Commit Graph

137 Commits

Author SHA1 Message Date
tigerbot 197c0fdcb2 changed how the default session/directive storage works 2017-07-31 16:42:22 -06:00
tigerbot 5a5488f504 changed the API for most of the crypto functions
thus far I don't think anyone uses those functions so this should be safe
2017-07-28 13:02:36 -06:00
tigerbot 28dbf9ab23 changed how grants are saved and how tokens are created for other clients 2017-07-26 18:15:09 -06:00
tigerbot 1ca6f0a324 updated how grants are retrieved 2017-07-26 16:27:03 -06:00
tigerbot c38554a9dd added check for non-expired refresh token for session refresh 2017-07-25 17:18:14 -06:00
Drew Warren 9574d9b982 Add subject to clientParams 2017-07-05 16:38:14 -06:00
AJ ONeal 1d639dc080 seth noticed a typo, fixed 2017-06-14 22:56:02 +00:00
AJ ONeal 2bf75a7429 add setIdentityProvider and setResourceProvider 2017-06-14 22:32:21 +00:00
AJ ONeal b9664e4e65 typo fix 2017-06-14 21:43:25 +00:00
AJ ONeal f10dee9167 use api url for refresh tokens 2017-05-30 01:14:09 +00:00
AJ ONeal 32609e20fa merge bugfixes 2017-05-29 17:57:29 -04:00
AJ ONeal 239980e5c2 use API url :) 2017-05-27 00:30:48 +00:00
AJ ONeal 372f633625 allow ppid from accounts token 2017-05-24 08:57:52 +00:00
AJ ONeal 985c65483a Merge branch 'master' into api-hostname 2017-05-24 08:48:31 +00:00
AJ ONeal 5e10e1893d remove moot session var 2017-05-24 08:48:07 +00:00
AJ ONeal 91cd5d87fd back-compat for accountless creds 2017-05-24 07:56:49 +00:00
AJ ONeal 45f8f640c8 normalize api urls 2017-05-24 03:25:09 +00:00
AJ ONeal ac47b7314d allow for api-hostname template 2017-05-24 01:00:07 +00:00
AJ ONeal 90e42e13d4 Merge branch 'master' of git.daplie.com:OAuth3/oauth3.js 2017-05-08 17:42:38 -06:00
AJ ONeal ec33e667b3 don't omit scope, duh 2017-05-08 23:39:56 +00:00
AJ ONeal 87ba1e4298 warn browser users loud and clear that only https is supported 2017-05-08 16:18:49 -06:00
AJ ONeal daa92fa829 add missing semis 2017-04-14 16:52:00 -06:00
AJ ONeal 3a805d071a set provider_uri and client_uri from session when manually setting 2017-04-05 19:02:06 -06:00
AJ ONeal f72c1a333c red herring strikes again - let's log the correct variable, eh? 2017-04-04 16:43:28 -06:00
AJ ONeal e8c631a416 Merge branch 'v1' 2017-03-29 17:23:24 -06:00
AJ ONeal 79ee4ba7da more login logic 2017-03-26 01:43:06 -06:00
AJ ONeal 8f773c9de4 don't set session without providerUri 2017-03-24 10:15:03 -06:00
AJ ONeal 4bdacf9770 accept providerUri and session on create 2017-03-24 10:13:15 -06:00
AJ ONeal f37d47b0d4 accept session as well 2017-03-24 09:59:22 -06:00
AJ ONeal abb788780d bugfix: refresh session and assign sub from sub, acs.id, or axs[0].appScopedId 2017-03-22 20:13:06 -04:00
AJ ONeal c359ed6ea9 bugfix: cache empty session (without session) 2017-03-22 18:00:41 -06:00
AJ ONeal 5ed05f03cf Merge remote-tracking branch 'origin/signing' into v1.0 2017-03-22 10:00:47 -06:00
AJ ONeal 01fbffd6c2 update api for storage and order of operations 2017-03-22 09:48:04 -06:00
AJ ONeal 5047fc1aff update sessions api 2017-03-21 17:33:03 -06:00
tigerbot 9cfd517880 Merge branch 'master' into signing 2017-03-21 14:09:45 -06:00
AJ ONeal cc4af8f95a basic node.js authentication tested 2017-03-21 01:02:41 -06:00
AJ ONeal afb021af9b playing around with node.js 2017-03-20 23:29:03 -06:00
tigerbot 06411918a7 changed jwt.verify to not directly use WebCrypto 2017-03-20 18:18:47 -06:00
AJ ONeal f2e6ea5890 test for window 2017-03-20 17:55:00 -06:00
AJ ONeal bbd75d63eb resolve providerUri on refreshToken 2017-03-16 15:41:33 -06:00
tigerbot 6ec723ec1f implemented verification of JWT signatures 2017-03-13 13:37:06 -06:00
tigerbot db9d8ff313 fixed a couple bugs found in the workflow examples 2017-03-07 14:55:27 -07:00
AJ ONeal 356a2d3131 fix _getCached 2017-03-02 13:08:14 -07:00
AJ ONeal f179cfe3c9 no session should be null, not '{}' 2017-03-02 00:49:22 -07:00
AJ ONeal 96a105c5f2 bugfix base64 replacement, session retrieval 2017-03-02 00:37:45 -07:00
AJ ONeal 1e0d129b8a bugfix api 2017-02-27 18:21:35 -07:00
AJ ONeal d261284acf Merge branch 'master' of git.daplie.com:Daplie/oauth3.js 2017-02-27 18:19:51 -07:00
AJ ONeal f7a7703b49 bugfix opts.staletime, support domains 2017-02-27 18:19:01 -07:00
drewwarren f0219f2a5f bugfix missing providerUri 2017-02-24 15:05:07 -05:00
drewwarren a839a68235 bugfix hooks; chimney 2017-02-24 14:18:45 -05:00
drewwarren c4b44a249a bugfixes for real (not mock) 2017-02-21 20:38:45 -05:00
AJ ONeal ce0bdbd108 bugfix iframe login 2017-02-21 17:37:44 -07:00
AJ ONeal 6092408a3f bugfix 2017-02-21 17:05:23 -07:00
AJ ONeal 6a56024c74 bugfixes from file renames 2017-02-21 16:54:37 -07:00
AJ ONeal 4eb078424a update docs 2017-02-21 15:32:45 -07:00
AJ ONeal 9fd9ac70e7 rename oauth3.implicit.js to oauth3.core.js 2017-02-21 14:23:22 -07:00
AJ ONeal 0f81884a5d move older files to prefactor (for reference) 2017-02-21 14:21:09 -07:00
AJ ONeal 1425d02f65 .meta -> .token 2017-02-13 12:46:20 -05:00
AJ ONeal 7de254d597 don't redirect attack your client, duh! 2017-02-10 23:45:34 -05:00
AJ ONeal 3b655720c5 merge bugfixes 2017-02-10 20:24:50 -07:00
AJ ONeal fbce24e14a bugfixes 2017-02-10 20:23:57 -07:00
AJ ONeal 67f15aebed bugfix 2017-02-10 22:23:21 -05:00
AJ ONeal 203bd24368 Freaking Works! 2017-02-10 21:34:00 -05:00
AJ ONeal 9448ffea6f WIP provider separation, grant flow 2017-02-09 21:51:22 -05:00
AJ ONeal 8a00e9c0cd assign token AFTER refresh :) 2017-02-08 14:28:56 -05:00
AJ ONeal 9af2f574c0 WIP refactor (refreshToken works) 2017-02-08 04:18:15 -05:00
AJ ONeal 7ae4d83cfe refactor browser-only code 2017-02-08 00:48:07 -05:00
AJ ONeal 3dcc52c428 fix client_uri in authorization_dialog 2017-02-07 19:24:44 -07:00
AJ ONeal fb198ab8f0 fix urlsafeBase64 to base64 2017-02-07 18:31:05 -05:00
AJ ONeal 39d3955575 otp as password 2017-02-07 14:04:29 -05:00
AJ ONeal f9dab83c58 update url gens 2017-02-07 12:23:30 -05:00
AJ ONeal 2d10171de7 handle nested search in hash and discover as index.html 2017-02-06 14:41:33 -07:00
AJ ONeal 4e225e95c9 consider rpc implementation 2017-02-06 14:26:59 -07:00
AJ ONeal a43282fab6 secure state, api fix for discover(), url trailing slash fix 2017-02-06 13:26:46 -07:00
AJ ONeal 9962c72e60 merge master to v1 2017-02-06 11:41:01 -07:00
AJ ONeal b6919f0955 move to towards discrete xd callbacks 2017-01-31 19:12:31 -07:00
AJ ONeal 0e7d7ecaea fix url-safe base64 jwt encoding 2017-01-24 13:16:21 -07:00
AJ ONeal 6f86d6ea6c add unsecured jwt 2017-01-24 13:10:16 -07:00
AJ ONeal 35f4708d9a use appId || clientId 2017-01-24 10:43:46 -07:00
AJ ONeal e9ee69a178 add queryparse 2017-01-23 12:51:34 -07:00
AJ ONeal 30d62f94e0 add refreshToken, cleanup scopestringify 2017-01-19 01:08:07 +00:00
AJ ONeal 2199d78451 ignore 'undefined' rather than stringify 2017-01-18 16:24:30 -05:00
AJ ONeal 4b041ca0cf jwk is already the standard for public key ;) 2017-01-18 04:37:54 -05:00
AJ ONeal 9bb628b2a7 use otp as oauth2.password 2017-01-18 04:31:00 -05:00
AJ ONeal 268d12372d adjust loginCode and resourceOwnerPassword 2017-01-18 04:26:49 -05:00
AJ ONeal 3d199e6516 placeholder for device pub key and agent 2017-01-17 22:58:36 -05:00
AJ ONeal ef303aa2bc move core utils and url gens to own file 2017-01-17 22:29:46 -05:00