Commit Graph

75 Commits

Author SHA1 Message Date
Alexander Strizhakov 3ce658b930
schedule expired oauth tokens deletion with Oban 2020-09-10 16:01:19 +03:00
Mark Felder 54e2af8293 Merge branch 'develop' into fix/ldap-auth-issues 2020-08-07 14:55:22 -05:00
Mark Felder 0f9aecbca4 Remove fallback to local database when LDAP is unavailable.
In many environments this will not work as the LDAP password and the copy stored in Pleroma will stay synchronized.
2020-08-05 08:18:16 -05:00
Mark Felder f7146583e5 Remove LDAP mail attribute as a requirement for registering an account 2020-08-05 08:15:57 -05:00
Alex Gleason 184742af5e
Unique apps.client_id for new installations, fixes #2022 2020-08-04 13:31:40 -05:00
Alex Gleason 15f8921b11
Test that unapproved users can never log in regardless of admin settings 2020-07-17 12:26:52 -05:00
Alex Gleason e4e5577818
Prevent unapproved users from logging in 2020-07-12 22:55:26 -05:00
Alex Gleason b46811a074
Upgrade Comeonin to v5
https://github.com/riverrun/comeonin/blob/master/UPGRADE_v5.md
2020-05-12 17:14:59 -05:00
Maksim 3d0c567fbc Pleroma.Web.TwitterAPI.TwoFactorAuthenticationController -> Pleroma.Web.PleromaAPI.TwoFactorAuthenticationController 2020-05-07 08:14:54 +00:00
Haelwenn e999c67cee Merge branch 'feature/funkwhale-audio' into 'develop'
Add support for funkwhale Audio activity

Closes #764 and #1624

See merge request pleroma/pleroma!2287
2020-03-29 19:18:22 +00:00
Ivan Tashkinov 1c05f539aa Improved in-test `clear_config/n` applicability (setup / setup_all / in-test usage). 2020-03-20 18:33:00 +03:00
Ivan Tashkinov ec3719f539 Improved in-test config management functions. 2020-03-18 20:30:31 +03:00
Haelwenn (lanodan) Monnier 863ec33ba2
Add support for funkwhale Audio activity
reel2bits fixture not included as it lacks the Actor fixture for it.

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1624
Closes: https://git.pleroma.social/pleroma/pleroma/issues/764
2020-03-11 13:46:42 +01:00
Mark Felder 05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Haelwenn (lanodan) Monnier 6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Haelwenn (lanodan) Monnier 6c0d869d9d
Bump copyright years of files changed after 2019-01-01
Done via the following command:
git diff 1e6c102b --stat --name-only | cat - | xargs sed -i 's/2017-2018 Pleroma Authors/2017-2019 Pleroma Authors/'
2020-03-02 05:54:56 +01:00
Ivan Tashkinov 4f8c3462a8 Tweaks to `clear_config` calls in tests in order to prevent side effects on config during test suite execution. 2020-02-13 21:55:47 +03:00
Maksim Pechnikov 108a39c876 updated error messages for authentication process 2020-01-17 15:01:37 +03:00
Ivan Tashkinov 39ce894a07 Merge remote-tracking branch 'remotes/origin/develop' into 1478-oauth-admin-scopes-tweaks
# Conflicts:
#	lib/pleroma/user.ex
2020-01-10 16:18:32 +03:00
Ivan Tashkinov 6c94b7498b [#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests. 2020-01-10 10:52:21 +03:00
Ivan Tashkinov 7973cbdb9f OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage. 2019-12-15 22:32:42 +03:00
Ivan Tashkinov 81b05340e9 [#1427] Graceful clearance of OAuth admin scopes for non-admin users (no error raised).
PleromaFE and other clients may safely request admin scope(s): if user isn't an admin, request is successful but only non-admin scopes from request are granted.
2019-12-12 16:00:06 +03:00
AkiraFukushima e1fc6cb78f Check client and token in GET /oauth/authorize 2019-11-05 23:52:47 +09:00
Ivan Tashkinov 10ff01acd9 [#1304] Moved all non-mutes / non-blocks fields from User.Info to User. WIP. 2019-10-16 21:59:21 +03:00
Ivan Tashkinov 06b3bb54c5 Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/account_controller.ex
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-06 11:43:49 +03:00
Ivan Tashkinov 64095961fe [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex
2019-10-02 20:42:40 +03:00
Maxim Filippov 0f9c2c8b87 Send an identifier alongside with error message in OAuthController 2019-10-01 18:10:04 +03:00
Maksim Pechnikov 3d722dc200 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-26 16:16:30 +03:00
Egor Kislitsyn 209395c7e6 Add User.change_info/2 and User.update_info/2 2019-09-24 19:50:07 +07:00
Maksim Pechnikov d75d0ae134 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-24 08:06:04 +03:00
Maksim Pechnikov 179fa32dd5 Merge branch 'develop' into tests/mastodon_api_controller.ex 2019-09-23 21:41:57 +03:00
Maxim Filippov 6f25668215 Admin API: Add ability to force user's password reset 2019-09-22 16:08:07 +03:00
Ivan Tashkinov 6f67aed3ac [#1234] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes
# Conflicts:
#	lib/pleroma/web/admin_api/admin_api_controller.ex
2019-09-19 10:59:09 +03:00
Haelwenn (lanodan) Monnier 447514dfa2
Bump copyright years of files changed in 2019
Done via the following command:
git diff 1e6c102bfc --stat --name-only | cat - | xargs sed -i 's/2017-2018 Pleroma Authors/2017-2019 Pleroma Authors/'
2019-09-18 23:21:11 +02:00
Ivan Tashkinov e6f43a831b [#1234] Permissions-related fixes / new functionality (Masto 2.4.3 scopes). 2019-09-15 18:22:08 +03:00
Maksim Pechnikov ab2f21e470 tests for mastodon_api_controller.ex 2019-09-06 21:50:00 +03:00
Maksim a320358703 added test helpers to clear config after tests 2019-08-19 15:34:29 +00:00
Sergey Suprunenko 05b5af8075 Add tests for users tasks and PleromaAuthenticator 2019-07-22 02:43:15 +00:00
Ivan Tashkinov 9f45f93949 Added more `redirect_uri` checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
Ivan Tashkinov 4b2c29016c [#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. 2019-06-12 21:30:06 +03:00
Maksim 620908a2db [#699] add worker to clean expired oauth tokens 2019-05-22 15:44:50 +00:00
Maksim 52297920e7 Refactoring oauth response. 2019-05-14 14:49:45 +00:00
Alexander Strizhakov a2be420f94 differences_in_mastoapi_responses.md: fullname & bio are optionnal
[ci skip]
2019-05-13 18:35:45 +00:00
Maksim 1040caf096 fix format
Modified-by: Maksim Pechnikov <parallel588@gmail.com>
2019-05-06 17:51:03 +00:00
Ivan Tashkinov 9256d2d4b4 [#923] Refactored OAuthController#authorize definitions, added test. 2019-04-21 10:51:32 +03:00
Ivan Tashkinov c3f12cf3c3 [#923] OAuth consumer params handling refactoring.
Registration and authorization-related params are wrapped in "authorization" in order to reduce edge cases number and simplify handling logic.
2019-04-10 21:40:38 +03:00
Ivan Tashkinov bffddf5e31 [#923] Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
#	docs/config.md
#	test/support/factory.ex
2019-04-08 12:20:26 +03:00
eugenijm 7aa53d52bd Return 403 on oauth token exchange for a deactivated user 2019-04-06 23:27:55 +03:00
Ivan Tashkinov 47a236f753 [#923] OAuth consumer mode refactoring, new tests, tests adjustments, readme. 2019-04-05 15:12:02 +03:00
Ivan Tashkinov 3e7f2bfc2f [#923] OAuthController#callback adjustments (with tests). 2019-04-05 09:19:17 +03:00