Commit Graph

  • efd386b5e0 Reduce username limit to 16 characters master ErickSkrauch 2025-05-30 04:51:38 +02:00
  • 09c51c943f Merge pull request #50 from Octol1ttle/fix-cests-names ErickSkrauch 2025-03-05 00:40:25 +01:00
  • db02dcf992 style: rename cests to match routing action names Octol1ttle 2025-03-03 22:23:24 +05:00
  • 5225ea1b02 Update Mojang API response code and messages, implement UUID->Username endpoint (#47) Octol1ttle 2025-03-01 05:08:52 +05:00
  • bc59fd91ca Fix PHPStan errors ErickSkrauch 2025-02-14 16:26:14 +01:00
  • 997f135d2d Merge remote-tracking branch 'octol1ttle/fix-authlibinjector-route' ErickSkrauch 2025-02-14 16:08:52 +01:00
  • 4a0fd68df2 Merge pull request #46 from Octol1ttle/add-new-username-to-uuid-endpoint ErickSkrauch 2025-02-14 16:03:55 +01:00
  • 884c11f98f fix: use correct service route for authlib-injector's lookup/bulk/byname Octol1ttle 2025-02-14 15:26:25 +05:00
  • 8c82f45764 new: add minecraftservices' Username->UUID endpoint Octol1ttle 2025-02-14 15:22:43 +05:00
  • 6b2ced9c75 Fixes ACCOUNTS-CJ. Handle invalid idna convert result ErickSkrauch 2025-01-30 03:36:15 +01:00
  • be4697e6eb Extract login logics into a separate component. Not quite clean result but enough for upcoming tasks ErickSkrauch 2025-01-17 21:37:35 +01:00
  • 1c2969a4be Implemented desktop application type ErickSkrauch 2025-01-15 14:13:08 +01:00
  • 3bba99a757 fix: use custom Redirect URI validation logic in RefreshTokenGrant (#42) Octol1ttle 2025-01-09 05:23:41 +05:00
  • 7b626507bc fix: send refresh tokens to Device Code clients too (#41) Octol1ttle 2024-12-25 20:48:38 +05:00
  • e5b395d11b Fix verb filter ErickSkrauch 2024-12-24 17:45:49 +01:00
  • 6105d9752c Fix CS ErickSkrauch 2024-12-24 12:25:39 +01:00
  • 5a3e744b89 Add 'feature.enable_profile_key' to authlib-injector metadata so it uses our signing keys (#39) ErickSkrauch 2024-12-24 12:17:35 +01:00
  • 5f6dc35e3b Update IndexCest.php Octol1ttle 2024-12-24 16:15:17 +05:00
  • 5a4895dbc4 Update AuthlibInjectorController.php Octol1ttle 2024-12-24 16:13:25 +05:00
  • 1c11c66b9c Rename device code endpoint to /devicecode ErickSkrauch 2024-12-24 01:20:58 +01:00
  • 085b4f5ca6 Fix CS ErickSkrauch 2024-12-17 23:12:57 +01:00
  • 05524a4e7c Fix E2E scopes response ErickSkrauch 2024-12-17 23:08:55 +01:00
  • 119a0f8078 Validate user_code expiry during the Device Code grant. Add mock responses related to the Device Code grant. ErickSkrauch 2024-12-14 18:55:31 +01:00
  • 2cc27d34ad Implemented device code grant ErickSkrauch 2024-12-08 16:54:45 +01:00
  • c7d192d14e Fixes ACCOUNTS-BQ. Don't use mailer in constructor ErickSkrauch 2024-12-07 17:48:14 +01:00
  • 5ed6f0ce86 Move OAuth module from API to common and solve PHPStan's errors ErickSkrauch 2024-12-06 01:34:09 +01:00
  • 8a25ff9223 Fix timestamp serialization format for JWT tokens ErickSkrauch 2024-12-03 18:17:42 +01:00
  • 2442329895 Fixes ACCOUNTS-BH. Fix port param type ErickSkrauch 2024-12-02 14:23:43 +01:00
  • 2d649afd4f Fixes ACCOUNTS-BF. Fix smtp transport configuration ErickSkrauch 2024-12-02 13:59:36 +01:00
  • c92ece3fed Fix Sentry installation ErickSkrauch 2024-12-02 13:27:31 +01:00
  • cc21abe8f4 Install SVG support for Codeception step ErickSkrauch 2024-12-02 13:14:22 +01:00
  • fcf74eacab Fix image for PHPStan on GitLab CI ErickSkrauch 2024-12-02 12:46:28 +01:00
  • f43eafb2f3 Fix GitLab CI ErickSkrauch 2024-12-02 12:35:21 +01:00
  • 57d492da8a Upgrade project to PHP 8.3, add PHPStan, upgrade almost every dependency (#36) Octol1ttle 2024-12-02 15:10:55 +05:00
  • 625250b367 Fixes #35. Make clientToken optional during legacy Minecraft auth flow ErickSkrauch 2024-11-24 10:25:22 +01:00
  • d921616360 Allow secure headers from internal network for production deployment ErickSkrauch 2024-06-20 04:43:44 +02:00
  • 4231f99717 Move new "usernames -> UUIDs" endpoint to the correct location (#33) Octol1ttle 2024-06-17 17:02:01 +05:00
  • 0c110213f4 Remove minecraft_access_keys table and all related code ErickSkrauch 2024-06-14 05:42:35 +02:00
  • 2111e1769f Introduce an API endpoint to obtain public keys, that can be used to verify access tokens on other services ErickSkrauch 2024-06-14 04:36:49 +02:00
  • 17109f8eb5 Remove unused HS256 signing algorithm ErickSkrauch 2024-06-14 03:21:00 +02:00
  • 0a666e1e12 Extract public key from private pem file at runtime ErickSkrauch 2024-06-14 03:03:10 +02:00
  • ca304261a3 Fix malformed query params ErickSkrauch 2024-06-11 04:16:36 +02:00
  • 46c5a0f878 Fix condition ErickSkrauch 2024-06-11 04:06:56 +02:00
  • 345bc80d05 Added support of the onUnknownProfileRespondWithUuid when calling Chrly endpoint ErickSkrauch 2024-06-11 03:50:10 +02:00
  • 16877d502d Drop usage of goaop, replace implementation with events ErickSkrauch 2023-11-20 04:39:13 +01:00
  • 2bc83f39cf Fix CS ErickSkrauch 2023-11-20 02:16:44 +01:00
  • 574d03d02f Add a redirect for new Usernames to UUIDs endpoint (#29) Octol1ttle 2023-11-20 05:36:39 +05:00
  • 667f582b3e Merge pull request #31 from Octol1ttle/fix-wrong-join-response ErickSkrauch 2023-11-17 14:47:25 +01:00
  • 88ff766054 fix: add missing response checks in SessionServerSteps tests Octol1ttle 2023-11-17 14:20:32 +05:00
  • 7d4e0f246c Fixes #30. Upgrade MariaDB base image ErickSkrauch 2023-11-16 20:43:43 +01:00
  • d2d4045e61 Fix tests for authlib-injector endpoints ErickSkrauch 2023-11-16 20:25:52 +01:00
  • 47463d7435 Fix sessionserver/join endpoint: return empty response with 204 status code on success join ErickSkrauch 2023-11-16 20:21:26 +01:00
  • 984c6e7682 Fix slash email test ErickSkrauch 2023-10-15 06:54:35 +02:00
  • b3d1f75cc0 Introduce validation for emails starting with slash ErickSkrauch 2023-10-15 06:53:17 +02:00
  • e738bce717 Send Sentry error synchronously ErickSkrauch 2023-10-15 06:17:20 +02:00
  • b98649070d Enable better logging for queue ErickSkrauch 2023-10-15 04:09:09 +02:00
  • a1eb5f3be6 Fixes ACCOUNTS-6A. Force value to string for client token validation ErickSkrauch 2023-05-26 18:48:15 +02:00
  • 99c983c3ea Fixes #16. Correctly wrap Yii2's request into the PSR's ServerRequest object ErickSkrauch 2022-12-10 03:56:19 +01:00
  • 262bdbc08e Fixes #17. Simplify redirect_uri validation rules to allow localhost ErickSkrauch 2022-12-10 02:51:47 +01:00
  • 9c39e97640 Merge pull request #21 from elyby/iss_20_minecraftservices_profile ErickSkrauch 2022-12-10 00:16:40 +01:00
  • 97fe22d598 Upgrade docker version for build ErickSkrauch 2022-12-05 23:12:09 +01:00
  • b113beb78e Fixes #27. Serialize empty textures as an object ErickSkrauch 2022-12-05 22:50:22 +01:00
  • 26b2168ae3 Upgrade PHP to the latest version ErickSkrauch 2022-12-05 22:44:00 +01:00
  • f4fa5ad2df Add additional tests cases, implemented custom error formatter ErickSkrauch 2022-01-28 12:38:00 +01:00
  • 9593d1e809 Fix tests according to the latest permissions change [deploy dev] ErickSkrauch 2022-01-24 12:07:12 +01:00
  • c34a2db063 Add account_info permission to tokens obtained via legacy authserver API [deploy dev] ErickSkrauch 2022-01-24 12:01:11 +01:00
  • 2bb465d867 Fix build pipeline [deploy dev] ErickSkrauch 2022-01-21 21:11:45 +01:00
  • 31febd5606 #20 Quick implementation of the https://api.minecraftservices.com/minecraft/profile endpoint [deploy dev] ErickSkrauch 2022-01-21 21:09:46 +01:00
  • 5b8be60867 Start looking for the ghost case of the empty signature ErickSkrauch 2021-08-16 15:16:46 +02:00
  • f69ebf8221 Add types to the ApiController ErickSkrauch 2021-06-13 21:28:13 +02:00
  • 202099bf84 Implemented missing endpoint for the authlib injector ErickSkrauch 2021-06-13 21:21:25 +02:00
  • e6b6f3f169 Allow users to manually decline auth request even when an application was authenticated before ErickSkrauch 2021-03-29 04:47:27 +02:00
  • 65284727ba Update dist docker-compose configuration [skip ci] ErickSkrauch 2021-03-28 03:00:26 +02:00
  • 7a80c44cab Alternative implementation of passing totp to the legacy Minecraft authorization protocol to not break the yggdrasil's protocol [deploy] ErickSkrauch 2021-03-08 22:21:10 +01:00
  • 9a3534ea2b Add totp field for Minecraft auth protocol to login into accounts, protected with 2FA [deploy] ErickSkrauch 2021-03-08 11:26:47 +01:00
  • 125caa7e4e Remove user from crontab [deploy] ErickSkrauch 2021-03-08 09:53:21 +01:00
  • 1aed8f59cb Return user field when requestUser param received on authentication/refresh endpoint [deploy] ErickSkrauch 2021-03-06 10:37:58 +01:00
  • 077db4f328 Remove authserver module restriction [deploy] ErickSkrauch 2021-03-05 16:07:55 +01:00
  • 5dc140da15 Fixes ACCOUNTS-13, ACCOUNTS-3F. Remove warnings for the cases which are actually happens ErickSkrauch 2021-03-04 11:18:04 +01:00
  • daebb66266 Fix di service configuration ErickSkrauch 2021-03-04 07:58:44 +01:00
  • 6469f6bd68 Merge branch 'authlib_injector' ErickSkrauch 2021-03-04 07:13:47 +01:00
  • bd168808b2 Make Chrly's domain configurable ErickSkrauch 2021-03-04 05:58:07 +01:00
  • 163bbe68a2 Add a special header for authlib-injector for / path ErickSkrauch 2021-03-03 16:22:35 +01:00
  • 4856695940 Resolves #2. Implemented authlib-injector support ErickSkrauch 2021-03-03 15:04:42 +01:00
  • 10ab237d1d Fix dependencies for goaop framework ErickSkrauch 2021-02-20 04:01:05 +01:00
  • ab7ae95e60 Update dependencies ErickSkrauch 2021-02-20 02:32:00 +01:00
  • 9c6d9409ea Fixes #11. Strip slashes from profile UUID in the authserver's response ErickSkrauch 2021-02-18 00:41:38 +01:00
  • 1fee15f74a Try to fix missing yii executable ErickSkrauch 2021-02-14 19:32:40 +01:00
  • cc519edf5a Remove unused yii2 composer plugin which was causing an error ErickSkrauch 2021-02-14 19:18:43 +01:00
  • 6ca64ce6d8 Fix missing CI dependencies ErickSkrauch 2021-02-14 19:07:04 +01:00
  • 9729fc939d Upgrade backend engine ErickSkrauch 2021-02-14 19:01:49 +01:00
  • 356518c5b5 Merge branch 'authorized_clients_management' ErickSkrauch 2021-02-14 19:01:19 +01:00
  • c64f386365 Fix incorrect response in case when user's profile for provided UUID can't be found ErickSkrauch 2020-12-18 11:12:34 +01:00
  • 0c2832f95f Fix Chrly's API response handling ErickSkrauch 2020-10-12 00:29:54 +03:00
  • 7da6a952ee Fix tests ErickSkrauch 2020-10-02 18:14:43 +03:00
  • 5fc97fdd7a Implemented oauth session revocation notification. Reworked webhooks notifications constructors ErickSkrauch 2020-10-01 01:40:28 +03:00
  • b904d5d314 Implemented features to revoke access for previously authorized OAuth 2.0 clients ErickSkrauch 2020-09-30 20:30:04 +03:00
  • 2a4f29801d Fixes ACCOUNTS-2. Catch decryption exception for OAuth2 flow ErickSkrauch 2020-08-23 00:23:36 +03:00
  • 503880615a Resolves #9. Implemented host-based blacklist for users emails ErickSkrauch 2020-08-23 00:04:26 +03:00
  • 89526c39bb Fixes ACCOUNTS-4 ErickSkrauch 2020-06-25 21:31:32 +03:00