mod_http_oauth2: Switch to '303 See Other' redirects
|
Matthew Wild |
23 months ago |
mod_http_oauth2: Allow non-HTTPS on localhost URLs
|
Matthew Wild |
23 months ago |
mod_http_oauth2: Add authentication, consent and error pages
|
Matthew Wild |
23 months ago |
mod_http_oauth: Factor out issuer URL calculation to a helper function
|
Matthew Wild |
23 months ago |
mod_http_oauth2: Clarify comment referencing mod_http_errors (thanks MattJ)
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Specify host for which to retrieve list of roles
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Return list of active roles in discovery
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Return actually enabled response types in discovery
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Calculate client secret expiry in registration response
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Strip trailing '/' from issuer URL
|
Matthew Wild |
23 months ago |
mod_http_oauth2: Advertise endpoints that are enabled
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Separate client_secret verification key from JWT key
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Fix response type config
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Remove error message
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Mention name of client when giving out OOB authorization code
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Comment on mutation by other module
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Implement stateless dynamic client registration
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Add support for 'iss' authz response parameter (RFC 9207)
|
Matthew Wild |
23 months ago |
mod_http_oauth2: Derive scope from correct user details
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Fix to actually return OOB response
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Add OIDC discovery endpoint (thanks Zash)
|
Matthew Wild |
23 months ago |
mod_http_oauth2: Implement OOB special redirect URI in code flow
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Add settings for allowed grant and response types
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Implement the Implicit flow
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Fix treatment of 'redirect_uri' parameter in code flow
|
Kim Alvefur |
23 months ago |
mod_http_oauth2: Issue tokens for the purpose of 'oauth2'
|
Kim Alvefur |
24 months ago |
mod_http_oauth2: Fix removal of consumed authorization codes
|
Kim Alvefur |
24 months ago |
mod_http_oauth2: Update for new new role API
|
Matthew Wild |
2022-08-18 |
mod_http_oauth2: Updates for Prosody's new role API (backwards-compatible)
|
Matthew Wild |
2022-07-13 |
mod_http_oauth2: Gracefully handle cache write failure
|
Kim Alvefur |
2021-09-02 |
mod_http_oauth2: Optimize cleanup timer
|
Kim Alvefur |
2021-09-02 |
mod_http_oauth2: Add endpoint to revoke a key (RFC 7009 kinda)
|
Matthew Wild |
2021-01-21 |
mod_http_oauth2: Rudimentary support for scopes (but not really)
|
Matthew Wild |
2021-01-16 |
mod_http_oauth2: Fix passing OAuth-specific error details
|
Kim Alvefur |
2020-11-28 |
mod_http_oauth2: Periodically trim unused authorization codes
|
Kim Alvefur |
2020-11-22 |
mod_http_oauth2: Keep authorization codes in memory instead of storage
|
Kim Alvefur |
2020-11-22 |
mod_http_oauth2: Reduce authorization code validity time to 2 minutes
|
Kim Alvefur |
2020-11-22 |
mod_http_oauth2: Factor out authorization code validity decision
|
Kim Alvefur |
2020-11-22 |
mod_http_oauth2: Add TODO
|
Kim Alvefur |
2020-11-22 |
mod_http_oauth2: Improve storage of client secret
|
Kim Alvefur |
2020-11-22 |
mod_http_oauth2: Rescope oauth client config into users' storage
|
Kim Alvefur |
2020-11-21 |
mod_http_oauth2: Remove unnecessary redirect uri check
|
Kim Alvefur |
2020-11-21 |
mod_http_oauth2: Unpack event object to improve readability
|
Kim Alvefur |
2020-11-21 |
mod_http_oauth2: Fix incomplete function arity change in dea6bea2ddd3
|
Kim Alvefur |
2020-11-21 |
mod_http_oauth2: Authorization code flow
|
Kim Alvefur |
2020-11-21 |
mod_http_oauth2: Fix typo not caught by luacheck
|
Kim Alvefur |
2020-11-09 |
mod_http_oauth2: Accept empty scope
|
Kim Alvefur |
2020-10-23 |
mod_http_oauth2: Set content type on successful repsponses (fixes #1501)
|
Kim Alvefur |
2020-03-08 |
mod_http_oauth2: Use component_secret setting as password on Components
|
Kim Alvefur |
2020-02-27 |
mod_http_oauth2: Allow creation of full JID tokens
|
Kim Alvefur |
2020-02-27 |
mod_http_oauth2: Refactor re-joining of JID out of token constructor
|
Kim Alvefur |
2020-02-27 |
mod_rest, mod_http_oauth2: Switch from mod_authtokens to mod_tokenauth per Prosody bf81523e2ff4
|
Matthew Wild |
2020-02-26 |
mod_http_oauth2: Implement real tokens using mod_authtokens
|
Matthew Wild |
2020-02-26 |
mod_http_oauth2: OAuth2 API (work in progress for developers only)
|
Matthew Wild |
2020-02-23 |