accounts

mirror of https://github.com/elyby/accounts.git synced 2024-12-23 22:00:06 +05:30

Author	SHA1	Message	Date
ErickSkrauch	119a0f8078	Validate `user_code` expiry during the Device Code grant. Add mock responses related to the Device Code grant.	2024-12-14 18:55:31 +01:00
ErickSkrauch	2cc27d34ad	Implemented device code grant	2024-12-08 16:54:45 +01:00
ErickSkrauch	5ed6f0ce86	Move OAuth module from API to common and solve PHPStan's errors	2024-12-06 01:34:09 +01:00
Octol1ttle	57d492da8a	Upgrade project to PHP 8.3, add PHPStan, upgrade almost every dependency (#36 ) * start updating to PHP 8.3 * taking off! Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru> Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * dropped this Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * migrate to symfonymailer Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * this is so stupid 😭 Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * ah, free, at last. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * oh, Gabriel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * now dawns thy reckoning. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * and thy gore shall GLISTEN before the temples of man. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * creature of steel. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * my gratitude upon thee for my freedom. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * but the crimes thy kind has committed against humanity Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Upgrade PHP-CS-Fixer and do fix the codebase * First review round (maybe I have broken something) * are NOT forgotten. Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> * Enable parallel PHP-CS-Fixer runner * PHPStan level 1 * PHPStan level 2 * PHPStan level 3 * PHPStan level 4 * PHPStan level 5 * Levels 6 and 7 takes too much effort. Generate a baseline and fix them eventually * Resolve TODO's related to the php-mock * Drastically reduce baseline size with the Rector * More code modernization with help of the Rector * Update GitLab CI --------- Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com> Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru>	2024-12-02 11:10:55 +01:00
ErickSkrauch	625250b367	Fixes #35 . Make `clientToken` optional during legacy Minecraft auth flow	2024-11-24 10:25:22 +01:00
ErickSkrauch	0c110213f4	Remove minecraft_access_keys table and all related code	2024-06-14 05:42:35 +02:00
ErickSkrauch	16877d502d	Drop usage of goaop, replace implementation with events	2023-11-20 04:39:13 +01:00
ErickSkrauch	47463d7435	Fix sessionserver/join endpoint: return empty response with 204 status code on success join	2023-11-16 20:21:26 +01:00
ErickSkrauch	a1eb5f3be6	Fixes ACCOUNTS-6A. Force value to string for client token validation	2023-05-26 18:48:15 +02:00
ErickSkrauch	99c983c3ea	Fixes #16 . Correctly wrap Yii2's request into the PSR's ServerRequest object	2022-12-10 03:57:43 +01:00
ErickSkrauch	262bdbc08e	Fixes #17 . Simplify redirect_uri validation rules to allow localhost	2022-12-10 02:51:47 +01:00
ErickSkrauch	f4fa5ad2df	Add additional tests cases, implemented custom error formatter	2022-01-28 12:38:00 +01:00
ErickSkrauch	31febd5606	#20 Quick implementation of the https://api.minecraftservices.com/minecraft/profile endpoint [deploy dev]	2022-01-21 21:09:46 +01:00
ErickSkrauch	f69ebf8221	Add types to the ApiController	2021-06-13 21:28:13 +02:00
ErickSkrauch	202099bf84	Implemented missing endpoint for the authlib injector	2021-06-13 21:21:25 +02:00
ErickSkrauch	e6b6f3f169	Allow users to manually decline auth request even when an application was authenticated before	2021-03-29 04:51:37 +02:00
ErickSkrauch	7a80c44cab	Alternative implementation of passing totp to the legacy Minecraft authorization protocol to not break the yggdrasil's protocol [deploy]	2021-03-08 22:21:10 +01:00
ErickSkrauch	9a3534ea2b	Add totp field for Minecraft auth protocol to login into accounts, protected with 2FA [deploy]	2021-03-08 11:26:47 +01:00
ErickSkrauch	1aed8f59cb	Return user field when requestUser param received on authentication/refresh endpoint [deploy]	2021-03-06 10:37:58 +01:00
ErickSkrauch	077db4f328	Remove authserver module restriction [deploy]	2021-03-05 16:07:55 +01:00
ErickSkrauch	4856695940	Resolves #2 . Implemented authlib-injector support	2021-03-03 15:04:42 +01:00
ErickSkrauch	9c6d9409ea	Fixes #11 . Strip slashes from profile UUID in the authserver's response	2021-02-18 00:41:38 +01:00
ErickSkrauch	356518c5b5	Merge branch 'authorized_clients_management'	2021-02-14 19:01:19 +01:00
ErickSkrauch	c64f386365	Fix incorrect response in case when user's profile for provided UUID can't be found	2020-12-18 11:12:34 +01:00
ErickSkrauch	5fc97fdd7a	Implemented oauth session revocation notification. Reworked webhooks notifications constructors	2020-10-01 01:40:28 +03:00
ErickSkrauch	b904d5d314	Implemented features to revoke access for previously authorized OAuth 2.0 clients	2020-09-30 20:30:04 +03:00
ErickSkrauch	17f1794a4e	Covered all cases, fixed CS, added a new TODO	2020-06-13 01:55:02 +03:00
ErickSkrauch	0183e54442	Implemented account deletion. Not all cases covered with tests [skip ci]	2020-06-12 00:27:02 +03:00
ErickSkrauch	39d7cad8b5	Fix CS	2020-06-10 17:42:02 +03:00
ErickSkrauch	666213afc7	Rework email_activation model, get rid of behaviors, use json column to store additional data	2019-12-21 01:23:58 +03:00
ErickSkrauch	1c76d2386e	Fixes ACCOUNTS-5Z9. Add import statement for Permissions class	2019-12-15 18:33:15 +03:00
ErickSkrauch	299637cc13	Strip keys from the scopes list	2019-12-15 17:20:29 +03:00
ErickSkrauch	e8b71d33d0	Get rid of mockery library. Still have some troubles with functional tests for api	2019-12-14 00:16:05 +03:00
ErickSkrauch	d9ef27b745	Cleanup code, improve typings	2019-12-13 22:27:13 +03:00
ErickSkrauch	830a17612b	Get rid of ThisShouldNotHappenException	2019-12-13 20:48:13 +03:00
ErickSkrauch	26f7d6213f	Update dependencies	2019-12-13 20:37:37 +03:00
ErickSkrauch	40eca5b8b6	Remove expires_in field when the access_token isn't expiring	2019-12-13 16:00:51 +03:00
ErickSkrauch	274d56aa40	Set expires_in value for issue access token response	2019-12-11 19:44:55 +03:00
ErickSkrauch	d27070630c	Fix revokation validation. Add additional tests cases	2019-12-10 22:51:11 +03:00
ErickSkrauch	016a193263	Introduce revokation mechanism	2019-12-10 01:38:09 +03:00
ErickSkrauch	ba7fad84a0	Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever.	2019-12-09 19:31:54 +03:00
ErickSkrauch	c3ffb08c4a	Cleanup session server module	2019-12-05 01:15:45 +03:00
ErickSkrauch	25f1ca912c	Fix tests	2019-12-05 00:52:36 +03:00
ErickSkrauch	a81ef5cac2	Replace separate minecraft access tokens with JWT	2019-12-04 21:10:15 +03:00
ErickSkrauch	72cbf16c97	Merge branch 'master' into oauth_jwt_tokens # Conflicts: # api/components/OAuth2/Entities/AccessTokenEntity.php # api/components/OAuth2/Entities/RefreshTokenEntity.php # api/components/OAuth2/Grants/RefreshTokenGrant.php # api/components/OAuth2/Storage/SessionStorage.php # api/components/User/OAuth2Identity.php	2019-12-04 01:17:12 +03:00
ErickSkrauch	22ef41ac7c	Fixes ACCOUNTS-5V9. Handle case when access token don't have associated account	2019-12-02 21:15:18 +03:00
ErickSkrauch	da318ef2ed	Merge branch 'master' into oauth_jwt_tokens	2019-11-07 00:00:26 +03:00
ErickSkrauch	c722c46ad5	Add support for the legacy refresh tokens, make the new refresh tokens non-expire [skip ci]	2019-09-22 02:42:08 +03:00
ErickSkrauch	5536c34b9c	Restore full functionality of OAuth2 server [skip ci]	2019-09-22 00:19:11 +03:00
ErickSkrauch	45101d6453	Completely restored authorization_code grant for user side. Reworked oauth_sessions table. Added extension to use MariaDB's JSON columns. Rewritten tests for authorization_code grant for client side. Deprecate some old shit. [skip ci]	2019-09-18 02:15:12 +03:00

1 2 3

119 Commits