ravenscroftj
/
micropub-flask-gitea
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
39 Commits 1 Branch 0 Tags 103 KiB
Commit Graph

7 Commits

Author SHA1 Message Date
Kyle Mahan 7ce70f5cac update changelog 2016-03-18 12:28:00 -07:00
Kyle Mahan 6c2f5f3f6a Support discovering endpoints from HTTP Link headers 
in addition to searching the body of the page.
 2016-03-18 09:30:49 -07:00
Kyle Mahan 9fdd45a0de Do not burn auth codes by authenticating before requesting an access 
token

This broke authorization for endpoints that only allow a code to be
used once (e.g. Known).

A side effect is that authorization no longer falls back to authentication
if the token endpoint does not exist or returns an error.
 2016-01-27 07:24:55 -08:00
Kyle Mahan 3282bd76ba Replace next_url parameter with the more general and useful state 2015-12-13 19:50:54 -08:00
Kyle Mahan 69eb9ffb9a increment version 0.2.3 2015-06-21 22:40:44 -07:00
Kyle Mahan b714d8db93 do not cache endpoints 
Caching these would have allowed a malicious or buggy
auth/token_endpoint combination to give you credentials for another
user's domain name.
 2015-05-31 09:16:40 -07:00
Kyle Mahan 474458c623 added authentication-only flow 
- Added a separate 'authenticate' flow to provide explicit support for
  calling out to indieauth without requesting any sort of access
  token.
- Redirect_url is now determined automatically based on the
  authenticated_handler or authorized_handler annotations
 2015-02-07 09:40:31 -08:00