aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/oauth
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'stable'Christopher Allan Webber2015-12-202-0/+21
|\
| * Fix security issue in OAuth verifier validationJessica Tallon2015-12-192-0/+21
| |
* | Fix #5353 - Bug in OAuth which referenced "user"Jessica Tallon2015-10-172-7/+7
| | | | | | | | | | | | | | There was a recent change in 0f3bf8d where several names which were used to refer the actor where renamed to the standard "actor" property name. There were some places in the OAuth decorator and the OAuth views where the old names were still referred. This fixes that.
* | Fix #5344 - OAuth NotImplemented exceptionJessica Tallon2015-08-213-8/+43
|/ | | | | | | | | | | | This introduces a migration which adds a dummy Client, RequestToken and AccessToken. These are used when an invalid request comes in, instead of bailing early, it needs dummy data to prevent timing attacks. This then implements the methods which get the IDs of the dummy objects. If these are changed in the future a migration which checks for the previous dummy object should be created and updates them to reflect the new IDs/tokens.
* Fix #1057 - unquote redirection URL on successful OAuth authorizationJessica Tallon2014-12-081-1/+5
|
* Fix OAuth length problems in clients by removing that constraintJessica Tallon2014-12-081-3/+11
|
* Partial fix #1048 - Don't require as long nonceJessica Tallon2014-12-051-0/+4
|
* Fix #1016 - Covert the timestamp from seconds to datetime objectJessica Tallon2014-11-041-0/+9
|
* Fix typo in client registration API for logo_uriJessica Tallon2014-10-021-4/+4
|
* Fix Content-Disposition error for retrieving OAuth request tokensJessica Tallon2014-09-241-4/+0
|
* Merge branch 'master' into merge-python3-portChristopher Allan Webber2014-09-163-21/+20
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Has some issues, will iteratively fix! Conflicts: mediagoblin/gmg_commands/__init__.py mediagoblin/gmg_commands/deletemedia.py mediagoblin/gmg_commands/users.py mediagoblin/oauth/views.py mediagoblin/plugins/api/views.py mediagoblin/tests/test_api.py mediagoblin/tests/test_edit.py mediagoblin/tests/test_oauth1.py mediagoblin/tests/test_util.py mediagoblin/tools/mail.py mediagoblin/webfinger/views.py setup.py
| * Tidy up federation code and add tests to cover more of the APIsJessica Tallon2014-08-181-1/+0
| |
| * Use oauthlib's safe characters when generating client_key and client_secretJessica Tallon2014-08-181-4/+3
| |
| * Fix problem in OAuth viewsJessica Tallon2014-07-221-1/+2
| |
| * Clean up & Add support to update objects in feed APIJessica Tallon2014-07-221-9/+7
| |
| * Add basic upload image capabilitiesxray72242014-07-221-1/+1
| |
| * Support some webfinger API's and real profile and /api/user/<user>/xray72242014-07-221-4/+4
| |
| * Allow crypto.random_string to take optional alphabet paramJessica Tallon2014-07-081-5/+8
| |
* | Use isinstance and six.text_type to check types of an object.Berker Peksag2014-07-281-2/+4
|/
* not all JSONEncoded fields should be mutable dictsRodney Ewing2013-09-191-25/+25
|
* Fix problem causing exception when invalid Authentication header providedxray72242013-07-291-2/+5
|
* Renames OAuth1 code to federationxray72242013-07-229-0/+612
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-06 17:02:21 +0000