diogo/indieauth
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
83 Commits 1 Branch 1 Tag
Commit Graph

36 Commits

Author SHA1 Message Date
Diogo Peralta Cordeiro
3023179d74
Fix wrong log warning message for request_uri validation 2022-01-20 12:11:40 +00:00
Barnaby Walters
7a62d38333 Minor changes for PHP 7.3 compatibility 2021-06-24 13:29:39 +02:00
Barnaby Walters
87bfe33443 Added additional logging 2021-06-18 16:33:39 +02:00
Barnaby Walters
a2d8223650 Documented config parameter 2021-06-18 00:48:05 +02:00
Barnaby Walters
1af270b42f Implemented, tested non-PKCE flow. Fixes #1 2021-06-18 00:39:21 +02:00
Barnaby Walters
ce541c3607 Added test for missing parameters, now also validating code_challenge_method 2021-06-16 23:41:51 +02:00
Barnaby Walters
bb22f9b0e3 Linked build status badge to builds page 2021-06-16 15:58:28 +02:00
Barnaby Walters
6b3c56fb6e Fixed more static issues 2021-06-15 01:14:27 +02:00
Barnaby Walters
7a64366d56 Corrected some more type issues 2021-06-15 01:03:11 +02:00
Barnaby Walters
896f661a7f Installed Psalm, set up static analysis 
Fixed a couple of minor issues
 2021-06-15 00:51:04 +02:00
Barnaby Walters
ca1819776e Tested SingleUserPasswordAuthCallback, improved ServerTest 2021-06-13 15:24:17 +02:00
Barnaby Walters
61aa7f55f9 Refactored TokenStorageInterface for an improved flow 
* Now passing an auth code data validation callback to the exchange method
* Removed Token, it’s no longer necessary
* Simplified interface where possible
* All tests passing
* Updated docblocks
 2021-06-13 14:34:37 +02:00
Barnaby Walters
645ab833c5 Fixed reference: 2021-06-13 12:49:23 +02:00
Barnaby Walters
7f1cb9e8b2 Improved naming of authentication callback config key 2021-06-13 00:19:16 +02:00
Barnaby Walters
2f47415332 Clarified implied provenance of example secret 2021-06-12 23:11:05 +02:00
Barnaby Walters
f28471df25 Cleaned up usage examples 2021-06-12 23:10:20 +02:00
Barnaby Walters
3881139b95 Refactored Server to validate params in the correct order 
* Authorization requests start by validating the client_id and redirect_id, and
  if valid, any further errors are reported by redirecting to the redirect_uri
* Exchange requests attempt to exchange an auth code immediately, ensuring that
  auth codes are revoked if the exchange request results in an error (not in the
  spec explicitly, but advised by aaronpk)
 2021-06-12 22:54:08 +02:00
Barnaby Walters
a0fe1b5f80 Required cache-control headers on more responses 2021-06-12 20:08:16 +02:00
Barnaby Walters
196d8a887f Documented Server, both important Interfaces 2021-06-11 01:21:39 +02:00
Barnaby Walters
db39fff517 Server at 100% test coverage 2021-06-10 20:46:01 +02:00
Barnaby Walters
4743922954 Implemented and tested both code exchange routes 2021-06-10 20:05:26 +02:00
Barnaby Walters
c3b4e5ec5b Started implementing token exchange, tests 2021-06-10 18:23:21 +02:00
Barnaby Walters
9fc7299232 Added auth request parameter validation, tests. Started work on exchange methods 2021-06-10 18:18:49 +02:00
Barnaby Walters
e3c3d124bb Added auth request parameter validation, tests. Started work on exchange methods 2021-06-10 17:49:27 +02:00
Barnaby Walters
bfadaf2fb2 Updated Server and tests to work with new TokenStorageInterface 2021-06-10 14:11:58 +02:00
Barnaby Walters
ed5f43a5e4 Started reworking TokenStorage 2021-06-09 21:56:16 +02:00
Barnaby Walters
c106e1568c Removed some unused use statements, un-required psr/http-client 2021-06-09 01:14:23 +02:00
Barnaby Walters
c8979a4857 Excluded templates from test coverage, now up to 89% 2021-06-09 00:26:27 +02:00
Barnaby Walters
c4b1409f13 Cleaned up some unused use statements, added code coverage script. 79% covered already 2021-06-09 00:21:33 +02:00
Barnaby Walters
6d5e93b07c Refactored Exception Handling, mostly tested authorization request handler 
* Internal error conditions now raise IndieAuthException
* Bubbled unknown exceptions converted to generic IndieAuthException
* Exceptions passed to overridable handler, turned into response
* Wrote many more tests, fixed a variety of problems
 2021-06-09 00:06:35 +02:00
Barnaby Walters
61bc3d7418 Wrote some more Server tests 2021-06-08 00:58:19 +02:00
Barnaby Walters
b2c4f8eee5 Created default authorization and authentication callbacks 
* Created corresponding templates
* Changed how Server configuration works
* Ensured that rauthorization approval requests verify their indieauth parameters
* Wrote first passing test for Server, fixed a variety of small errors along the way
 2021-06-07 20:32:02 +02:00
Barnaby Walters
4d3a025296 Expanded default authorization view callback, default form template 2021-06-07 01:39:33 +02:00
Barnaby Walters
7442da1ae9 Started putting default templates together 2021-06-06 17:47:06 +02:00
Barnaby Walters
ddcaf4b64d Started writing tests 
* Tested the more important functions
* Tested the Double-Submit CSRF Middleware
 2021-06-06 17:03:13 +02:00
Barnaby Walters
b111c619d4 Restructured src to use PSR-4 autoloading, moved many functions to functions.php 2021-06-06 15:13:13 +02:00