83ac2700c0
use indieauth.com as fallback if no authentication_endpoint is provided
2015-06-21 22:35:45 -07:00
b714d8db93
do not cache endpoints
...
Caching these would have allowed a malicious or buggy
auth/token_endpoint combination to give you credentials for another
user's domain name.
2015-05-31 09:16:40 -07:00
4d1f70b1e6
bugfix: use endpoint-for-function for more robust endpoint matching
2015-02-07 12:23:06 -08:00
474458c623
added authentication-only flow
...
- Added a separate 'authenticate' flow to provide explicit support for
calling out to indieauth without requesting any sort of access
token.
- Redirect_url is now determined automatically based on the
authenticated_handler or authorized_handler annotations
2015-02-07 09:40:31 -08:00
c8494277a8
add CSRF token to state parameter
2015-02-03 22:45:08 -08:00
408bc20956
use correct token endpoint parameters
...
client_id and state were incorrect
2015-02-02 22:51:03 -08:00
74de2173c5
debug log statements for validating access token
2015-02-02 18:05:36 -08:00
32fb204a9c
bugfix: list is not an iterator msg when processing errors
2015-02-02 08:42:38 -08:00
1da9d95fc6
rename Micropub to MicropubClient to differentiate
2015-01-28 08:38:15 -08:00
6db7529f4a
added micropub_endpoint to authorized_handler response
2015-01-19 09:44:56 -08:00
d039e29f30
improve API, add documentation
2015-01-19 09:01:56 -08:00
b958da9bd1
initial revision; support basic micropub auth
2015-01-18 23:10:37 -08:00
Kyle Mahan