mozilla
/
fxa-oauth-server
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
707 коммитов 62 Ветки 102 Теги 2,9 MiB
Граф коммитов

707 Коммитов

Автор SHA1 Сообщение Дата
Ryan Kelly d7ea1fc239
fix(scopes): Document scope-handling rules, use shared code to enforce them. 2018-08-14 21:45:45 -07:00
John Morrison adfff658c4 fix(purge): add purgeExpiredTokensById to select, then delete by primary key (#580); r=rfk 2018-07-18 18:28:12 -07:00
Alex Davis 8ad17c1d2a fix(doc): Putting a little emphasis on email first (#584) r=@shane-tomlinson 
I was going to link to this page and I realized we didn't put any emphasis on email first flow so I thought I would add that. I believe we all want to make it clear that it is the new preferred method for authenticating users.
 2018-07-18 11:11:21 +01:00
Vlad Filippov e24a5820ab fix(clients): match the notes client with fxa-dev and other envs (#585); r=rfk 2018-07-17 19:23:30 -07:00
Shane Tomlinson 38e1d73930 fix(config): For dev, the openid issuer is http://127.0.0.1:3030 (#583) r=@vladikoff 
This enables the content server functional tests to run locally
when using fxa-local-dev

fixes mozilla/fxa-content-server#6362
 2018-07-17 12:08:33 -04:00
John Morrison 49a45d6555 Dockerpush fix docker use base builder run npm ls production (#579) 2018-07-16 11:06:03 -04:00
Shane Tomlinson 7cfc35a591 Release v1.116.0 (#582) 2018-07-11 09:45:29 -04:00
Ryan Kelly b905b7cf63
feat(codes): Delete authorization codes when revoking client access. (#578); r=philbooth 2018-07-09 23:14:15 -07:00
Ryan Kelly 57344df08f
Merge pull request #574 from mozilla/train-115 
Merge private train-115 point-release to master
 2018-07-04 16:01:52 -07:00
Ryan Kelly 86030ea230 Release v1.115.2 2018-07-05 08:47:30 +10:00
Ryan Kelly 2c2cd2262d fix(mysql): Correctly aggregate tokens by clientid. (#576) r=@vladikoff 2018-07-04 18:46:49 -04:00
Ryan Kelly 5d198fc378 Release v1.115.1 2018-06-27 16:00:28 +10:00
Ryan Kelly 15c3065037
fix(tokens): Avoid quadratic behaviour when listing active clients. (#9); r=vladikoff 2018-06-26 22:59:10 -07:00
Vlad Filippov 6a5b7446c9 Release v1.115.0 2018-06-25 14:20:54 -04:00
Shane Tomlinson b716bb0c2d
Release v1.114.0 (#568) r=@rfk 2018-06-13 11:38:02 -07:00
John Morrison d4060be69f fix(docker): base image node:8-alpine and upgrade to npm6 (#567) r=@jbuck,@vladikoff 2018-06-12 21:53:36 -07:00
Vlad Filippov 5f7fa7ca65 Release v1.113.1 2018-06-09 08:34:13 -07:00
Ryan Kelly f9ad63ed6f feat(authorization): Require tokenVerified=true for key-bearing scopes. (#561) r=@vladikoff 
The sync tokenserver does a special check for "fxa-tokenVerified" in order to enforce the use of session verification when accessing sync:

https://github.com/mozilla-services/tokenserver/blob/master/tokenserver/views.py#L140

Let's apply the same check here before granting any scopes that come with keys. In theory the user should always have a verified assertion when requesting one of these scopes, because they will have just done a keyfetch that would have required it. But there is at least one known series of calls to our backend that can yield keys without doing a verification, so it makes sense to double-check here and avoid any loopholes.
 2018-06-09 08:33:41 -07:00
Ryan Kelly d70fe6d887 fix(pkce): Don't require PKCE in the direct grant flow. (#566) r=@vladikoff 
Fixes #559.
 2018-06-09 08:29:56 -07:00
Shane Tomlinson c87092e507 Release v1.113.0 2018-05-30 20:04:17 +01:00
vladikoff 1e20a50bc5 Release v1.112.1 2018-05-17 10:15:16 -04:00
Vlad Filippov bc9256e88c
fix(changelog): update to latest changelog version (#556) 2018-05-17 10:14:51 -04:00
Vlad Filippov 97e4f628a5
feat(ci): move to CircleCI 2 (#554) r=@jbuck 2018-05-17 09:51:32 -04:00
Shane Tomlinson c84a58ccf9 Release v1.112.0 2018-05-16 13:50:16 +01:00
Shane Tomlinson 8cbddfb924 Release v1.111.0 2018-05-02 10:35:56 +01:00
Vlad Filippov f2e7bb47b1
feat(sync): add oldsync scope (#550) r=@rfk 2018-04-30 21:38:56 -04:00
Vlad Filippov 61ed2e7309
feat(sync): add local test client for sync (#549) 2018-04-30 17:23:16 -04:00
Ryan Kelly b93e6a1657
fix(validation): Allow redirect uris with existing query params. (#548); r=philbooth 2018-04-27 14:33:11 +10:00
Deepti d743721113 fix(changelog): Fixes #524 automated changelog is borked (#542) r=@vladikoff 
Fixes https://github.com/mozilla/fxa-oauth-server/issues/524
 2018-04-23 22:44:57 -04:00
Vlad Filippov e9b08ae026
feat(node): update to node 8 (#544) r=@jrgm 2018-04-23 20:40:35 -04:00
Vlad Filippov 9d5ec8e5ab
fix(oauth): another notes dev client (#546) 2018-04-20 10:33:40 -04:00
Deepti 068bd4baea refactor(email): Fixes #352 Remove ability to fetch email address (#543) r=@shane-tomlinson 2018-04-19 14:40:33 +02:00
Shane Tomlinson d3cda9d0de Release v1.110.0 2018-04-18 13:41:18 +01:00
Ryan Kelly 7ad1e56f95
feat(authorization): Directly return `code` in authorization response. (#541); r=philbooth 
Everyone who calls the `POST /authorization` API seems to parse the
code out of the query parameters of returned redirect URL, so we might
as well just return it directly.
 2018-04-18 17:07:23 +10:00
Deepti 6a5d3ceb3c fix(tests): mock outstanding error logs in test suite r=@vladikoff 
Fixes #334 Mock outstanding error logs in test suite.
Also handles mozlog deprecation warning.
 2018-04-11 12:12:04 -04:00
Shane Tomlinson cb11145edf feat(email-first): Add support for the email-first flow. (#540); r=philbooth,rfk 
Use the `action=email` query parameter to trigger the
email-first flow. Redirects to `/` on the content
server, propagating the `action=email` query parameter.

fixes #539
 2018-04-10 17:15:38 +10:00
vladikoff c22f51c286 Release v1.109.0 2018-04-03 21:53:16 -04:00
Vlad Filippov ff9e4228d9
feat(oauth): make server compatible with AppAuth (#534) r=@rfk 
Ref: https://appauth.io/
 2018-04-03 21:52:59 -04:00
Jon Buckley f32a3d7cf8 fix(node): Use Node.js v6.14.0 (#537) 2018-03-29 15:14:41 +00:00
Vlad Filippov e8bf2e5cdf
chore(config): add Notes trailing slash to redirect in dev.json (#536) 2018-03-29 01:31:19 -04:00
Ryan Kelly 02804a8111 fix(scripts): Fix varname typo in test runner script. (#535) 2018-03-26 23:28:55 -04:00
Ryan Kelly d395e66df7 Merge branch 'master' of github.com:mozilla/fxa-oauth-server 2018-03-27 14:25:29 +11:00
Vlad Filippov aa68fb9d77
fix(route): make email false by default (#533) r=@rfk 2018-03-20 22:39:21 -04:00
Ryan Kelly 4f913108d5 Release v1.108.0 2018-03-21 13:37:28 +11:00
Ryan Kelly 8181f7f677
feat(amr): Report `amr` and `acr` claims in the id_token. (#530); r=vbudhram 2018-03-20 12:56:18 +11:00
Deepti fd85207265 fix(buffer): #527 Migrate deprecated buffer calls (#528) r=@vladikoff 
Fixes #527
 2018-03-14 11:39:36 -04:00
Ryan Kelly c69fee16d1 Release v1.107.0 2018-03-08 10:26:51 +11:00
Ryan Kelly 78c88ad9a6
chore(deps): Update hapi to v16.6.3 (#526) 2018-03-08 10:23:50 +11:00
Vlad Filippov 378360537c
chore(npm): update to npm5 (#522) r=@vbudhram 2018-03-01 10:35:30 -05:00
Ryan Kelly d813465aef Release v1.106.0 2018-02-21 12:28:12 +11:00