ErickSkrauch
0c110213f4
Remove minecraft_access_keys table and all related code
2024-06-14 05:42:35 +02:00
ErickSkrauch
2111e1769f
Introduce an API endpoint to obtain public keys, that can be used to verify access tokens on other services
2024-06-14 04:36:49 +02:00
ErickSkrauch
17109f8eb5
Remove unused HS256 signing algorithm
2024-06-14 03:21:00 +02:00
ErickSkrauch
0a666e1e12
Extract public key from private pem file at runtime
2024-06-14 03:03:10 +02:00
ErickSkrauch
c34a2db063
Add account_info permission to tokens obtained via legacy authserver API [deploy dev]
2022-01-24 12:01:11 +01:00
ErickSkrauch
2a4f29801d
Fixes ACCOUNTS-2. Catch decryption exception for OAuth2 flow
2020-08-23 00:23:36 +03:00
ErickSkrauch
5fbc167708
Fix the case when the redirect_uri is null
2020-06-20 19:10:13 +03:00
ErickSkrauch
3d89e5f94d
Fixes ACCOUNTS-5Z7. Search for legacy oauth session by correct column
2019-12-15 18:01:36 +03:00
ErickSkrauch
22d8971dc5
Fix redirect_uri validation for the AuthCodeGrant
2019-12-13 15:16:45 +03:00
ErickSkrauch
a8e20a9775
Replace custom aud and ely-scopes JWT claims with its public analogues
2019-12-13 13:56:09 +03:00
ErickSkrauch
f06354638e
Disallow to perform oauth2 authentication for applications that have no corresponding type
2019-12-11 14:41:37 +03:00
ErickSkrauch
9da58beccf
Add deprecation notices
2019-12-11 14:24:31 +03:00
ErickSkrauch
2caf0558de
Use paragonie's Base64UrlSafe encoding library
2019-12-11 14:16:11 +03:00
ErickSkrauch
d27070630c
Fix revokation validation. Add additional tests cases
2019-12-10 22:51:11 +03:00
ErickSkrauch
016a193263
Introduce revokation mechanism
2019-12-10 01:38:09 +03:00
ErickSkrauch
ba7fad84a0
Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever.
2019-12-09 19:31:54 +03:00
ErickSkrauch
efb97a2006
Set access tokens TTL depending on the requested scopes
2019-12-06 19:07:08 +03:00
ErickSkrauch
f0a73f2b7a
Make tokens, created by client credentials grant to live forever
2019-12-06 18:31:04 +03:00
ErickSkrauch
6fb32ec76d
Use libsodium to encrypt all data, related to OAuth2
2019-12-06 14:37:51 +03:00
ErickSkrauch
642db2e045
Use libsodium to encrypt data, stored in jwt tokens
2019-12-05 19:37:46 +03:00
ErickSkrauch
25f1ca912c
Fix tests
2019-12-05 00:52:36 +03:00
ErickSkrauch
a81ef5cac2
Replace separate minecraft access tokens with JWT
2019-12-04 21:10:15 +03:00
ErickSkrauch
060a4e960a
Handle legacy refresh tokens
2019-12-04 13:40:12 +03:00
ErickSkrauch
a9a56c9e1d
Extract encryption key into the configuration param
2019-12-04 13:24:30 +03:00
ErickSkrauch
e52dbdbf19
Do not include offline_access scope into access_token
2019-11-07 01:12:18 +03:00
ErickSkrauch
22982b319b
Fix all tests
2019-09-24 01:56:32 +03:00
ErickSkrauch
2beacd0827
Add tests for the legacy tokens, fix some tests cases [skip ci]
2019-09-23 01:03:36 +03:00
ErickSkrauch
a148da2ecf
Add tests for the legacy tokens
2019-09-23 00:53:13 +03:00
ErickSkrauch
cf62c686b1
Rework identity provider for the legacy OAuth2 tokens [skip ci]
2019-09-22 19:24:22 +03:00
ErickSkrauch
c722c46ad5
Add support for the legacy refresh tokens, make the new refresh tokens non-expire [skip ci]
2019-09-22 02:42:08 +03:00
ErickSkrauch
5536c34b9c
Restore full functionality of OAuth2 server [skip ci]
2019-09-22 00:19:11 +03:00
ErickSkrauch
45101d6453
Completely restored authorization_code grant for user side.
...
Reworked oauth_sessions table.
Added extension to use MariaDB's JSON columns.
Rewritten tests for authorization_code grant for client side.
Deprecate some old shit.
[skip ci]
2019-09-18 02:15:12 +03:00
ErickSkrauch
8a1d7148d0
Implemented public scopes repository. Fix some auth cases [skip ci]
2019-09-13 01:19:03 +03:00
ErickSkrauch
4dc2a3025b
Rewrite tests for OAuth2 validate and auth code complete steps [skip ci]
2019-09-06 02:33:16 +03:00
ErickSkrauch
0b63dc2d84
Upgrade oauth2-server to 8.0.0 version, rewrite repositories and entities, start rewriting tests. Intermediate commit [skip ci]
2019-08-23 11:28:04 +03:00
ErickSkrauch
fff358e038
Merge branch 'jwt-encryption-algorithm' into 'master'
...
Implemented Rs256 jwt encryption algorithm
See merge request elyby/accounts!7
2019-08-02 21:27:07 +00:00
ErickSkrauch
6ad66b28cf
Generate keys pair if they aren't exists
2019-08-02 19:16:34 +03:00
ErickSkrauch
967d8b11a0
Improve tests coverage
2019-08-02 18:32:08 +03:00
ErickSkrauch
f2ab7346aa
Fixed almost everything, but all functional tests are broken at the last minute :(
2019-08-02 03:29:20 +03:00
ErickSkrauch
45c2ed601d
Replace emarref/jwt with lcobucci/jwt
...
Refactor all JWT-related components
Replace RS256 with ES256 as a preferred JWT algorithm
2019-08-01 12:17:12 +03:00
ErickSkrauch
4c2a9cc172
Cleanup User Component, update tests
2019-07-26 17:04:57 +03:00
valik
e23c3aeaed
Implemented change skin scope
2019-07-26 12:49:48 +03:00
valik
445c234360
Added jwt public and private key path params to user component
2019-07-26 11:11:09 +03:00
valik
3f9ee42539
Implemented Rs256 jwt encryption algorithm
2019-07-25 16:29:08 +03:00
ErickSkrauch
3dbf29d34c
Translate all code comments from Russian to English [skip ci]
2019-07-15 01:59:56 +03:00
ErickSkrauch
e13b6f0d94
Upgrade PHP to 7.3 and fix some related code errors. Disable self_accessor fixer for PHP-CS-Fixer
2019-04-06 04:15:23 +02:00
ErickSkrauch
b20825a051
Update ely/php-code-style and run updated CS fixer
2019-02-26 02:26:02 +03:00
ErickSkrauch
02ea7346a8
Implemented PHP-CS-Fixer support
2018-04-17 23:47:25 +03:00
ErickSkrauch
5a8c2641c1
Replace google.com/recaptcha to recaptcha.net domain to possibly solve China troubles
2018-03-16 19:05:39 +03:00
ErickSkrauch
673429e577
Implementation of the backend for the OAuth2 clients management
2018-02-28 01:27:35 +03:00