Barnaby Walters
7a64366d56
Corrected some more type issues
2021-06-15 01:03:11 +02:00
Barnaby Walters
896f661a7f
Installed Psalm, set up static analysis
...
Fixed a couple of minor issues
2021-06-15 00:51:04 +02:00
Barnaby Walters
f0469a7d54
Added build status badge
2021-06-15 00:20:14 +02:00
Barnaby Walters
353b163471
Set action PHP version to 7.4
2021-06-15 00:04:53 +02:00
Barnaby Walters
390bbacd80
Moved setup-php to correct location
2021-06-15 00:03:45 +02:00
Barnaby Walters
6ee1c0986d
Fixed syntax
2021-06-15 00:03:05 +02:00
Barnaby Walters
83900d915d
Set GH action to use PHP 7.3
2021-06-15 00:02:34 +02:00
Barnaby Walters
7cc21b39c3
Changed GH action
2021-06-14 23:57:45 +02:00
Barnaby Walters
a98ca9e33d
Merge branch 'main' of github.com:Taproot/indieauth
2021-06-14 23:53:23 +02:00
Barnaby Walters
37ae81ed5c
Fixed nyholm requirement
2021-06-14 23:53:15 +02:00
Barnaby Walters
23520e79e3
Create php.yml
2021-06-14 23:50:20 +02:00
Barnaby Walters
998c246d2d
Regenerated coverage
2021-06-13 15:55:36 +02:00
Barnaby Walters
aba744948e
Added quick links to README
2021-06-13 15:49:23 +02:00
Barnaby Walters
5ee97182bc
Regenerated coverage to work with GH pages:
2021-06-13 15:47:54 +02:00
Barnaby Walters
31bc355fcf
Re-ran coverage
2021-06-13 15:37:41 +02:00
Barnaby Walters
36d56807fe
Regenerated docs
2021-06-13 15:35:36 +02:00
Barnaby Walters
2255202803
Added test coverage data to docs folder so it shows up in GH pages
2021-06-13 15:35:07 +02:00
Barnaby Walters
bf16d0eb55
Improved some tests, got to 95% coverage
2021-06-13 15:30:58 +02:00
Barnaby Walters
ca1819776e
Tested SingleUserPasswordAuthCallback, improved ServerTest
2021-06-13 15:24:17 +02:00
Barnaby Walters
74a5797c30
Added pseudocode example
2021-06-13 14:40:53 +02:00
Barnaby Walters
61aa7f55f9
Refactored TokenStorageInterface for an improved flow
...
* Now passing an auth code data validation callback to the exchange method
* Removed Token, it’s no longer necessary
* Simplified interface where possible
* All tests passing
* Updated docblocks
2021-06-13 14:34:37 +02:00
Barnaby Walters
645ab833c5
Fixed reference:
2021-06-13 12:49:23 +02:00
Barnaby Walters
b53d5fc1da
Syntax-highlighted doc examples
2021-06-13 00:30:44 +02:00
Barnaby Walters
d0fa39472a
ditto in README
2021-06-13 00:19:41 +02:00
Barnaby Walters
7f1cb9e8b2
Improved naming of authentication callback config key
2021-06-13 00:19:16 +02:00
Barnaby Walters
62d02dacc0
Added a bunch of extra documentation
2021-06-13 00:01:32 +02:00
Barnaby Walters
9234ad64bd
parens
2021-06-12 23:27:46 +02:00
Barnaby Walters
efaa4b0cdf
Added link to handleauthendpointrequest
2021-06-12 23:27:20 +02:00
Barnaby Walters
842d83af8e
Made docs link more specific, added helpful links
2021-06-12 23:23:48 +02:00
Barnaby Walters
96e30c8dd1
Linked to GH pages documentation
2021-06-12 23:17:02 +02:00
Barnaby Walters
1a33705de5
Regenerated docs
2021-06-12 23:11:33 +02:00
Barnaby Walters
be44ce6330
Clarified implied provenance of example secret
2021-06-12 23:11:17 +02:00
Barnaby Walters
2f47415332
Clarified implied provenance of example secret
2021-06-12 23:11:05 +02:00
Barnaby Walters
f28471df25
Cleaned up usage examples
2021-06-12 23:10:20 +02:00
Barnaby Walters
128da7f53e
Stubbed README with usage example from Server docblock
2021-06-12 23:06:55 +02:00
Barnaby Walters
02a2773c60
Added phpdoc config, generated documentation
2021-06-12 23:04:51 +02:00
Barnaby Walters
3881139b95
Refactored Server to validate params in the correct order
...
* Authorization requests start by validating the client_id and redirect_id, and
if valid, any further errors are reported by redirecting to the redirect_uri
* Exchange requests attempt to exchange an auth code immediately, ensuring that
auth codes are revoked if the exchange request results in an error (not in the
spec explicitly, but advised by aaronpk)
2021-06-12 22:54:08 +02:00
Barnaby Walters
a0fe1b5f80
Required cache-control headers on more responses
2021-06-12 20:08:16 +02:00
Barnaby Walters
f66473cc53
Started documenting the DSC-CSRF middleware
2021-06-11 01:52:09 +02:00
Barnaby Walters
c0abe846cd
Doc clarifications
2021-06-11 01:33:36 +02:00
Barnaby Walters
196d8a887f
Documented Server, both important Interfaces
2021-06-11 01:21:39 +02:00
Barnaby Walters
db39fff517
Server at 100% test coverage
2021-06-10 20:46:01 +02:00
Barnaby Walters
4743922954
Implemented and tested both code exchange routes
2021-06-10 20:05:26 +02:00
Barnaby Walters
9c6ef316e1
Started implementing token exchange, tests
2021-06-10 18:25:54 +02:00
Barnaby Walters
c3b4e5ec5b
Started implementing token exchange, tests
2021-06-10 18:23:21 +02:00
Barnaby Walters
9fc7299232
Added auth request parameter validation, tests. Started work on exchange methods
2021-06-10 18:18:49 +02:00
Barnaby Walters
e3c3d124bb
Added auth request parameter validation, tests. Started work on exchange methods
2021-06-10 17:49:27 +02:00
Barnaby Walters
3ae570809e
Added some validation and utility functions, with tests
2021-06-10 15:37:07 +02:00
Barnaby Walters
bfadaf2fb2
Updated Server and tests to work with new TokenStorageInterface
2021-06-10 14:11:58 +02:00
Barnaby Walters
ec27c48946
Reworked TokenStorageInterface, changed JsonStorage
...
* TokenStorageInterface is now responsible for accessing both auth codes
and access tokens
* TokenStorageInterface now only defines the methods strictly required
for IndieAuth to work
* TokenStorageInterface now responsible for generating the auth code,
making self-encoded codes possible.
* TokenStorageInterface now responsible for token lifetimes, expiry,
and exchange
* JsonStorage implements new methods, all disk access is wrapped with
lock acquisition
Tests not yet updated!
2021-06-09 23:46:33 +02:00