ravenscroftj
/
micropub-flask-gitea
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
24 Commits 1 Branch 0 Tags 103 KiB
Commit Graph

10 Commits

Author SHA1 Message Date
Kyle Mahan 9fdd45a0de Do not burn auth codes by authenticating before requesting an access 
token

This broke authorization for endpoints that only allow a code to be
used once (e.g. Known).

A side effect is that authorization no longer falls back to authentication
if the token endpoint does not exist or returns an error.
 2016-01-27 07:24:55 -08:00
Kyle Mahan 3282bd76ba Replace next_url parameter with the more general and useful state 2015-12-13 19:50:54 -08:00
Kyle Mahan 69eb9ffb9a increment version 0.2.3 2015-06-21 22:40:44 -07:00
Kyle Mahan b714d8db93 do not cache endpoints 
Caching these would have allowed a malicious or buggy
auth/token_endpoint combination to give you credentials for another
user's domain name.
 2015-05-31 09:16:40 -07:00
Kyle Mahan 474458c623 added authentication-only flow 
- Added a separate 'authenticate' flow to provide explicit support for
  calling out to indieauth without requesting any sort of access
  token.
- Redirect_url is now determined automatically based on the
  authenticated_handler or authorized_handler annotations
 2015-02-07 09:40:31 -08:00
Kyle Mahan c8494277a8 add CSRF token to state parameter 2015-02-03 22:45:08 -08:00
Kyle Mahan 32fb204a9c bugfix: list is not an iterator msg when processing errors 2015-02-02 08:42:38 -08:00
Kyle Mahan 1da9d95fc6 rename Micropub to MicropubClient to differentiate 2015-01-28 08:38:15 -08:00
Kyle Mahan 6db7529f4a added micropub_endpoint to authorized_handler response 2015-01-19 09:44:56 -08:00
Kyle Mahan b958da9bd1 initial revision; support basic micropub auth 2015-01-18 23:10:37 -08:00