ErickSkrauch
aadbb9a0d9
Implemented an endpoint to initialize a device code authentication
2024-12-07 00:29:15 +01:00
ErickSkrauch
5ed6f0ce86
Move OAuth module from API to common and solve PHPStan's errors
2024-12-06 01:34:09 +01:00
Octol1ttle
57d492da8a
Upgrade project to PHP 8.3, add PHPStan, upgrade almost every dependency ( #36 )
...
* start updating to PHP 8.3
* taking off!
Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru>
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* dropped this
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* migrate to symfonymailer
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* this is so stupid 😭
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* ah, free, at last.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* oh, Gabriel.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* now dawns thy reckoning.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* and thy gore shall GLISTEN before the temples of man.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* creature of steel.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* my gratitude upon thee for my freedom.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* but the crimes thy kind has committed against humanity
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* Upgrade PHP-CS-Fixer and do fix the codebase
* First review round (maybe I have broken something)
* are NOT forgotten.
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
* Enable parallel PHP-CS-Fixer runner
* PHPStan level 1
* PHPStan level 2
* PHPStan level 3
* PHPStan level 4
* PHPStan level 5
* Levels 6 and 7 takes too much effort. Generate a baseline and fix them eventually
* Resolve TODO's related to the php-mock
* Drastically reduce baseline size with the Rector
* More code modernization with help of the Rector
* Update GitLab CI
---------
Signed-off-by: Octol1ttle <l1ttleofficial@outlook.com>
Co-authored-by: ErickSkrauch <erickskrauch@yandex.ru>
2024-12-02 11:10:55 +01:00
ErickSkrauch
625250b367
Fixes #35 . Make clientToken
optional during legacy Minecraft auth flow
2024-11-24 10:25:22 +01:00
ErickSkrauch
0c110213f4
Remove minecraft_access_keys table and all related code
2024-06-14 05:42:35 +02:00
ErickSkrauch
16877d502d
Drop usage of goaop, replace implementation with events
2023-11-20 04:39:13 +01:00
ErickSkrauch
47463d7435
Fix sessionserver/join endpoint: return empty response with 204 status code on success join
2023-11-16 20:21:26 +01:00
ErickSkrauch
a1eb5f3be6
Fixes ACCOUNTS-6A. Force value to string for client token validation
2023-05-26 18:48:15 +02:00
ErickSkrauch
99c983c3ea
Fixes #16 . Correctly wrap Yii2's request into the PSR's ServerRequest object
2022-12-10 03:57:43 +01:00
ErickSkrauch
262bdbc08e
Fixes #17 . Simplify redirect_uri validation rules to allow localhost
2022-12-10 02:51:47 +01:00
ErickSkrauch
f4fa5ad2df
Add additional tests cases, implemented custom error formatter
2022-01-28 12:38:00 +01:00
ErickSkrauch
31febd5606
#20 Quick implementation of the https://api.minecraftservices.com/minecraft/profile endpoint [deploy dev]
2022-01-21 21:09:46 +01:00
ErickSkrauch
f69ebf8221
Add types to the ApiController
2021-06-13 21:28:13 +02:00
ErickSkrauch
202099bf84
Implemented missing endpoint for the authlib injector
2021-06-13 21:21:25 +02:00
ErickSkrauch
e6b6f3f169
Allow users to manually decline auth request even when an application was authenticated before
2021-03-29 04:51:37 +02:00
ErickSkrauch
7a80c44cab
Alternative implementation of passing totp to the legacy Minecraft authorization protocol to not break the yggdrasil's protocol [deploy]
2021-03-08 22:21:10 +01:00
ErickSkrauch
9a3534ea2b
Add totp field for Minecraft auth protocol to login into accounts, protected with 2FA [deploy]
2021-03-08 11:26:47 +01:00
ErickSkrauch
1aed8f59cb
Return user field when requestUser param received on authentication/refresh endpoint [deploy]
2021-03-06 10:37:58 +01:00
ErickSkrauch
077db4f328
Remove authserver module restriction [deploy]
2021-03-05 16:07:55 +01:00
ErickSkrauch
4856695940
Resolves #2 . Implemented authlib-injector support
2021-03-03 15:04:42 +01:00
ErickSkrauch
9c6d9409ea
Fixes #11 . Strip slashes from profile UUID in the authserver's response
2021-02-18 00:41:38 +01:00
ErickSkrauch
356518c5b5
Merge branch 'authorized_clients_management'
2021-02-14 19:01:19 +01:00
ErickSkrauch
c64f386365
Fix incorrect response in case when user's profile for provided UUID can't be found
2020-12-18 11:12:34 +01:00
ErickSkrauch
5fc97fdd7a
Implemented oauth session revocation notification.
...
Reworked webhooks notifications constructors
2020-10-01 01:40:28 +03:00
ErickSkrauch
b904d5d314
Implemented features to revoke access for previously authorized OAuth 2.0 clients
2020-09-30 20:30:04 +03:00
ErickSkrauch
17f1794a4e
Covered all cases, fixed CS, added a new TODO
2020-06-13 01:55:02 +03:00
ErickSkrauch
0183e54442
Implemented account deletion. Not all cases covered with tests [skip ci]
2020-06-12 00:27:02 +03:00
ErickSkrauch
39d7cad8b5
Fix CS
2020-06-10 17:42:02 +03:00
ErickSkrauch
666213afc7
Rework email_activation model, get rid of behaviors, use json column to store additional data
2019-12-21 01:23:58 +03:00
ErickSkrauch
1c76d2386e
Fixes ACCOUNTS-5Z9. Add import statement for Permissions class
2019-12-15 18:33:15 +03:00
ErickSkrauch
299637cc13
Strip keys from the scopes list
2019-12-15 17:20:29 +03:00
ErickSkrauch
e8b71d33d0
Get rid of mockery library. Still have some troubles with functional tests for api
2019-12-14 00:16:05 +03:00
ErickSkrauch
d9ef27b745
Cleanup code, improve typings
2019-12-13 22:27:13 +03:00
ErickSkrauch
830a17612b
Get rid of ThisShouldNotHappenException
2019-12-13 20:48:13 +03:00
ErickSkrauch
26f7d6213f
Update dependencies
2019-12-13 20:37:37 +03:00
ErickSkrauch
40eca5b8b6
Remove expires_in field when the access_token isn't expiring
2019-12-13 16:00:51 +03:00
ErickSkrauch
274d56aa40
Set expires_in value for issue access token response
2019-12-11 19:44:55 +03:00
ErickSkrauch
d27070630c
Fix revokation validation. Add additional tests cases
2019-12-10 22:51:11 +03:00
ErickSkrauch
016a193263
Introduce revokation mechanism
2019-12-10 01:38:09 +03:00
ErickSkrauch
ba7fad84a0
Remove refresh_token from OAuth2 result. Return the same access_token as a refresh_token in case when it's requested. Make access_tokens to live forever.
2019-12-09 19:31:54 +03:00
ErickSkrauch
c3ffb08c4a
Cleanup session server module
2019-12-05 01:15:45 +03:00
ErickSkrauch
25f1ca912c
Fix tests
2019-12-05 00:52:36 +03:00
ErickSkrauch
a81ef5cac2
Replace separate minecraft access tokens with JWT
2019-12-04 21:10:15 +03:00
ErickSkrauch
72cbf16c97
Merge branch 'master' into oauth_jwt_tokens
...
# Conflicts:
# api/components/OAuth2/Entities/AccessTokenEntity.php
# api/components/OAuth2/Entities/RefreshTokenEntity.php
# api/components/OAuth2/Grants/RefreshTokenGrant.php
# api/components/OAuth2/Storage/SessionStorage.php
# api/components/User/OAuth2Identity.php
2019-12-04 01:17:12 +03:00
ErickSkrauch
22ef41ac7c
Fixes ACCOUNTS-5V9. Handle case when access token don't have associated account
2019-12-02 21:15:18 +03:00
ErickSkrauch
da318ef2ed
Merge branch 'master' into oauth_jwt_tokens
2019-11-07 00:00:26 +03:00
ErickSkrauch
c722c46ad5
Add support for the legacy refresh tokens, make the new refresh tokens non-expire [skip ci]
2019-09-22 02:42:08 +03:00
ErickSkrauch
5536c34b9c
Restore full functionality of OAuth2 server [skip ci]
2019-09-22 00:19:11 +03:00
ErickSkrauch
45101d6453
Completely restored authorization_code grant for user side.
...
Reworked oauth_sessions table.
Added extension to use MariaDB's JSON columns.
Rewritten tests for authorization_code grant for client side.
Deprecate some old shit.
[skip ci]
2019-09-18 02:15:12 +03:00
ErickSkrauch
8a1d7148d0
Implemented public scopes repository. Fix some auth cases [skip ci]
2019-09-13 01:19:03 +03:00