summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Robert Kaiser [Tue, 3 Jan 2023 01:06:27 +0000 (02:06 +0100)]
add a human check to registrations
Robert Kaiser [Fri, 12 Aug 2022 19:57:42 +0000 (21:57 +0200)]
use better variant to deal with missing entries instead of error suppression to fix PHP8 notices
Robert Kaiser [Fri, 15 Jul 2022 19:20:17 +0000 (21:20 +0200)]
replace deprecated mhash() with hash_mac()
Robert Kaiser [Sun, 6 Mar 2022 18:46:19 +0000 (19:46 +0100)]
fix PHP 8.1 warnings, make sure we can update the dependencies correctly
Robert Kaiser [Fri, 19 Feb 2021 21:11:03 +0000 (22:11 +0100)]
update package dependency versions
Robert Kaiser [Wed, 7 Oct 2020 22:07:54 +0000 (00:07 +0200)]
switch vhost template to matomo as well
Robert Kaiser [Wed, 7 Oct 2020 21:57:03 +0000 (23:57 +0200)]
more switching of paths to matomo
Robert Kaiser [Wed, 7 Oct 2020 21:17:31 +0000 (23:17 +0200)]
switch path to matomo
Robert Kaiser [Wed, 7 Oct 2020 21:10:12 +0000 (23:10 +0200)]
switch path to matomo
Robert Kaiser [Thu, 16 Jul 2020 22:40:41 +0000 (00:40 +0200)]
better handle missing auth header, set explicit response types to not get warnings about an empty resonse type array, match other redirect field lengths with the saved redirect field
Robert Kaiser [Sun, 12 Feb 2017 18:49:13 +0000 (19:49 +0100)]
use correct table name
Robert Kaiser [Fri, 20 Jan 2017 14:56:35 +0000 (15:56 +0100)]
update L10n for the skin/branding changes, make default operator name be 'Example', add a stance of skin documentation to the README
Robert Kaiser [Fri, 20 Jan 2017 03:09:09 +0000 (04:09 +0100)]
KaiRo bug 375 - Make branding a configuration option
Robert Kaiser [Thu, 15 Dec 2016 23:47:16 +0000 (00:47 +0100)]
also document the basic items of what users need to use this authserver as an OAuth2 login provider
Robert Kaiser [Thu, 15 Dec 2016 23:28:16 +0000 (00:28 +0100)]
make the piwik code work with IE at least down to 8
Robert Kaiser [Thu, 15 Dec 2016 22:26:45 +0000 (23:26 +0100)]
make user_id 255 characters max again, as it is in the oauth2-server-php cookbook
Robert Kaiser [Thu, 15 Dec 2016 22:06:10 +0000 (23:06 +0100)]
move settings sanitation to utils, move whitelist for client registration to settings
Robert Kaiser [Thu, 15 Dec 2016 21:28:18 +0000 (22:28 +0100)]
KaiRo bug 413 - Set up doctrine DBAL to drive the DB and do schema migration
Robert Kaiser [Thu, 15 Dec 2016 15:50:25 +0000 (16:50 +0100)]
merge DB config into normal settings - this is another part of bug 415
Robert Kaiser [Thu, 15 Dec 2016 15:26:38 +0000 (16:26 +0100)]
KaiRo bug 414 - Document setup and installation
Robert Kaiser [Thu, 15 Dec 2016 15:26:07 +0000 (16:26 +0100)]
make onload fallback actually work, and comment on piwik brokenness with IE10 or lower due to using dataset
Robert Kaiser [Thu, 15 Dec 2016 14:37:47 +0000 (15:37 +0100)]
KaiRo bug 415 - Consolidate some more setup code into the utilities class
Robert Kaiser [Thu, 15 Dec 2016 13:57:44 +0000 (14:57 +0100)]
KaiRo bug 412 - Use composer to load oauth2-server-php and doctrine DBAL
Robert Kaiser [Fri, 9 Dec 2016 22:53:05 +0000 (23:53 +0100)]
allow localhost emails (mainly for testing), make sure any query that sets a user also fetches the group id
Robert Kaiser [Fri, 9 Dec 2016 21:30:30 +0000 (22:30 +0100)]
message can contain a link, so use appendHTMLMarkup
Robert Kaiser [Sat, 3 Dec 2016 16:45:08 +0000 (17:45 +0100)]
also put piwik tracking into token request
Robert Kaiser [Fri, 2 Dec 2016 17:05:50 +0000 (18:05 +0100)]
also integrate Pwiki for those endpoints that do not actually output HTML but just JSON
Robert Kaiser [Thu, 1 Dec 2016 19:17:22 +0000 (20:17 +0100)]
move building the HTML into a function in utils, KaiRo bug 410 - Add Piwik support to the auth system
Robert Kaiser [Tue, 29 Nov 2016 19:05:07 +0000 (20:05 +0100)]
KaiRo bug 399 - Move Auth Service to using php-utility-classes
Robert Kaiser [Sat, 26 Nov 2016 22:07:37 +0000 (23:07 +0100)]
skip interstitial page when we come from login page and redirect to different domain
Robert Kaiser [Fri, 18 Nov 2016 17:08:58 +0000 (18:08 +0100)]
ignore teporary file copies
Robert Kaiser [Fri, 18 Nov 2016 17:08:06 +0000 (18:08 +0100)]
Bug 396 - Localize the Auth service (in German); including some fixes to make code code (better) localizable
Robert Kaiser [Fri, 18 Nov 2016 04:57:28 +0000 (05:57 +0100)]
add some base work for KaiRo bug 396 - adding L10n to the auth system
Robert Kaiser [Fri, 18 Nov 2016 04:07:57 +0000 (05:07 +0100)]
new locations for utilities to include, do not track those in this git repo
Robert Kaiser [Fri, 18 Nov 2016 04:01:38 +0000 (05:01 +0100)]
move actual application into a subdirectory so we can deliver other things in the same repository
Robert Kaiser [Wed, 16 Nov 2016 20:55:50 +0000 (21:55 +0100)]
extract domains from redirect URIs, fall back to client ID when that is not present
Robert Kaiser [Wed, 16 Nov 2016 19:34:05 +0000 (20:34 +0100)]
remove remember button until bug 394 can be implemented
Robert Kaiser [Wed, 16 Nov 2016 19:29:13 +0000 (20:29 +0100)]
KaiRo bug 393 - Create a grouping mechanism for user names so people with multiple logins can chose; also move some session handling functions into the utilities
Robert Kaiser [Wed, 16 Nov 2016 03:54:45 +0000 (04:54 +0100)]
KaiRo bug 392 - Create an interstitial page to confirm the user to log in
Robert Kaiser [Mon, 14 Nov 2016 21:35:10 +0000 (22:35 +0100)]
Second part of KaiRo bug 371 - Make design somewhat more appealing, make it work decently/responsively on mobile
Robert Kaiser [Mon, 14 Nov 2016 21:02:18 +0000 (22:02 +0100)]
KaiRo bug 371 - Make design somewhat more appealing
Robert Kaiser [Mon, 14 Nov 2016 21:01:44 +0000 (22:01 +0100)]
add some links back to the top page so we don't get stuck on subpages
Robert Kaiser [Mon, 14 Nov 2016 21:00:57 +0000 (22:00 +0100)]
add a comment for debugging - we may want to add an insecure local domain name for testing temporarily
Robert Kaiser [Mon, 14 Nov 2016 20:59:56 +0000 (21:59 +0100)]
make the JS compatible with older IE versions, though this is a hack that hardcodes unrelated class names
Robert Kaiser [Wed, 2 Nov 2016 21:15:06 +0000 (22:15 +0100)]
set some security flags recommended by the Mozilla Observatory
Robert Kaiser [Sat, 29 Oct 2016 18:04:19 +0000 (20:04 +0200)]
make rewrites actually work correctly so that even for JSON we do not have to supple the .php ending
Robert Kaiser [Sat, 29 Oct 2016 17:18:31 +0000 (19:18 +0200)]
suppress error as result will be fine
Robert Kaiser [Sat, 29 Oct 2016 16:29:39 +0000 (18:29 +0200)]
create an API to retrieve emails and set new clients, add very rudimentary client management so master clients for the systems can be set, auto-authorize email scope, allow refresh tokens, give them 90 days validity
Robert Kaiser [Fri, 28 Oct 2016 18:56:13 +0000 (20:56 +0200)]
remove the saved redirect when it's being used, always accept email scope
Robert Kaiser [Fri, 28 Oct 2016 17:12:54 +0000 (19:12 +0200)]
secure token requests
Robert Kaiser [Fri, 28 Oct 2016 17:08:02 +0000 (19:08 +0200)]
make login on authorize actually work and redirect back to the authorize form after login
Robert Kaiser [Fri, 28 Oct 2016 15:44:49 +0000 (17:44 +0200)]
check session and login in authorize request
Robert Kaiser [Fri, 28 Oct 2016 15:42:57 +0000 (17:42 +0200)]
move session init into utils, re-fetch session after login
Robert Kaiser [Fri, 28 Oct 2016 01:18:07 +0000 (03:18 +0200)]
first step in making the authorize target work correctly, move check for secure connection into utils
Robert Kaiser [Thu, 27 Oct 2016 00:54:33 +0000 (02:54 +0200)]
log failures and some other actions
Robert Kaiser [Wed, 26 Oct 2016 23:49:06 +0000 (01:49 +0200)]
actually use the on-disk site-specific nonce to 'pepper' passwords before hashing so that stealing the database won't even reveal weak passwords
Robert Kaiser [Wed, 26 Oct 2016 23:18:24 +0000 (01:18 +0200)]
convert AuthUtils to a non-static class and instantiate it as an object, support site-wide nonces in settings
Robert Kaiser [Wed, 26 Oct 2016 22:32:28 +0000 (00:32 +0200)]
move password functions into utils class
Robert Kaiser [Wed, 26 Oct 2016 21:28:16 +0000 (23:28 +0200)]
move helper functions to an abstract class
Robert Kaiser [Wed, 26 Oct 2016 20:17:37 +0000 (22:17 +0200)]
make password reset work and verify timecodes
Robert Kaiser [Mon, 24 Oct 2016 20:58:24 +0000 (22:58 +0200)]
make password change work and add a time-based code to our forms (still needs to be verified)
Robert Kaiser [Mon, 24 Oct 2016 16:29:31 +0000 (18:29 +0200)]
make creating users and verifying emails actually work
Robert Kaiser [Mon, 24 Oct 2016 01:58:00 +0000 (03:58 +0200)]
require JS, set cookies, make parts of login flow work
Robert Kaiser [Sun, 23 Oct 2016 19:04:55 +0000 (21:04 +0200)]
some steps to get an actual authentication going, consolidate includes, put DB configuration into /etc to not expose password
Robert Kaiser [Fri, 30 Sep 2016 14:46:09 +0000 (16:46 +0200)]
add example files to auth server