about summary refs log tree commit diff
path: root/config/initializers/doorkeeper.rb
AgeCommit message (Collapse)Author
2018-10-19Add unread indicator to conversations (#9009)Eugen Rochko
2018-07-05Add more granular OAuth scopes (#7929)Eugen Rochko
* Add more granular OAuth scopes * Add human-readable descriptions of the new scopes * Ensure new scopes look good on the app UI * Add tests * Group scopes in screen and color-code dangerous ones * Fix wrong extra scope
2018-05-11Add REST API for Web Push Notifications subscriptions (#7445)Eugen Rochko
- POST /api/v1/push/subscription - PUT /api/v1/push/subscription - DELETE /api/v1/push/subscription - New OAuth scope: "push" (required for the above methods)
2017-09-27When OAuth password verification fails, return 401 instead of redirect (#5111)Eugen Rochko
Call to warden.authenticate! in resource_owner_from_credentials would make the request redirect to sign-in path, which is a bad response for apps. Now bad credentials just return nil, which leads to HTTP 401 from Doorkeeper. Also, accounts with enabled 2FA cannot be logged into this way.
2017-08-22Application prefs section (#2758)Colin Mitchell
* Add code for creating/managing apps to settings section * Add specs for app changes * Fix controller spec * Fix view file I pasted over by mistake * Add locale strings. Add 'my apps' to nav * Add Client ID/Secret to App page. Add some visual separation * Fix rubocop warnings * Fix embarrassing typo I lost an `end` statement while fixing a merge conflict. * Add code for creating/managing apps to settings section - Add specs for app changes - Add locale strings. Add 'my apps' to nav - Add Client ID/Secret to App page. Add some visual separation - Fix some bugs/warnings * Update to match code standards * Trigger notification * Add warning about not sharing API secrets * Tweak spec a bit * Cleanup fixture creation by using let! * Remove unused key * Add foreign key for application<->user
2017-08-05Add "signed in as" header to some pages (#4523)Eugen Rochko
2017-04-27OEmbed support for PreviewCard (#2337)Eugen Rochko
* OEmbed support for PreviewCard * Improve ProviderDiscovery code failure treatment * Do not crawl links if there is a content warning, since those don't display a link card anyway * Reset db schema * Fresh migrate * Fix rubocop style issues Fix #1681 - return existing access token when applicable instead of creating new * Fix test * Extract http client to helper * Improve oembed controller
2016-10-23Restrict access to oauth/applications to admins onlyEugen Rochko
2016-10-22Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limitingEugen Rochko
to the API
2016-10-02Fix doorkeeper skip_authorizationEugen Rochko
2016-09-30Allow non-https redirect URIs for OAuth apps (AndStatus seems to require this)Eugen Rochko
2016-09-26Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - appEugen Rochko
registration API
2016-08-26The frontend will now be an OAuth app, auto-authorized. The frontend will ↵Eugen Rochko
use an access token for API requests Adding better errors for the API controllers, posting a simple status works from the frontend now
2016-08-25Improving statuses, adding a composer drawer, which doesn't work yetEugen Rochko
2016-03-16Access tokens no longer expire, case-insensitive local username validation, ↵Eugen Rochko
as well as case-insensitive Webfinger look-up
2016-03-14Bind oauth applications to usersEugen Rochko
2016-03-12Customized more doorkeeper views, only logged in users can create oauth appsEugen Rochko
2016-03-11Improving feed queries, switching API to doorkeeper authenticationEugen Rochko
2016-03-11Customizing doorkeeper views for authorizing appEugen Rochko
2016-03-07Adding doorkeeper, adding a REST APIEugen Rochko
POST /api/statuses Params: status (text contents), in_reply_to_id (optional) GET /api/statuses/:id POST /api/statuses/:id/reblog GET /api/accounts/:id GET /api/accounts/:id/following GET /api/accounts/:id/followers POST /api/accounts/:id/follow POST /api/accounts/:id/unfollow POST /api/follows Params: uri (e.g. user@domain) OAuth authentication is currently disabled, but the API can be used with HTTP Auth.
generated by cgit-pink (git 2.37.1) at 2024-07-04 21:32:48 +0000