web/oauth/oauth_controller.ex
#	lib/pleroma/web/router.ex | 2019-04-02 14:05:34 +03:00 |  | 
				
					
						| 
								
								
									 lambda | 091baf9316 | Merge branch 'features/mastoapi/2.6.0-force-login-option' into 'develop' MastoAPI 2.6.0 `force_login` option
Closes #734
See merge request pleroma/pleroma!999 | 2019-04-02 10:57:38 +00:00 |  | 
				
					
						| 
								
								
									 Egor Kislitsyn | 1b3d921921 | change Repo.get(User, id)=>User.get_by_id(id) | 2019-04-02 17:01:26 +07:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 6910fb371b | Fixed local MastoFE authentication / force_loginoption. | 2019-04-01 17:25:25 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | cbe09d94d1 | Added force_loginauthentication option (previously applied by default). | 2019-04-01 14:46:50 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | eadafc88b8 | [#923] Deps config adjustment (no overrideforhttpoison), code analysis issues fixes. | 2019-04-01 09:28:56 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | baffdcc480 | [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth # Conflicts:
#	mix.exs | 2019-04-01 08:49:32 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 2a95014b9d | [#923] OAuth consumer improvements, fixes, refactoring. | 2019-03-27 15:39:35 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | b0759f821b | Comments split. | 2019-03-26 15:24:29 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 263ca3dea2 | Mastodon-based auth error messages. Defaulted User#auth_active?/1 to true. | 2019-03-26 15:09:06 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | af68a42ef7 | [#923] Support for multiple OAuth consumer strategies. | 2019-03-20 20:25:48 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | e17a9a1f66 | [#923] Nickname & email selection for external registrations, option to connect to existing account. | 2019-03-20 10:35:31 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 26b6354095 | [#923] Support for multiple (external) registrations per user via Registration. | 2019-03-18 17:23:38 +03:00 |  | 
				
					
						| 
								
								
									 Ivan Tashkinov | 2a96283efb | [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth # Conflicts:
#	config/config.exs
#	lib/pleroma/web/auth/pleroma_authenticator.ex | 2019-03-18 10:26:41 +03:00 |  |