Commit Graph

64 Commits

Author SHA1 Message Date
Barnaby Walters
7a64366d56 Corrected some more type issues 2021-06-15 01:03:11 +02:00
Barnaby Walters
896f661a7f Installed Psalm, set up static analysis
Fixed a couple of minor issues
2021-06-15 00:51:04 +02:00
Barnaby Walters
f0469a7d54 Added build status badge 2021-06-15 00:20:14 +02:00
Barnaby Walters
353b163471 Set action PHP version to 7.4 2021-06-15 00:04:53 +02:00
Barnaby Walters
390bbacd80 Moved setup-php to correct location 2021-06-15 00:03:45 +02:00
Barnaby Walters
6ee1c0986d Fixed syntax 2021-06-15 00:03:05 +02:00
Barnaby Walters
83900d915d Set GH action to use PHP 7.3 2021-06-15 00:02:34 +02:00
Barnaby Walters
7cc21b39c3 Changed GH action 2021-06-14 23:57:45 +02:00
Barnaby Walters
a98ca9e33d Merge branch 'main' of github.com:Taproot/indieauth 2021-06-14 23:53:23 +02:00
Barnaby Walters
37ae81ed5c Fixed nyholm requirement 2021-06-14 23:53:15 +02:00
Barnaby Walters
23520e79e3
Create php.yml 2021-06-14 23:50:20 +02:00
Barnaby Walters
998c246d2d Regenerated coverage 2021-06-13 15:55:36 +02:00
Barnaby Walters
aba744948e Added quick links to README 2021-06-13 15:49:23 +02:00
Barnaby Walters
5ee97182bc Regenerated coverage to work with GH pages: 2021-06-13 15:47:54 +02:00
Barnaby Walters
31bc355fcf Re-ran coverage 2021-06-13 15:37:41 +02:00
Barnaby Walters
36d56807fe Regenerated docs 2021-06-13 15:35:36 +02:00
Barnaby Walters
2255202803 Added test coverage data to docs folder so it shows up in GH pages 2021-06-13 15:35:07 +02:00
Barnaby Walters
bf16d0eb55 Improved some tests, got to 95% coverage 2021-06-13 15:30:58 +02:00
Barnaby Walters
ca1819776e Tested SingleUserPasswordAuthCallback, improved ServerTest 2021-06-13 15:24:17 +02:00
Barnaby Walters
74a5797c30 Added pseudocode example 2021-06-13 14:40:53 +02:00
Barnaby Walters
61aa7f55f9 Refactored TokenStorageInterface for an improved flow
* Now passing an auth code data validation callback to the exchange method
* Removed Token, it’s no longer necessary
* Simplified interface where possible
* All tests passing
* Updated docblocks
2021-06-13 14:34:37 +02:00
Barnaby Walters
645ab833c5 Fixed reference: 2021-06-13 12:49:23 +02:00
Barnaby Walters
b53d5fc1da Syntax-highlighted doc examples 2021-06-13 00:30:44 +02:00
Barnaby Walters
d0fa39472a ditto in README 2021-06-13 00:19:41 +02:00
Barnaby Walters
7f1cb9e8b2 Improved naming of authentication callback config key 2021-06-13 00:19:16 +02:00
Barnaby Walters
62d02dacc0 Added a bunch of extra documentation 2021-06-13 00:01:32 +02:00
Barnaby Walters
9234ad64bd parens 2021-06-12 23:27:46 +02:00
Barnaby Walters
efaa4b0cdf Added link to handleauthendpointrequest 2021-06-12 23:27:20 +02:00
Barnaby Walters
842d83af8e Made docs link more specific, added helpful links 2021-06-12 23:23:48 +02:00
Barnaby Walters
96e30c8dd1 Linked to GH pages documentation 2021-06-12 23:17:02 +02:00
Barnaby Walters
1a33705de5 Regenerated docs 2021-06-12 23:11:33 +02:00
Barnaby Walters
be44ce6330 Clarified implied provenance of example secret 2021-06-12 23:11:17 +02:00
Barnaby Walters
2f47415332 Clarified implied provenance of example secret 2021-06-12 23:11:05 +02:00
Barnaby Walters
f28471df25 Cleaned up usage examples 2021-06-12 23:10:20 +02:00
Barnaby Walters
128da7f53e Stubbed README with usage example from Server docblock 2021-06-12 23:06:55 +02:00
Barnaby Walters
02a2773c60 Added phpdoc config, generated documentation 2021-06-12 23:04:51 +02:00
Barnaby Walters
3881139b95 Refactored Server to validate params in the correct order
* Authorization requests start by validating the client_id and redirect_id, and
  if valid, any further errors are reported by redirecting to the redirect_uri
* Exchange requests attempt to exchange an auth code immediately, ensuring that
  auth codes are revoked if the exchange request results in an error (not in the
  spec explicitly, but advised by aaronpk)
2021-06-12 22:54:08 +02:00
Barnaby Walters
a0fe1b5f80 Required cache-control headers on more responses 2021-06-12 20:08:16 +02:00
Barnaby Walters
f66473cc53 Started documenting the DSC-CSRF middleware 2021-06-11 01:52:09 +02:00
Barnaby Walters
c0abe846cd Doc clarifications 2021-06-11 01:33:36 +02:00
Barnaby Walters
196d8a887f Documented Server, both important Interfaces 2021-06-11 01:21:39 +02:00
Barnaby Walters
db39fff517 Server at 100% test coverage 2021-06-10 20:46:01 +02:00
Barnaby Walters
4743922954 Implemented and tested both code exchange routes 2021-06-10 20:05:26 +02:00
Barnaby Walters
9c6ef316e1 Started implementing token exchange, tests 2021-06-10 18:25:54 +02:00
Barnaby Walters
c3b4e5ec5b Started implementing token exchange, tests 2021-06-10 18:23:21 +02:00
Barnaby Walters
9fc7299232 Added auth request parameter validation, tests. Started work on exchange methods 2021-06-10 18:18:49 +02:00
Barnaby Walters
e3c3d124bb Added auth request parameter validation, tests. Started work on exchange methods 2021-06-10 17:49:27 +02:00
Barnaby Walters
3ae570809e Added some validation and utility functions, with tests 2021-06-10 15:37:07 +02:00
Barnaby Walters
bfadaf2fb2 Updated Server and tests to work with new TokenStorageInterface 2021-06-10 14:11:58 +02:00
Barnaby Walters
ec27c48946 Reworked TokenStorageInterface, changed JsonStorage
* TokenStorageInterface is now responsible for accessing both auth codes
  and access tokens
* TokenStorageInterface now only defines the methods strictly required
  for IndieAuth to work
* TokenStorageInterface now responsible for generating the auth code,
  making self-encoded codes possible.
* TokenStorageInterface now responsible for token lifetimes, expiry,
  and exchange
* JsonStorage implements new methods, all disk access is wrapped with
  lock acquisition

Tests not yet updated!
2021-06-09 23:46:33 +02:00