ErickSkrauch
|
356518c5b5
|
Merge branch 'authorized_clients_management'
|
2021-02-14 19:01:19 +01:00 |
|
ErickSkrauch
|
c64f386365
|
Fix incorrect response in case when user's profile for provided UUID can't be found
|
2020-12-18 11:12:34 +01:00 |
|
ErickSkrauch
|
7da6a952ee
|
Fix tests
|
2020-10-02 18:14:43 +03:00 |
|
ErickSkrauch
|
5fc97fdd7a
|
Implemented oauth session revocation notification.
Reworked webhooks notifications constructors
|
2020-10-01 01:40:28 +03:00 |
|
ErickSkrauch
|
b904d5d314
|
Implemented features to revoke access for previously authorized OAuth 2.0 clients
|
2020-09-30 20:30:04 +03:00 |
|
ErickSkrauch
|
2a4f29801d
|
Fixes ACCOUNTS-2. Catch decryption exception for OAuth2 flow
|
2020-08-23 00:23:36 +03:00 |
|
ErickSkrauch
|
5fbc167708
|
Fix the case when the redirect_uri is null
|
2020-06-20 19:10:13 +03:00 |
|
ErickSkrauch
|
b938c62867
|
Merge pull request #8 from elyby/3_accounts_deletion
Accounts deletion API
|
2020-06-15 15:53:21 +03:00 |
|
ErickSkrauch
|
17f1794a4e
|
Covered all cases, fixed CS, added a new TODO
|
2020-06-13 01:55:02 +03:00 |
|
ErickSkrauch
|
4ee77636dc
|
Fixes ACCOUNTS-3. Add extended logging for further investigation
|
2020-06-13 00:39:02 +03:00 |
|
ErickSkrauch
|
0183e54442
|
Implemented account deletion. Not all cases covered with tests [skip ci]
|
2020-06-12 00:27:02 +03:00 |
|
ErickSkrauch
|
39d7cad8b5
|
Fix CS
|
2020-06-10 17:42:02 +03:00 |
|
ErickSkrauch
|
3e1fb19cf3
|
Update smtp mail transport configuration
|
2019-12-29 17:59:58 +03:00 |
|
ErickSkrauch
|
7607248c27
|
Remove usage of codeception/specify and fzaninotto/faker
|
2019-12-29 17:55:21 +03:00 |
|
ErickSkrauch
|
43a4a58053
|
Remove usage of codeception/specify and fzaninotto/faker
|
2019-12-21 02:26:06 +03:00 |
|
ErickSkrauch
|
666213afc7
|
Rework email_activation model, get rid of behaviors, use json column to store additional data
|
2019-12-21 01:23:58 +03:00 |
|
ErickSkrauch
|
22e8158581
|
Upgrade codeception to 4 version
|
2019-12-20 22:50:47 +03:00 |
|
ErickSkrauch
|
1c76d2386e
|
Fixes ACCOUNTS-5Z9. Add import statement for Permissions class
|
2019-12-15 18:33:15 +03:00 |
|
ErickSkrauch
|
3d89e5f94d
|
Fixes ACCOUNTS-5Z7. Search for legacy oauth session by correct column
|
2019-12-15 18:01:36 +03:00 |
|
ErickSkrauch
|
299637cc13
|
Strip keys from the scopes list
|
2019-12-15 17:20:29 +03:00 |
|
ErickSkrauch
|
04e399c726
|
Fix tests
|
2019-12-15 00:49:54 +03:00 |
|
ErickSkrauch
|
e8b71d33d0
|
Get rid of mockery library. Still have some troubles with functional tests for api
|
2019-12-14 00:16:05 +03:00 |
|
ErickSkrauch
|
d9ef27b745
|
Cleanup code, improve typings
|
2019-12-13 22:27:13 +03:00 |
|
ErickSkrauch
|
830a17612b
|
Get rid of ThisShouldNotHappenException
|
2019-12-13 20:48:13 +03:00 |
|
ErickSkrauch
|
26f7d6213f
|
Update dependencies
|
2019-12-13 20:37:37 +03:00 |
|
ErickSkrauch
|
40eca5b8b6
|
Remove expires_in field when the access_token isn't expiring
|
2019-12-13 16:00:51 +03:00 |
|
ErickSkrauch
|
22d8971dc5
|
Fix redirect_uri validation for the AuthCodeGrant
|
2019-12-13 15:16:45 +03:00 |
|
ErickSkrauch
|
a8e20a9775
|
Replace custom aud and ely-scopes JWT claims with its public analogues
|
2019-12-13 13:56:09 +03:00 |
|
ErickSkrauch
|
274d56aa40
|
Set expires_in value for issue access token response
|
2019-12-11 19:44:55 +03:00 |
|
ErickSkrauch
|
f06354638e
|
Disallow to perform oauth2 authentication for applications that have no corresponding type
|
2019-12-11 14:41:37 +03:00 |
|
ErickSkrauch
|
9da58beccf
|
Add deprecation notices
|
2019-12-11 14:24:31 +03:00 |
|
ErickSkrauch
|
2caf0558de
|
Use paragonie's Base64UrlSafe encoding library
|
2019-12-11 14:16:11 +03:00 |
|
ErickSkrauch
|
d27070630c
|
Fix revokation validation. Add additional tests cases
|
2019-12-10 22:51:11 +03:00 |
|
ErickSkrauch
|
016a193263
|
Introduce revokation mechanism
|
2019-12-10 01:38:09 +03:00 |
|
ErickSkrauch
|
ba7fad84a0
|
Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever.
|
2019-12-09 19:31:54 +03:00 |
|
ErickSkrauch
|
efb97a2006
|
Set access tokens TTL depending on the requested scopes
|
2019-12-06 19:07:08 +03:00 |
|
ErickSkrauch
|
f0a73f2b7a
|
Make tokens, created by client credentials grant to live forever
|
2019-12-06 18:31:04 +03:00 |
|
ErickSkrauch
|
6fb32ec76d
|
Use libsodium to encrypt all data, related to OAuth2
|
2019-12-06 14:37:51 +03:00 |
|
ErickSkrauch
|
642db2e045
|
Use libsodium to encrypt data, stored in jwt tokens
|
2019-12-05 19:37:46 +03:00 |
|
ErickSkrauch
|
c3ffb08c4a
|
Cleanup session server module
|
2019-12-05 01:15:45 +03:00 |
|
ErickSkrauch
|
25f1ca912c
|
Fix tests
|
2019-12-05 00:52:36 +03:00 |
|
ErickSkrauch
|
a81ef5cac2
|
Replace separate minecraft access tokens with JWT
|
2019-12-04 21:10:15 +03:00 |
|
ErickSkrauch
|
060a4e960a
|
Handle legacy refresh tokens
|
2019-12-04 13:40:12 +03:00 |
|
ErickSkrauch
|
a9a56c9e1d
|
Extract encryption key into the configuration param
|
2019-12-04 13:24:30 +03:00 |
|
ErickSkrauch
|
72cbf16c97
|
Merge branch 'master' into oauth_jwt_tokens
# Conflicts:
# api/components/OAuth2/Entities/AccessTokenEntity.php
# api/components/OAuth2/Entities/RefreshTokenEntity.php
# api/components/OAuth2/Grants/RefreshTokenGrant.php
# api/components/OAuth2/Storage/SessionStorage.php
# api/components/User/OAuth2Identity.php
|
2019-12-04 01:17:12 +03:00 |
|
ErickSkrauch
|
46b771a061
|
Fixes ACCOUNTS-5VE
|
2019-12-02 22:28:47 +03:00 |
|
ErickSkrauch
|
9557064a97
|
Fixes ACCOUNTS-5VF
|
2019-12-02 22:22:51 +03:00 |
|
ErickSkrauch
|
01028cf378
|
Fixes ACCOUNTS-5VC. Handle the case when there is missing session for access or refresh token
|
2019-12-02 22:15:52 +03:00 |
|
ErickSkrauch
|
22ef41ac7c
|
Fixes ACCOUNTS-5V9. Handle case when access token don't have associated account
|
2019-12-02 21:15:18 +03:00 |
|
ErickSkrauch
|
e52dbdbf19
|
Do not include offline_access scope into access_token
|
2019-11-07 01:12:18 +03:00 |
|