Sean McArthur
|
c6c7905e58
|
Merge pull request #460 from mozilla/fix-config-env-OAUTH_CLIENTS
fix(config): expose clients config as OAUTH_CLIENTS
|
2017-04-15 11:49:25 -07:00 |
John Morrison
|
04ebf6fd79
|
fix(config): expose clients config as OAUTH_CLIENTS
|
2017-04-14 20:40:59 -07:00 |
Jon Buckley
|
dcc47b98ec
|
fix(patcher): Fix patcher with no pre-loaded clients
|
2017-04-13 20:26:02 -04:00 |
|
Jon Buckley
|
14a9b4a625
|
fix(config): Add environment config options
|
2017-04-13 16:32:42 -04:00 |
Vijay Budhram
|
c387907c97
|
feat(lb): Add `__lbheartbeat__` endpoint (#458), r=@jbuck
|
2017-04-10 15:49:28 -04:00 |
|
Sean McArthur
|
5b0c274a5c
|
Merge pull request #456 from mozilla/rm-old-docker
chore(docker): remove old docker self-host files
|
2017-04-06 11:04:36 -07:00 |
Ryan Kelly
|
0408487b86
|
Release v1.84.1
|
2017-04-05 14:40:43 -07:00 |
Ryan Kelly
|
24a570fbfa
|
chore(deps): Update hapi dependency. (#457), r=@vbudhram
|
2017-04-05 14:39:00 -07:00 |
vladikoff
|
9f5247f843
|
chore(docker): remove old docker self-host files
|
2017-04-05 11:23:02 -07:00 |
Shane Tomlinson
|
f187b1436e
|
Release v1.84.0
|
2017-04-04 10:45:29 -07:00 |
|
John Morrison
|
c870eba4ef
|
fix(test): fix unhandled rejection error with memory db impl (#454) r=vladikoff
|
2017-04-04 09:53:32 -07:00 |
|
Sean McArthur
|
228274b5f3
|
Merge pull request #455 from mozilla/fix-expose-more-config-in-env
fix(config): expose more environment variables for config
|
2017-04-03 17:36:23 -07:00 |
|
John Morrison
|
7a1dd19e1a
|
fix(config): expose more environment variables for config
|
2017-04-03 15:32:16 -07:00 |
|
Sean McArthur
|
7748dcea15
|
Merge pull request #451 from mozilla/generate-oauth-credentials
feat(scripts): Add script to generate an oauth client
|
2017-03-21 11:31:32 -07:00 |
|
Vlad Filippov
|
acff566494
|
chore(docs): add CircleCI badge to readme
|
2017-03-21 12:33:31 -04:00 |
|
Ryan Kelly
|
f44290c8cf
|
Release v1.83.0
|
2017-03-21 16:54:09 +11:00 |
|
Ryan Kelly
|
511d9a63b0
|
feat(keys): Add created-at timestamp to our public keys. (#453); r=seanmonstar,vladikoff
This will it easier for secops to audit our key rotation schedule.
|
2017-03-21 16:07:38 +11:00 |
|
Jon Buckley
|
f21f657afa
|
feat(scripts): Add script to generate an oauth client
|
2017-03-20 15:24:37 -04:00 |
Greg Guthe
|
a3b1aa2801
|
fix(version): use cwd and env var to get version (#452) r=vladikoff
|
2017-03-10 15:53:09 -05:00 |
|
John Morrison
|
547c3a8d3d
|
Merge pull request #450 from mozilla/test-insert-utf8mb4
fix(tests): check insert of utf8mb4
|
2017-03-01 15:08:46 -08:00 |
|
John Morrison
|
4e6a77a847
|
fix(tests): check insert of utf8mb4
|
2017-03-01 14:50:25 -08:00 |
|
Sean McArthur
|
72768961e0
|
Release v1.81.0
|
2017-02-24 15:10:25 -08:00 |
|
Vlad Filippov
|
9c632731a5
|
fix(api): clean up response of client-tokens delete endpoint (#3) (#449); r=rfk
Fixes https://github.com/mozilla/fxa-bugzilla-mirror/issues/219
|
2017-02-24 08:55:08 +11:00 |
|
Vlad Filippov
|
8d309c5b44
|
fix(db): ensure strict mode (#448) r=rfk,seanmonstar
Fixes #446
|
2017-02-16 10:07:29 -05:00 |
|
Vlad Filippov
|
33eb39ec9a
|
fix(logs): add scope and client_id logs to verify route (#447) r=seanmonstar
Fixes #444
|
2017-02-07 19:33:03 -05:00 |
|
vladikoff
|
f3dbc142d2
|
Release v0.80.0
|
2017-02-07 11:35:04 -05:00 |
|
Vlad Filippov
|
4efc383eff
|
refactor(client): scope added in memory and sql (#445) r=vladikoff
Fixes #431
|
2017-02-03 16:40:54 -08:00 |
Phil Booth
|
5c36e2158f
|
Release v0.79.0
|
2017-01-25 08:17:06 +00:00 |
|
Sean McArthur
|
7f21dedb9e
|
Merge pull request #440 from mozilla/fix-add-more-cache-control-settings-on-api
fix(headers): add cache-control headers to api endpoints; extend tests
|
2017-01-23 21:27:21 -08:00 |
|
Sean McArthur
|
2df6087208
|
Merge pull request #442 from mozilla/unique-key-ids
fix(keys): Generate unique 'kid' field when regenerating JWK keys
|
2017-01-23 12:20:21 -08:00 |
|
Ryan Kelly
|
5b9acae34c
|
fix(keys): Generate unique 'kid' field when regenerating JWK keys
|
2017-01-23 18:03:40 +11:00 |
|
John Morrison
|
5ba82ea696
|
fix(headers): make "cache-control" value configurable
|
2017-01-19 10:00:12 -08:00 |
Jon Buckley
|
13d13b9e7a
|
feat(docker): Shrink Docker image size (#438) r=vladikoff
|
2017-01-16 17:24:45 -05:00 |
|
John Morrison
|
5a81ef9446
|
fix(headers): add cache-control headers to api endpoints; extend tests
|
2017-01-13 22:45:58 -08:00 |
|
Jon Buckley
|
3380e1cc41
|
fix(scripts): Use pure JS module to generate RSA keypairs (#439) r=vladikoff
|
2017-01-13 15:10:22 -05:00 |
|
Sean McArthur
|
ee5f3c2c33
|
Release v0.78.0
|
2017-01-11 10:42:13 -08:00 |
|
Sean McArthur
|
154360c31a
|
Merge pull request #437 from g-k/enable-security-headers
Enable security headers
|
2017-01-09 13:10:21 -08:00 |
Greg Guthe
|
21ea05dd6a
|
fix(security): set x-frame-options deny
To prevent clickjacking and UI redress attacks, don't allow this page to
be iframed.
|
2017-01-09 15:19:19 -05:00 |
|
Greg Guthe
|
52ca1e56a5
|
fix(security): enable X-XSS-Protection 1; mode=block
Enable browser filters for reflected XSS.
|
2017-01-09 15:19:08 -05:00 |
|
Greg Guthe
|
5ea5001c17
|
fix(security): enable x-content-type-options nosniff
Turn off mime type sniffing to avoid XSS from the browser rendering
other resources as a HTML.
|
2017-01-09 15:15:49 -05:00 |
|
Ryan Kelly
|
36bf3fe399
|
Release v0.77.0
|
2017-01-04 16:31:37 +11:00 |
Divya Biyani
|
02dec6643a
|
fix(memorydb): token createdAt used instead of client createdAt (#436) r=vladikoff,seanmonstar
Fixes #421
|
2016-12-21 10:54:42 -05:00 |
|
Sean McArthur
|
286b79dda9
|
Merge pull request #433 from mozilla/access-token-expiry-epoch
Begin expiring access tokens beyond a configurable epoch.
|
2016-12-20 10:48:03 -08:00 |
|
Sean McArthur
|
03122d40c2
|
Merge pull request #434 from mozilla/promise-tests
chore(tests): Uniformly use promises rather than done() callback.
|
2016-12-20 10:28:02 -08:00 |
|
Sean McArthur
|
8b8369a3df
|
Merge pull request #435 from mozilla/remove-codes-after-use
fix(codes): Remove authorization codes after use.
|
2016-12-19 17:17:50 -08:00 |
|
Ryan Kelly
|
e0f8961dcd
|
fix(codes): Remove authorization codes after use.
|
2016-12-19 21:42:13 +11:00 |
|
Ryan Kelly
|
b3463264f9
|
fix(tokens): Begin expiring access tokens beyond a configurable epoch.
|
2016-12-19 15:11:10 +11:00 |
|
Ryan Kelly
|
2a4731f42c
|
chore(tests): Uniformly use promises rather than done() callback.
|
2016-12-19 13:44:08 +11:00 |
Vijay Budhram
|
6956dfad0a
|
Release v0.76.0
|
2016-12-13 15:49:32 -05:00 |
|
Vlad Filippov
|
fcc0b52af7
|
feat(authorization): add uri validation on the authorization endpoint (#428) r=jrgm,seanmonstar
Fixes #387
Fixes #388
|
2016-12-13 12:15:23 -05:00 |