Commit Graph

2874 Commits

Author SHA1 Message Date
Zach Copley
d70be6d2ad Adjust API authentication to also check for OAuth protocol params in the
HTTP Authorization header, as defined in OAuth HTTP Authorization Scheme.
2010-01-29 01:54:26 +00:00
Zach Copley
8cdb319533 Remove redundant session token field from form (was already being added by base class). 2010-01-28 18:34:25 +00:00
Sarven Capadisli
588f5ec36b Removed unused variable assignment for avatar URL and added missing fn 2010-01-28 15:08:18 +01:00
Zach Copley
dac2231aaa Some adjustments to the way API auth works after merging testing and 0.9.x 2010-01-28 00:41:44 +00:00
Zach Copley
78079f34e2 Merge branch 'testing' into -1.9.x
* testing: (130 commits)
  HTTP auth provided is evaluated even if it's not required
  Rename rc3to09.sql to rc3torc4.sql to avoid confusion if we add a last-minute change after this!
  Add new oauth tables and modifications to 'consumer' table for rc4
  Centred leaderboard ad
  camelcase the uap param names
  move leaderboard to after the header
  Moved rectangle ad into aside and leaderboard to the right in header.
  Aligning wide skyscraper to the right instead of left
  CSS ids and classes fixed in UAPPlugin
  wrong height for rectangle in BlankAd
  Add the moved BlankAdPlugin
  make BlankAd dir and change to use a 1x1 image
  move BlankAdPlugin to its own dir
  Add BlankAdPlugin to test ad layout in different themes
  make uapplugin an abstract class
  move UAP plugin to core
  Lowercased switch cases in UAP Plugin
  Plugin for Universal Ad Package. Outputs four most widely used ad types.
  Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!)
  quick fix: use common_path() on realtime update JS so it works with the new JS path code (will pull from main server for now)
  ...

Conflicts:
	actions/apioauthaccesstoken.php
	actions/apioauthauthorize.php
	actions/apioauthrequesttoken.php
	actions/editapplication.php
	actions/newapplication.php
	lib/apiauth.php
	lib/queuemanager.php
	lib/router.php
2010-01-27 14:27:22 -08:00
Michele
b0a325f7d0 HTTP auth provided is evaluated even if it's not required 2010-01-27 14:06:27 -08:00
Evan Prodromou
f650b40706 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-01-27 16:37:43 -05:00
Evan Prodromou
760be76fc0 camelcase the uap param names 2010-01-27 16:34:18 -05:00
Evan Prodromou
ea123800e9 move leaderboard to after the header 2010-01-27 16:34:18 -05:00
Sarven Capadisli
1c875a5395 Moved rectangle ad into aside and leaderboard to the right in header.
Intention for this layout was to reduce whitespace in header area
2010-01-27 16:34:18 -05:00
Evan Prodromou
e9feafc3ca CSS ids and classes fixed in UAPPlugin 2010-01-27 16:34:17 -05:00
Evan Prodromou
7c54591472 make uapplugin an abstract class 2010-01-27 16:34:17 -05:00
Evan Prodromou
1758ed453b move UAP plugin to core 2010-01-27 16:34:17 -05:00
Brion Vibber
c51539804a Add persistent:true property to Stomp messages so ActiveMQ doesn't decide to discard them even though persistence is enabled on the broker. :) (Thanks Aric!) 2010-01-27 09:24:59 -08:00
Evan Prodromou
c52951cef5 Optionally set a separate Javascript server and path
We have about 10-12 JavaScript pages per Web page. They usually
are based on the same server as the Web pages, but since they're
static files, it makes sense to offload them to a lite server that
handles static files well.

This commit lets you set a separate Javascript server and path for the
default Javascript code in StatusNet.

Squashed commit of the following:

commit 139d1622fdafe5ad00c820224416d9021efc3234
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:30:24 2010 -0500

    modules that call htmloutputter::script() don't prescribe js/ path

commit c6ca3174af73efed55eaed5ff1e2a3bdc77d2d87
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 27 11:28:07 2010 -0500

    configurable server and path for javascript files
2010-01-27 11:37:22 -05:00
Zach Copley
923b7de3c6 - Check for read-only vs. read-write access to protected API resources (OAuth)
- Some cleanup
2010-01-27 08:41:26 +00:00
Siebrand Mazeland
4202ffff91 Make more complete sentence. 2010-01-27 00:57:47 +00:00
Zach Copley
aad42427cc New access admin panel for site registration settings 2010-01-26 15:56:19 -08:00
Brion Vibber
58be61b641 Control channel for queue daemons to request graceful shutdown, restart, or update to listen to a newly added or reconfigured site.
queuectl.php --update -s<site>
  queuectl.php --stop
  queuectl.php --restart

Default control channel is /topic/statusnet-control. For external utilities to send a site update ping direct to the queue server, connect via Stomp and send a message formatted thus:

  update:<nickname>

(Nickname here, *not* server hostname! The rest of the queues will be updated to use nicknames later.)

Note that all currently-connected queue daemons will get these notifications, including both queuedaemon.php and xmppdaemon.php. (XMPP will ignore site update requests for sites that it's not handling.)

Limitations:
* only implemented for stomp queue manager so far
* --update may not yet handle a changed server name properly
* --restart won't reload PHP code files that were already loaded at startup. Still need to stop and restart the daemons from 'outside' when updating code base.
2010-01-26 11:49:49 -08:00
Evan Prodromou
655573c213 Single-user mode
New configuration options to define a single-user mode. This hides
most of the "community" pages, like the public timeline and groups.
The main user's timeline becomes the main page, and most other URLs
are changed.

Switching back and forth between 1-user and multi-user mode is
probably hazardous.

Squashed commit of the following:

commit d814aa5c92d14a27a12baba7893f3f8bf63f1d08
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:17:27 2010 -0500

    don't show inbox and outbox in single-user mode

commit 47f19b9523a7015d4c6e460b73ea32c839e00aa1
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:15:22 2010 -0500

    show correct URL for logo in single-user mode

commit 552010cffc33eadbc512ec5a67619dbc2015239a
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:15:06 2010 -0500

    make singleuser its own config section

commit 786ab260a3ca172e57b555c75ca10946d8f258a1
Author: Evan Prodromou <evan@status.net>
Date:   Tue Jan 26 00:05:19 2010 -0500

    make single-user mode work

commit 5b21d7309b3a8dd5a4e0f29aea76f7897f1818b1
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 23:45:55 2010 -0500

    add single-user mode
2010-01-26 00:21:05 -05:00
Evan Prodromou
663e4e02a1 Merge branch 'master' into testing
Conflicts:
	lib/queuemanager.php
2010-01-25 18:13:09 -05:00
Evan Prodromou
b6aa1511eb Merge branch 'master' into 0.9.x 2010-01-25 18:10:59 -05:00
Evan Prodromou
e26a843caf Offload inbox updates to a queue handler to speed up posting online
Moved much of the writing that happens when posting a notice to a new
queuehandler, distribqueuehandler. This updates tags, groups, replies
and inboxes at queue time (or at Web time, if queues are disabled).

To make this work well, I had to break up the monolithic
Notice::blowCaches() and make cache blowing happen closer to where
data is updated.

Squashed commit of the following:

commit 5257626c62750ac4ac1db0ce2b71410c5711cfa3
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 14:56:41 2010 -0500

    slightly better handling of blowing tag memory cache

commit 8a22a3cdf6ec28685da129a0313e7b2a0837c9ef
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:42:56 2010 -0500

    change 'distribute' to 'distrib' so not too long for dbqueue

commit 7a063315b0f7fad27cb6fbd2bdd74e253af83e4f
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:39:15 2010 -0500

    change handle_notice() to handle() in distributqueuehandler

commit 1a39ccd28b9994137d7bfd21bb4f230546938e77
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 16:05:25 2010 -0500

    error with queuemanager

commit e6b3bb93f305cfd2de71a6340b8aa6fb890049b7
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 01:11:34 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 94d557cdc016187d1d0647ae1794cd94d6fb8ac8
Author: Evan Prodromou <evan@status.net>
Date:   Mon Jan 25 00:48:44 2010 -0500

    Blow memcache at different point rather than one big function for Notice class

commit 1c781dd08c88a35dafc5c01230b4872fd6b95182
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:54:18 2010 -0500

    move broadcasting and distributing to new queuehandler

commit da3e46d26b84e4f028f34a13fd2ee373e4c1b954
Author: Evan Prodromou <evan@status.net>
Date:   Wed Jan 20 08:53:12 2010 -0500

    Move distribution of notices to new distribute queue handler
2010-01-25 18:08:21 -05:00
Brion Vibber
f3beed6889 Fix presence notification on XMPP thread (now foreground, not background) 2010-01-25 13:49:02 -08:00
Brion Vibber
1ab2483296 Fix presence notification on XMPP thread (now foreground, not background) 2010-01-25 13:48:24 -08:00
Zach Copley
4daf76212a - Had to remove checking read vs. read-write in OAuth authenticated methods
- Will now pick up source attr from OAuth app
2010-01-25 00:51:56 +00:00
Zach Copley
8b24b5ac7b Add Start/EndSetApiUser events when setting API user via OAuth 2010-01-24 16:46:37 -08:00
Zach Copley
1f8ddf716d Check for read vs. read-write access on OAuth authenticated API mehtods. 2010-01-24 16:36:06 -08:00
Zach Copley
9e7f47652d Revoke access token UI 2010-01-24 16:36:05 -08:00
Zach Copley
cff2cfd7a7 Fix approval date and label on apps list 2010-01-24 16:36:05 -08:00
Zach Copley
c0eee277d1 Make sure applications are really looked up by consumer key 2010-01-24 16:36:05 -08:00
Zach Copley
e101a6df6b Rework application registration workflow to be more private 2010-01-24 16:36:04 -08:00
Zach Copley
8da5e98cba OAuth 1.0 working now 2010-01-24 16:36:04 -08:00
Sarven Capadisli
8d02a897dc Updated markup for application edit form; image, radios 2010-01-24 16:36:04 -08:00
Sarven Capadisli
a009052036 A little minimization 2010-01-24 16:36:04 -08:00
Sarven Capadisli
276c4a2a23 Added vcard and photo classes 2010-01-24 16:36:04 -08:00
Sarven Capadisli
34cc03c617 Moved application image inside the anchor 2010-01-24 16:36:03 -08:00
Sarven Capadisli
40c6d09c9f Added missing end tag 2010-01-24 16:36:03 -08:00
Zach Copley
8e91e05392 Make API auth handle OAuth requests w/access tokens 2010-01-24 16:36:03 -08:00
Sarven Capadisli
d998c4b1b8 Fixed tabbing 2010-01-24 16:36:03 -08:00
Sarven Capadisli
0b90f7645e Updated class for application list 2010-01-24 16:36:03 -08:00
Sarven Capadisli
4fb9b43aa2 Updated markup for application edit form submits 2010-01-24 16:36:03 -08:00
Zach Copley
c78937537e Better detial in connected OAuth applications list 2010-01-24 16:36:03 -08:00
Zach Copley
a0b8438773 Exchanging authorized request tokens for access tokens working 2010-01-24 16:36:02 -08:00
Zach Copley
e9e448bcee Workflow for request tokens and authorizing request tokens 2010-01-24 16:36:02 -08:00
Zach Copley
fa81a580bb Action for issuing a request token 2010-01-24 16:36:02 -08:00
Zach Copley
6472331be5 Stubs for API OAuth token exchange stuff 2010-01-24 16:36:02 -08:00
Zach Copley
48e5f2b3c5 Add icons/icon upload to Oauth apps 2010-01-24 16:36:02 -08:00
Zach Copley
3c2b05d222 Workflow for registering new OAuth apps pretty much done. 2010-01-24 16:36:02 -08:00
Zach Copley
9d958fd539 Reorganized the OAuth app URLs and more work on the register app workflow 2010-01-24 16:36:01 -08:00