Commit Graph

374 Commits

Author SHA1 Message Date
ErickSkrauch
0183e54442
Implemented account deletion. Not all cases covered with tests [skip ci] 2020-06-12 00:27:02 +03:00
ErickSkrauch
39d7cad8b5
Fix CS 2020-06-10 17:42:02 +03:00
ErickSkrauch
3e1fb19cf3 Update smtp mail transport configuration 2019-12-29 17:59:58 +03:00
ErickSkrauch
7607248c27 Remove usage of codeception/specify and fzaninotto/faker 2019-12-29 17:55:21 +03:00
ErickSkrauch
43a4a58053 Remove usage of codeception/specify and fzaninotto/faker 2019-12-21 02:26:06 +03:00
ErickSkrauch
666213afc7 Rework email_activation model, get rid of behaviors, use json column to store additional data 2019-12-21 01:23:58 +03:00
ErickSkrauch
22e8158581 Upgrade codeception to 4 version 2019-12-20 22:50:47 +03:00
ErickSkrauch
1c76d2386e Fixes ACCOUNTS-5Z9. Add import statement for Permissions class 2019-12-15 18:33:15 +03:00
ErickSkrauch
3d89e5f94d Fixes ACCOUNTS-5Z7. Search for legacy oauth session by correct column 2019-12-15 18:01:36 +03:00
ErickSkrauch
299637cc13 Strip keys from the scopes list 2019-12-15 17:20:29 +03:00
ErickSkrauch
04e399c726 Fix tests 2019-12-15 00:49:54 +03:00
ErickSkrauch
e8b71d33d0 Get rid of mockery library. Still have some troubles with functional tests for api 2019-12-14 00:16:05 +03:00
ErickSkrauch
d9ef27b745 Cleanup code, improve typings 2019-12-13 22:27:13 +03:00
ErickSkrauch
830a17612b Get rid of ThisShouldNotHappenException 2019-12-13 20:48:13 +03:00
ErickSkrauch
26f7d6213f Update dependencies 2019-12-13 20:37:37 +03:00
ErickSkrauch
40eca5b8b6 Remove expires_in field when the access_token isn't expiring 2019-12-13 16:00:51 +03:00
ErickSkrauch
22d8971dc5 Fix redirect_uri validation for the AuthCodeGrant 2019-12-13 15:16:45 +03:00
ErickSkrauch
a8e20a9775 Replace custom aud and ely-scopes JWT claims with its public analogues 2019-12-13 13:56:09 +03:00
ErickSkrauch
274d56aa40 Set expires_in value for issue access token response 2019-12-11 19:44:55 +03:00
ErickSkrauch
f06354638e Disallow to perform oauth2 authentication for applications that have no corresponding type 2019-12-11 14:41:37 +03:00
ErickSkrauch
9da58beccf Add deprecation notices 2019-12-11 14:24:31 +03:00
ErickSkrauch
2caf0558de Use paragonie's Base64UrlSafe encoding library 2019-12-11 14:16:11 +03:00
ErickSkrauch
d27070630c Fix revokation validation. Add additional tests cases 2019-12-10 22:51:11 +03:00
ErickSkrauch
016a193263 Introduce revokation mechanism 2019-12-10 01:38:09 +03:00
ErickSkrauch
ba7fad84a0 Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever. 2019-12-09 19:31:54 +03:00
ErickSkrauch
efb97a2006 Set access tokens TTL depending on the requested scopes 2019-12-06 19:07:08 +03:00
ErickSkrauch
f0a73f2b7a Make tokens, created by client credentials grant to live forever 2019-12-06 18:31:04 +03:00
ErickSkrauch
6fb32ec76d Use libsodium to encrypt all data, related to OAuth2 2019-12-06 14:37:51 +03:00
ErickSkrauch
642db2e045 Use libsodium to encrypt data, stored in jwt tokens 2019-12-05 19:37:46 +03:00
ErickSkrauch
c3ffb08c4a Cleanup session server module 2019-12-05 01:15:45 +03:00
ErickSkrauch
25f1ca912c Fix tests 2019-12-05 00:52:36 +03:00
ErickSkrauch
a81ef5cac2 Replace separate minecraft access tokens with JWT 2019-12-04 21:10:15 +03:00
ErickSkrauch
060a4e960a Handle legacy refresh tokens 2019-12-04 13:40:12 +03:00
ErickSkrauch
a9a56c9e1d Extract encryption key into the configuration param 2019-12-04 13:24:30 +03:00
ErickSkrauch
72cbf16c97 Merge branch 'master' into oauth_jwt_tokens
# Conflicts:
#	api/components/OAuth2/Entities/AccessTokenEntity.php
#	api/components/OAuth2/Entities/RefreshTokenEntity.php
#	api/components/OAuth2/Grants/RefreshTokenGrant.php
#	api/components/OAuth2/Storage/SessionStorage.php
#	api/components/User/OAuth2Identity.php
2019-12-04 01:17:12 +03:00
ErickSkrauch
46b771a061 Fixes ACCOUNTS-5VE 2019-12-02 22:28:47 +03:00
ErickSkrauch
9557064a97 Fixes ACCOUNTS-5VF 2019-12-02 22:22:51 +03:00
ErickSkrauch
01028cf378 Fixes ACCOUNTS-5VC. Handle the case when there is missing session for access or refresh token 2019-12-02 22:15:52 +03:00
ErickSkrauch
22ef41ac7c Fixes ACCOUNTS-5V9. Handle case when access token don't have associated account 2019-12-02 21:15:18 +03:00
ErickSkrauch
e52dbdbf19 Do not include offline_access scope into access_token 2019-11-07 01:12:18 +03:00
ErickSkrauch
da318ef2ed Merge branch 'master' into oauth_jwt_tokens 2019-11-07 00:00:26 +03:00
ErickSkrauch
22982b319b Fix all tests 2019-09-24 01:56:32 +03:00
ErickSkrauch
2beacd0827 Add tests for the legacy tokens, fix some tests cases [skip ci] 2019-09-23 01:03:36 +03:00
ErickSkrauch
a148da2ecf Add tests for the legacy tokens 2019-09-23 00:53:13 +03:00
ErickSkrauch
cf62c686b1 Rework identity provider for the legacy OAuth2 tokens [skip ci] 2019-09-22 19:24:22 +03:00
ErickSkrauch
c722c46ad5 Add support for the legacy refresh tokens, make the new refresh tokens non-expire [skip ci] 2019-09-22 02:42:08 +03:00
ErickSkrauch
5536c34b9c Restore full functionality of OAuth2 server [skip ci] 2019-09-22 00:19:11 +03:00
ErickSkrauch
45101d6453 Completely restored authorization_code grant for user side.
Reworked oauth_sessions table.
Added extension to use MariaDB's JSON columns.
Rewritten tests for authorization_code grant for client side.
Deprecate some old shit.
[skip ci]
2019-09-18 02:15:12 +03:00
ErickSkrauch
8a1d7148d0 Implemented public scopes repository. Fix some auth cases [skip ci] 2019-09-13 01:19:03 +03:00
ErickSkrauch
4dc2a3025b Rewrite tests for OAuth2 validate and auth code complete steps [skip ci] 2019-09-06 02:33:16 +03:00
ErickSkrauch
29fc267148 Do not delete minecraft access token after its validation 2019-09-01 23:10:47 +03:00
ErickSkrauch
0b63dc2d84 Upgrade oauth2-server to 8.0.0 version, rewrite repositories and entities, start rewriting tests. Intermediate commit [skip ci] 2019-08-23 11:28:04 +03:00
ErickSkrauch
23a220637c Define default value for AUTHSERVER_HOST 2019-08-08 02:49:04 +03:00
ErickSkrauch
fff358e038 Merge branch 'jwt-encryption-algorithm' into 'master'
Implemented Rs256 jwt encryption algorithm

See merge request elyby/accounts!7
2019-08-02 21:27:07 +00:00
ErickSkrauch
6ad66b28cf Generate keys pair if they aren't exists 2019-08-02 19:16:34 +03:00
ErickSkrauch
967d8b11a0 Improve tests coverage 2019-08-02 18:32:08 +03:00
ErickSkrauch
d9f2b1a8c9 Upgrade PHPUnit to 8. Replace codeception/base with codeception/codeception due to release bug in the base version. 2019-08-02 15:57:17 +03:00
ErickSkrauch
f2ab7346aa Fixed almost everything, but all functional tests are broken at the last minute :( 2019-08-02 03:29:20 +03:00
ErickSkrauch
6bd054e743 Fix some tests 2019-08-01 19:58:18 +03:00
ErickSkrauch
45c2ed601d Replace emarref/jwt with lcobucci/jwt
Refactor all JWT-related components
Replace RS256 with ES256 as a preferred JWT algorithm
2019-08-01 12:17:12 +03:00
valik
b2bd267eda Removed change skin scope from refresh code 2019-07-31 15:23:01 +03:00
ErickSkrauch
4c2a9cc172 Cleanup User Component, update tests 2019-07-26 17:04:57 +03:00
valik
e23c3aeaed Implemented change skin scope 2019-07-26 12:49:48 +03:00
valik
445c234360 Added jwt public and private key path params to user component 2019-07-26 11:11:09 +03:00
valik
3f9ee42539 Implemented Rs256 jwt encryption algorithm 2019-07-25 16:29:08 +03:00
ErickSkrauch
3dbf29d34c Translate all code comments from Russian to English [skip ci] 2019-07-15 01:59:56 +03:00
ErickSkrauch
31069562b3 Update Yii2 framework to the latest version 2019-06-18 02:37:04 +03:00
ErickSkrauch
d5cb0f304c Add tests for emails renderer api client and Yii2 wrapper component 2019-06-18 01:19:07 +03:00
ErickSkrauch
75fdd5d1ba Upgrade Codeception to 3 version. Remove codeception/verify. 2019-05-14 02:12:49 +03:00
ErickSkrauch
194a7acd2a Fixes ACCOUNTS-5FF. Handle 204 response from Chrly. 2019-05-13 19:39:11 +03:00
ErickSkrauch
f33439d829 Completely untie the backend from the frontend.
Build nginx and mariadb together with the app image.
Upgrade docker-compose configuration to 3 version.
Add cleanup step to the gitlab-ci.
2019-04-06 15:52:23 +02:00
ErickSkrauch
e13b6f0d94 Upgrade PHP to 7.3 and fix some related code errors. Disable self_accessor fixer for PHP-CS-Fixer 2019-04-06 04:15:23 +02:00
ErickSkrauch
b20825a051 Update ely/php-code-style and run updated CS fixer 2019-02-26 02:26:02 +03:00
ErickSkrauch
ea4ebd19ef Update dependencies 2019-02-23 17:15:20 +03:00
ErickSkrauch
1cafa36b98 Fix codestyle 2019-02-23 02:27:38 +03:00
ErickSkrauch
b05dc6816e Rework tests structure. Upgrade codeception to 2.5.3. Merge params configuration into app configuration. 2019-02-20 22:58:52 +03:00
ErickSkrauch
918501da81 Implemented the ability to get information about the current account by 0 id 2019-01-24 19:29:46 +03:00
ErickSkrauch
3646bfcb64 Fixes ACCOUNTS-54A. Include deleted applications in the lookup for exists applications. 2018-11-11 13:48:23 +03:00
ErickSkrauch
262142a835 Disable csrf cookies for api 2018-07-11 01:38:48 +03:00
ErickSkrauch
c0aa78d156 Implemented WebHooks delivery queue.
Completely removed usage of the RabbitMQ. Queue now based on Redis channels.
Worker process now extracted as separate docker container.
Base image upgraded to the 1.8.0 version (PHP 7.2.7 and pcntl extension).
2018-07-08 18:20:19 +03:00
ErickSkrauch
02ea7346a8 Implemented PHP-CS-Fixer support 2018-04-17 23:47:25 +03:00
ErickSkrauch
4ee8544355 Fix 403 error on not exists application.
Remove countUsers from minecraft server application type.
2018-03-25 22:21:22 +03:00
ErickSkrauch
5a8c2641c1 Replace google.com/recaptcha to recaptcha.net domain to possibly solve China troubles 2018-03-16 19:05:39 +03:00
ErickSkrauch
673429e577 Implementation of the backend for the OAuth2 clients management 2018-02-28 01:27:35 +03:00
ErickSkrauch
ddec87e3a9 Include composer.lock in the repository. Update dependencies. 2018-02-19 20:06:43 +03:00
ErickSkrauch
013ddd1b1b Добавлено экранирование # символа в QR коде 2018-01-28 13:34:27 +03:00
ErickSkrauch
c6d18f49e7 Улучшено логгирование метрик в statsd 2018-01-02 20:45:04 +03:00
ErickSkrauch
e3a99f04fe Fixes ACCOUNTS-37R 2018-01-02 20:22:56 +03:00
ErickSkrauch
120057b66c Fixes ACCOUNTS-322 2018-01-02 19:29:34 +03:00
ErickSkrauch
5649c49a57 Fixes ACCOUNTS-319 2018-01-01 17:12:15 +03:00
ErickSkrauch
40625dbef9 Упразднено использование aud и iss полей для JWT токенов 2017-12-02 22:09:17 +03:00
ErickSkrauch
9356ad24b3 Больше не игнорируем JWT InvalidSubjectException
UnauthorizedHttpException в User/Component больше не логгируется
2017-12-02 21:04:48 +03:00
ErickSkrauch
b8049e8899 Обновлены тесты для всех форм, что отправляли письма 2017-11-28 14:40:24 +03:00
ErickSkrauch
88175fea48 Отправка всех email вынесена в очередь 2017-11-28 14:33:48 +03:00
ErickSkrauch
6f7fcf9e44 Логгируем информацию о типе используемого токена при авторизации на сервере 2017-11-22 22:47:35 +03:00
ErickSkrauch
a94e7095c8 Интегрирован сбор метрик в действия с аккаунтом 2017-11-22 22:47:35 +03:00
ErickSkrauch
6ee40f3fcc Интегрирован сбор метрик в oauth2 процесс 2017-11-22 22:47:35 +03:00
ErickSkrauch
63db3adca9 Добавлена аннотация для сбора метрик из моделей Yii2 и интегрирована в формы авторизации и регистрации 2017-11-22 22:47:35 +03:00
ErickSkrauch
236f0e7d50 Интегрирован сбор метрик в sessionserver 2017-11-22 22:47:35 +03:00
ErickSkrauch
72f546c827 Добавлена запись метрики времени работы приложения 2017-11-22 22:47:35 +03:00