authserver.git
2 years agouse correct table name master github/master
Robert Kaiser [Sun, 12 Feb 2017 18:49:13 +0000 (19:49 +0100)]
use correct table name

2 years agoupdate L10n for the skin/branding changes, make default operator name be 'Example...
Robert Kaiser [Fri, 20 Jan 2017 14:56:35 +0000 (15:56 +0100)]
update L10n for the skin/branding changes, make default operator name be 'Example', add a stance of skin documentation to the README

2 years agoKaiRo bug 375 - Make branding a configuration option
Robert Kaiser [Fri, 20 Jan 2017 03:09:09 +0000 (04:09 +0100)]
KaiRo bug 375 - Make branding a configuration option

2 years agoalso document the basic items of what users need to use this authserver as an OAuth2...
Robert Kaiser [Thu, 15 Dec 2016 23:47:16 +0000 (00:47 +0100)]
also document the basic items of what users need to use this authserver as an OAuth2 login provider

2 years agomake the piwik code work with IE at least down to 8
Robert Kaiser [Thu, 15 Dec 2016 23:28:16 +0000 (00:28 +0100)]
make the piwik code work with IE at least down to 8

2 years agomake user_id 255 characters max again, as it is in the oauth2-server-php cookbook
Robert Kaiser [Thu, 15 Dec 2016 22:26:45 +0000 (23:26 +0100)]
make user_id 255 characters max again, as it is in the oauth2-server-php cookbook

2 years agomove settings sanitation to utils, move whitelist for client registration to settings
Robert Kaiser [Thu, 15 Dec 2016 22:06:10 +0000 (23:06 +0100)]
move settings sanitation to utils, move whitelist for client registration to settings

2 years agoKaiRo bug 413 - Set up doctrine DBAL to drive the DB and do schema migration
Robert Kaiser [Thu, 15 Dec 2016 21:28:18 +0000 (22:28 +0100)]
KaiRo bug 413 - Set up doctrine DBAL to drive the DB and do schema migration

2 years agomerge DB config into normal settings - this is another part of bug 415
Robert Kaiser [Thu, 15 Dec 2016 15:50:25 +0000 (16:50 +0100)]
merge DB config into normal settings - this is another part of bug 415

2 years agoKaiRo bug 414 - Document setup and installation
Robert Kaiser [Thu, 15 Dec 2016 15:26:38 +0000 (16:26 +0100)]
KaiRo bug 414 - Document setup and installation

2 years agomake onload fallback actually work, and comment on piwik brokenness with IE10 or...
Robert Kaiser [Thu, 15 Dec 2016 15:26:07 +0000 (16:26 +0100)]
make onload fallback actually work, and comment on piwik brokenness with IE10 or lower due to using dataset

2 years agoKaiRo bug 415 - Consolidate some more setup code into the utilities class
Robert Kaiser [Thu, 15 Dec 2016 14:37:47 +0000 (15:37 +0100)]
KaiRo bug 415 - Consolidate some more setup code into the utilities class

2 years agoKaiRo bug 412 - Use composer to load oauth2-server-php and doctrine DBAL
Robert Kaiser [Thu, 15 Dec 2016 13:57:44 +0000 (14:57 +0100)]
KaiRo bug 412 - Use composer to load oauth2-server-php and doctrine DBAL

2 years agoallow localhost emails (mainly for testing), make sure any query that sets a user...
Robert Kaiser [Fri, 9 Dec 2016 22:53:05 +0000 (23:53 +0100)]
allow localhost emails (mainly for testing), make sure any query that sets a user also fetches the group id

2 years agomessage can contain a link, so use appendHTMLMarkup
Robert Kaiser [Fri, 9 Dec 2016 21:30:30 +0000 (22:30 +0100)]
message can contain a link, so use appendHTMLMarkup

2 years agoalso put piwik tracking into token request
Robert Kaiser [Sat, 3 Dec 2016 16:45:08 +0000 (17:45 +0100)]
also put piwik tracking into token request

2 years agoalso integrate Pwiki for those endpoints that do not actually output HTML but just...
Robert Kaiser [Fri, 2 Dec 2016 17:05:50 +0000 (18:05 +0100)]
also integrate Pwiki for those endpoints that do not actually output HTML but just JSON

2 years agomove building the HTML into a function in utils, KaiRo bug 410 - Add Piwik support...
Robert Kaiser [Thu, 1 Dec 2016 19:17:22 +0000 (20:17 +0100)]
move building the HTML into a function in utils, KaiRo bug 410 - Add Piwik support to the auth system

2 years agoKaiRo bug 399 - Move Auth Service to using php-utility-classes
Robert Kaiser [Tue, 29 Nov 2016 19:05:07 +0000 (20:05 +0100)]
KaiRo bug 399 - Move Auth Service to using php-utility-classes

2 years agoskip interstitial page when we come from login page and redirect to different domain
Robert Kaiser [Sat, 26 Nov 2016 22:07:37 +0000 (23:07 +0100)]
skip interstitial page when we come from login page and redirect to different domain

2 years agoignore teporary file copies
Robert Kaiser [Fri, 18 Nov 2016 17:08:58 +0000 (18:08 +0100)]
ignore teporary file copies

2 years agoBug 396 - Localize the Auth service (in German); including some fixes to make code...
Robert Kaiser [Fri, 18 Nov 2016 17:08:06 +0000 (18:08 +0100)]
Bug 396 - Localize the Auth service (in German); including some fixes to make code code (better) localizable

3 years agoadd some base work for KaiRo bug 396 - adding L10n to the auth system
Robert Kaiser [Fri, 18 Nov 2016 04:57:28 +0000 (05:57 +0100)]
add some base work for KaiRo bug 396 - adding L10n to the auth system

3 years agonew locations for utilities to include, do not track those in this git repo
Robert Kaiser [Fri, 18 Nov 2016 04:07:57 +0000 (05:07 +0100)]
new locations for utilities to include, do not track those in this git repo

3 years agomove actual application into a subdirectory so we can deliver other things in the...
Robert Kaiser [Fri, 18 Nov 2016 04:01:38 +0000 (05:01 +0100)]
move actual application into a subdirectory so we can deliver other things in the same repository

3 years agoextract domains from redirect URIs, fall back to client ID when that is not present
Robert Kaiser [Wed, 16 Nov 2016 20:55:50 +0000 (21:55 +0100)]
extract domains from redirect URIs, fall back to client ID when that is not present

3 years agoremove remember button until bug 394 can be implemented
Robert Kaiser [Wed, 16 Nov 2016 19:34:05 +0000 (20:34 +0100)]
remove remember button until bug 394 can be implemented

3 years agoKaiRo bug 393 - Create a grouping mechanism for user names so people with multiple...
Robert Kaiser [Wed, 16 Nov 2016 19:29:13 +0000 (20:29 +0100)]
KaiRo bug 393 - Create a grouping mechanism for user names so people with multiple logins can chose; also move some session handling functions into the utilities

3 years agoKaiRo bug 392 - Create an interstitial page to confirm the user to log in
Robert Kaiser [Wed, 16 Nov 2016 03:54:45 +0000 (04:54 +0100)]
KaiRo bug 392 - Create an interstitial page to confirm the user to log in

3 years agoSecond part of KaiRo bug 371 - Make design somewhat more appealing, make it work...
Robert Kaiser [Mon, 14 Nov 2016 21:35:10 +0000 (22:35 +0100)]
Second part of KaiRo bug 371 - Make design somewhat more appealing, make it work decently/responsively on mobile

3 years agoKaiRo bug 371 - Make design somewhat more appealing
Robert Kaiser [Mon, 14 Nov 2016 21:02:18 +0000 (22:02 +0100)]
KaiRo bug 371 - Make design somewhat more appealing

3 years agoadd some links back to the top page so we don't get stuck on subpages
Robert Kaiser [Mon, 14 Nov 2016 21:01:44 +0000 (22:01 +0100)]
add some links back to the top page so we don't get stuck on subpages

3 years agoadd a comment for debugging - we may want to add an insecure local domain name for...
Robert Kaiser [Mon, 14 Nov 2016 21:00:57 +0000 (22:00 +0100)]
add a comment for debugging - we may want to add an insecure local domain name for testing temporarily

3 years agomake the JS compatible with older IE versions, though this is a hack that hardcodes...
Robert Kaiser [Mon, 14 Nov 2016 20:59:56 +0000 (21:59 +0100)]
make the JS compatible with older IE versions, though this is a hack that hardcodes unrelated class names

3 years agoset some security flags recommended by the Mozilla Observatory
Robert Kaiser [Wed, 2 Nov 2016 21:15:06 +0000 (22:15 +0100)]
set some security flags recommended by the Mozilla Observatory

3 years agomake rewrites actually work correctly so that even for JSON we do not have to supple...
Robert Kaiser [Sat, 29 Oct 2016 18:04:19 +0000 (20:04 +0200)]
make rewrites actually work correctly so that even for JSON we do not have to supple the .php ending

3 years agosuppress error as result will be fine
Robert Kaiser [Sat, 29 Oct 2016 17:18:31 +0000 (19:18 +0200)]
suppress error as result will be fine

3 years agocreate an API to retrieve emails and set new clients, add very rudimentary client...
Robert Kaiser [Sat, 29 Oct 2016 16:29:39 +0000 (18:29 +0200)]
create an API to retrieve emails and set new clients, add very rudimentary client management so master clients for the systems can be set, auto-authorize email scope, allow refresh tokens, give them 90 days validity

3 years agoremove the saved redirect when it's being used, always accept email scope
Robert Kaiser [Fri, 28 Oct 2016 18:56:13 +0000 (20:56 +0200)]
remove the saved redirect when it's being used, always accept email scope

3 years agosecure token requests
Robert Kaiser [Fri, 28 Oct 2016 17:12:54 +0000 (19:12 +0200)]
secure token requests

3 years agomake login on authorize actually work and redirect back to the authorize form after...
Robert Kaiser [Fri, 28 Oct 2016 17:08:02 +0000 (19:08 +0200)]
make login on authorize actually work and redirect back to the authorize form after login

3 years agocheck session and login in authorize request
Robert Kaiser [Fri, 28 Oct 2016 15:44:49 +0000 (17:44 +0200)]
check session and login in authorize request

3 years agomove session init into utils, re-fetch session after login
Robert Kaiser [Fri, 28 Oct 2016 15:42:57 +0000 (17:42 +0200)]
move session init into utils, re-fetch session after login

3 years agofirst step in making the authorize target work correctly, move check for secure conne...
Robert Kaiser [Fri, 28 Oct 2016 01:18:07 +0000 (03:18 +0200)]
first step in making the authorize target work correctly, move check for secure connection into utils

3 years agolog failures and some other actions
Robert Kaiser [Thu, 27 Oct 2016 00:54:33 +0000 (02:54 +0200)]
log failures and some other actions

3 years agoactually use the on-disk site-specific nonce to 'pepper' passwords before hashing...
Robert Kaiser [Wed, 26 Oct 2016 23:49:06 +0000 (01:49 +0200)]
actually use the on-disk site-specific nonce to 'pepper' passwords before hashing so that stealing the database won't even reveal weak passwords

3 years agoconvert AuthUtils to a non-static class and instantiate it as an object, support...
Robert Kaiser [Wed, 26 Oct 2016 23:18:24 +0000 (01:18 +0200)]
convert AuthUtils to a non-static class and instantiate it as an object, support site-wide nonces in settings

3 years agomove password functions into utils class
Robert Kaiser [Wed, 26 Oct 2016 22:32:28 +0000 (00:32 +0200)]
move password functions into utils class

3 years agomove helper functions to an abstract class
Robert Kaiser [Wed, 26 Oct 2016 21:28:16 +0000 (23:28 +0200)]
move helper functions to an abstract class

3 years agomake password reset work and verify timecodes
Robert Kaiser [Wed, 26 Oct 2016 20:17:37 +0000 (22:17 +0200)]
make password reset work and verify timecodes

3 years agomake password change work and add a time-based code to our forms (still needs to...
Robert Kaiser [Mon, 24 Oct 2016 20:58:24 +0000 (22:58 +0200)]
make password change work and add a time-based code to our forms (still needs to be verified)

3 years agomake creating users and verifying emails actually work
Robert Kaiser [Mon, 24 Oct 2016 16:29:31 +0000 (18:29 +0200)]
make creating users and verifying emails actually work

3 years agorequire JS, set cookies, make parts of login flow work
Robert Kaiser [Mon, 24 Oct 2016 01:58:00 +0000 (03:58 +0200)]
require JS, set cookies, make parts of login flow work

3 years agosome steps to get an actual authentication going, consolidate includes, put DB config...
Robert Kaiser [Sun, 23 Oct 2016 19:04:55 +0000 (21:04 +0200)]
some steps to get an actual authentication going, consolidate includes, put DB configuration into /etc to not expose password

3 years agoadd example files to auth server
Robert Kaiser [Fri, 30 Sep 2016 14:46:09 +0000 (16:46 +0200)]
add example files to auth server