Octol1ttle
4231f99717
Move new "usernames -> UUIDs" endpoint to the correct location ( #33 )
...
* change: test non-injector endpoints in non-injector tests
* fix: move new "usernames -> UUIDs" endpoint to the correct location
2024-06-17 14:02:01 +02:00
ErickSkrauch
0c110213f4
Remove minecraft_access_keys table and all related code
2024-06-14 05:42:35 +02:00
ErickSkrauch
2111e1769f
Introduce an API endpoint to obtain public keys, that can be used to verify access tokens on other services
2024-06-14 04:36:49 +02:00
ErickSkrauch
17109f8eb5
Remove unused HS256 signing algorithm
2024-06-14 03:21:00 +02:00
ErickSkrauch
0a666e1e12
Extract public key from private pem file at runtime
2024-06-14 03:03:10 +02:00
ErickSkrauch
2bc83f39cf
Fix CS
2023-11-20 02:16:44 +01:00
Octol1ttle
574d03d02f
Add a redirect for new Usernames to UUIDs endpoint ( #29 )
...
* fix: add redirect for new "Usernames to UUIDs" endpoint location
"As of 23w42a, the endpoint moved to: 'POST https://sessionserver.mojang.com/session/minecraft/profile/lookup/bulk/byname '
"
https://wiki.vg/Mojang_API#Usernames_to_UUIDs
* add a redirect for authlib-injector too
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* revert: .gitignore
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* tests: pass new URL to existing tests
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* review: address requested changes
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* style: add type hints to MinecraftProfilesCest functions too
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
---------
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
2023-11-20 01:36:39 +01:00
Octol1ttle
88ff766054
fix: add missing response checks in SessionServerSteps tests
...
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
2023-11-17 14:20:32 +05:00
ErickSkrauch
d2d4045e61
Fix tests for authlib-injector endpoints
2023-11-16 20:25:52 +01:00
ErickSkrauch
47463d7435
Fix sessionserver/join endpoint: return empty response with 204 status code on success join
2023-11-16 20:21:26 +01:00
ErickSkrauch
99c983c3ea
Fixes #16 . Correctly wrap Yii2's request into the PSR's ServerRequest object
2022-12-10 03:57:43 +01:00
ErickSkrauch
262bdbc08e
Fixes #17 . Simplify redirect_uri validation rules to allow localhost
2022-12-10 02:51:47 +01:00
ErickSkrauch
9c39e97640
Merge pull request #21 from elyby/iss_20_minecraftservices_profile
...
MinecraftServices Profile info API endpoint
2022-12-10 00:16:40 +01:00
ErickSkrauch
b113beb78e
Fixes #27 . Serialize empty textures as an object
2022-12-05 22:50:22 +01:00
ErickSkrauch
f4fa5ad2df
Add additional tests cases, implemented custom error formatter
2022-01-28 12:38:00 +01:00
ErickSkrauch
9593d1e809
Fix tests according to the latest permissions change [deploy dev]
2022-01-24 12:07:12 +01:00
ErickSkrauch
31febd5606
#20 Quick implementation of the https://api.minecraftservices.com/minecraft/profile endpoint [deploy dev]
2022-01-21 21:09:46 +01:00
ErickSkrauch
202099bf84
Implemented missing endpoint for the authlib injector
2021-06-13 21:21:25 +02:00
ErickSkrauch
e6b6f3f169
Allow users to manually decline auth request even when an application was authenticated before
2021-03-29 04:51:37 +02:00
ErickSkrauch
7a80c44cab
Alternative implementation of passing totp to the legacy Minecraft authorization protocol to not break the yggdrasil's protocol [deploy]
2021-03-08 22:21:10 +01:00
ErickSkrauch
9a3534ea2b
Add totp field for Minecraft auth protocol to login into accounts, protected with 2FA [deploy]
2021-03-08 11:26:47 +01:00
ErickSkrauch
1aed8f59cb
Return user field when requestUser param received on authentication/refresh endpoint [deploy]
2021-03-06 10:37:58 +01:00
ErickSkrauch
4856695940
Resolves #2 . Implemented authlib-injector support
2021-03-03 15:04:42 +01:00
ErickSkrauch
9c6d9409ea
Fixes #11 . Strip slashes from profile UUID in the authserver's response
2021-02-18 00:41:38 +01:00
ErickSkrauch
356518c5b5
Merge branch 'authorized_clients_management'
2021-02-14 19:01:19 +01:00
ErickSkrauch
c64f386365
Fix incorrect response in case when user's profile for provided UUID can't be found
2020-12-18 11:12:34 +01:00
ErickSkrauch
7da6a952ee
Fix tests
2020-10-02 18:14:43 +03:00
ErickSkrauch
b904d5d314
Implemented features to revoke access for previously authorized OAuth 2.0 clients
2020-09-30 20:30:04 +03:00
ErickSkrauch
17f1794a4e
Covered all cases, fixed CS, added a new TODO
2020-06-13 01:55:02 +03:00
ErickSkrauch
0183e54442
Implemented account deletion. Not all cases covered with tests [skip ci]
2020-06-12 00:27:02 +03:00
ErickSkrauch
43a4a58053
Remove usage of codeception/specify and fzaninotto/faker
2019-12-21 02:26:06 +03:00
ErickSkrauch
666213afc7
Rework email_activation model, get rid of behaviors, use json column to store additional data
2019-12-21 01:23:58 +03:00
ErickSkrauch
22e8158581
Upgrade codeception to 4 version
2019-12-20 22:50:47 +03:00
ErickSkrauch
04e399c726
Fix tests
2019-12-15 00:49:54 +03:00
ErickSkrauch
e8b71d33d0
Get rid of mockery library. Still have some troubles with functional tests for api
2019-12-14 00:16:05 +03:00
ErickSkrauch
d9ef27b745
Cleanup code, improve typings
2019-12-13 22:27:13 +03:00
ErickSkrauch
40eca5b8b6
Remove expires_in field when the access_token isn't expiring
2019-12-13 16:00:51 +03:00
ErickSkrauch
a8e20a9775
Replace custom aud and ely-scopes JWT claims with its public analogues
2019-12-13 13:56:09 +03:00
ErickSkrauch
2caf0558de
Use paragonie's Base64UrlSafe encoding library
2019-12-11 14:16:11 +03:00
ErickSkrauch
d27070630c
Fix revokation validation. Add additional tests cases
2019-12-10 22:51:11 +03:00
ErickSkrauch
016a193263
Introduce revokation mechanism
2019-12-10 01:38:09 +03:00
ErickSkrauch
ba7fad84a0
Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever.
2019-12-09 19:31:54 +03:00
ErickSkrauch
efb97a2006
Set access tokens TTL depending on the requested scopes
2019-12-06 19:07:08 +03:00
ErickSkrauch
f0a73f2b7a
Make tokens, created by client credentials grant to live forever
2019-12-06 18:31:04 +03:00
ErickSkrauch
6fb32ec76d
Use libsodium to encrypt all data, related to OAuth2
2019-12-06 14:37:51 +03:00
ErickSkrauch
642db2e045
Use libsodium to encrypt data, stored in jwt tokens
2019-12-05 19:37:46 +03:00
ErickSkrauch
25f1ca912c
Fix tests
2019-12-05 00:52:36 +03:00
ErickSkrauch
a81ef5cac2
Replace separate minecraft access tokens with JWT
2019-12-04 21:10:15 +03:00
ErickSkrauch
e52dbdbf19
Do not include offline_access scope into access_token
2019-11-07 01:12:18 +03:00
ErickSkrauch
22982b319b
Fix all tests
2019-09-24 01:56:32 +03:00