Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/freerange/oauth2-provider

An OAuth2 Provider for Rack-based apps (deprecated/not supported)
https://github.com/freerange/oauth2-provider

Tweaks to README

d8c390f523e921df48a0cb11939497811b93b49c authored about 7 years ago by James Mead <[email protected]>
Offer to handover repo in deprecation notice

6cb4dc885f9c9a63ce580dde5227a259b7340d3a authored about 7 years ago by James Mead <[email protected]>
Mention security vulnerabilities in deprecation notice

f42204335d843015937b83c4a74f2dcec673edd3 authored about 7 years ago by James Mead <[email protected]>
Add deprecation notice to README

163a5124765cc83f0f58dab9f6758e2bd28bda6f authored about 7 years ago by James Mead <[email protected]>
Merge pull request #39 from socialcast/quiet-mongo-log-in-tests

Set Mongoid logging level to INFO

540b8efb7932b7a398793b98c04c46821172c491 authored over 12 years ago by Tom Ward <[email protected]>
Removed extra comma

c37de1e864cd87aa3548d4ae4b696c737aeffc86 authored over 12 years ago by Mitch Williams <[email protected]>
Set the mongo logger level to INFO to stop it from spraying debug output

all over the test results

e8d0284fc0b28a41c0e1915901112327b71dfced authored over 12 years ago by Mitch Williams <[email protected]>
Merge pull request #38 from jayzes/deprecation-warning-fixes

Fix a few Rails deprecation warnings on set_table_name

60617afdb8d933f99b0141d1cb0dd5e3813a095f authored over 12 years ago by Tom Ward <[email protected]>
Switch to new ActiveRecord table name setting syntax to get rid of the deprecation warnings

ac692ae73b14b2bd92ea1e143edee800a97db569 authored over 12 years ago by Jay Zeschin <[email protected]>
If the access token path is changed in a test, it should be changed back

This doesn't seem to me to be the nicest way of doing configuration. I think a dedicated object...

53f29f42773452c8be8bbe75eacc83c781b3b51e authored over 12 years ago by Tom Ward <[email protected]>
1.9 hash syntax accidentally snuck in.

13489e73aef24cea1edd90d842408b5f1d97ba4e authored over 12 years ago by Tom Ward <[email protected]>
Support Mongoid 3: references_in ==> belongs to AND references_many ==> has_many

0ddc8e433e3804489c87c32290c19e2290fd545c authored over 12 years ago by Alon Burg <[email protected]>
Rack body response should be an array

See http://rack.rubyforge.org/doc/classes/Rack/Response.html
or http://stackoverflow.com/question...

1f969a71ff390dd76eaaeb43fddb6abde3673899 authored over 12 years ago by Alon Burg <[email protected]>
Support non-expiring access tokens

This allows access tokens which never expire. These can be created by passing :expires_at => ni...

dda64da66baa7065ff361a40054847a338691d5c authored over 12 years ago by Tom Ward <[email protected]>
Never expired test is kind of redundant if expires_at is known to be nil

f55a8d96231c0ba061adffe8f281c26f40b2d349 authored almost 13 years ago by Tom Ward <[email protected]>
sqlite3-ruby is now known as sqlite3

6be9669c1a5de315da010fe254c14e6da503e06a authored almost 13 years ago by Tom Ward <[email protected]>
Run against ruby 1.8 and 1.9.3

9c656d5e8186f87e2c146236a831733605acc155 authored almost 13 years ago by Tom Ward <[email protected]>
Use an in-memory SQLite database to test activerecord backend

75cc9504b9d063d8a0926c949907da42c0f2a439 authored almost 13 years ago by Tom Ward <[email protected]>
AccessToken initializer needs to be compatible with mongoid, not just ActiveRecord

7753ddee0c5600c5fd5678da4b5ee4479b55d8a2 authored almost 13 years ago by Tom Ward <[email protected]>
Specs failed to run using ruby 1.9.3 and rspec 2.1, so upgraded rspec

da45e8a981cda9af2b47bf59cc56714cbce6ae29 authored almost 13 years ago by Tom Ward <[email protected]>
Merge pull request #29 from socialcast/client_credentials_basic_auth

Add client_credentials grant type

b28116657c92101408b66fc10dc707c2a573d672 authored almost 13 years ago by Tom Ward <[email protected]>
Accept client_id/client_secret encoded in Basic Auth for client_credentials grant_type

6a2be07a203c1b6ba30dfeb0c393063e3c39afb7 authored almost 13 years ago by Michael Andrews <[email protected]>
Add client_credentials grant type

8cbd7d96f657df5728da3b23cb734bd8d930fbb3 authored almost 13 years ago by Michael Andrews <[email protected]>
License the code with the MIT license.

(Apologies for the American spelling of the word licence).

86a67ad3a7dba1cf241cbcc020d26fcf959685e2 authored about 13 years ago by Tom Ward <[email protected]>
Merge pull request #24 from marnen/mongoid-fields

Require redirect_uri

8adfab27f0f6690c36d1b49abad56b3eb38bf592 authored about 13 years ago by Tom Ward <[email protected]>
Add redirect_uri as a Mongoid field.

c8c753808b36a4d8b61ef4beb3e935bf298e438a authored about 13 years ago by Marnen Laibow-Koser <[email protected]>
Merge pull request #23 from marnen/name-field

Add 'name' as a field to match ActiveRecord schema.

c5e364c318d2fefc6f69a4cc4bb79b729a1e926f authored about 13 years ago by Tom Ward <[email protected]>
Merge branch 'name-field'

e11d7c3cbf9107a9e835f651b0d3ff2207b8bef1 authored about 13 years ago by Marnen Laibow-Koser <[email protected]>
Add 'name' as a field to match ActiveRecord schema.

824d13977d2d35b20b971867d943d808ba248112 authored about 13 years ago by Marnen Laibow-Koser <[email protected]>
Merge pull request #18 from Omer/master

Allow the access token path to be configurable

ef560053f637e592ef494152ac46e71e492331fe authored over 13 years ago by Tom Ward <[email protected]>
Changed access token path to be configurable as opposed to regex.

d6fe10861edf79b44f44bb23c614e27a17d65f98 authored over 13 years ago by Omer Jakobinsky <[email protected]>
Middleware should pass requests to /\/oauth\/access_token/ to #handle_access_token_request.

ab8f0acd6cbaed6c3fda63e0db2394757518d9d0 authored over 13 years ago by Omer Jakobinsky <[email protected]>
Update version to 0.0.19, compatible with ActiveRecord 3.1.0

3b4fc3343f7b47cb42665a2f38a617063ceb2608 authored over 13 years ago by Tom Ward <[email protected]>
Use accessor to get request env

fb6736741f891beb6113bcd34208fa150e16d088 authored over 13 years ago by Tom Ward <[email protected]>
Move response methods into Responses module

7683cc51f243ca9938f9919f17a2f7bbc73f2b7e authored over 13 years ago by Tom Ward <[email protected]>
Rearrange error response methods for resource requests

0d43cd9b9cdb4c06d66f31f96cd63b1f9df583c6 authored over 13 years ago by Tom Ward <[email protected]>
Use rack auth request to get authorization header

17b6c4fe364eebabf61b833f15a5827a9003e065 authored over 13 years ago by Tom Ward <[email protected]>
Merge pull request #11 from Omer/master

Small bug fix

465353dcca4f75258f849e8286decc4580304c02 authored over 13 years ago by Tom Ward <[email protected]>
Tiny indentation fix

fc3525187f359322990f3d70f8fe70d15f957c82 authored over 13 years ago by Tom Ward <[email protected]>
Merge pull request #13 from alevy/master

Identifier and secret generation produces deprecation warning in ActiveSupport 3.1

8476779f0b65686d7c13ebc413ecdcc6704cd3dd authored over 13 years ago by Tom Ward <[email protected]>
Using SecureRandom instead of ActiveSupport::SecureRandom because it\'s deprecated in new version of active support

6569012571d187b49fd9d86245827c5b4da7766b authored over 13 years ago by Amit Levy <[email protected]>
Merge pull request #12 from alevy/master

Fix for ActiveRecord 3.1

de9e8eebc692ead5495bb85c6e6412ccecc8782b authored over 13 years ago by Tom Ward <[email protected]>
Authorization code should accept arbitrary arguments because new version of active record passes options hash as well from create

fac60c8879e73c9c83cf1f17e4f3726b6d9e8930 authored over 13 years ago by Amit Levy <[email protected]>
Assuming a user edited the value of oauth_redirect_uri and changed his mind, oauth_redirect_uri would be empty as opposed to nil and hence the method would return false.

9eb33e376efe060eda6badb962d599616883c20f authored over 13 years ago by Omer Jakobinsky <[email protected]>
Make absolutely sure that tokens, secrets, codes, etc are unique. Don't just rely on randomness.

8e6e8bdd60bffc0c9e35d937b2a9b6b2ce758f58 authored over 13 years ago by Tom Ward <[email protected]>
Invalid resource requests should respond with 401, not 400

5f1e377703146293d8b28b4f5b38bdeb592dd00a authored over 13 years ago by Tom Ward <[email protected]>
The example app should regrant existing authorizations where possible

1c144721b15bf1cd1542b9fbd9cc4f0440349484 authored over 13 years ago by Tom Ward <[email protected]>
Merge pull request #10 from alphagov/master

The example Rails app's down migration dropped a non-existent table...

87f76d69f4557291bc11ab426d5b4ffb23899898 authored over 13 years ago by Tom Ward <[email protected]>
Remove drop non-existent table command from down migration

70b511fd24c63630e34128deb8025e73280d2147 authored over 13 years ago by Matt Patterson <[email protected]>
Fixed some bugs with the oauth rails 3 example.

- Added a missing field to the schema.
- Fixed a bug in the application view template and the ho...

69ad0061bfa750d7fddfddf526ec78742b5a3be4 authored over 13 years ago by Omer Jakobinsky <[email protected]>
Release version 0.0.18

06a4c83674e424ca3682744838fc938f001b9299 authored over 13 years ago by Tom Ward <[email protected]>
Provide a mechanism to grant a new code for an existing authorization

If the end-user has already granted a client access, it should be able to regain access without ...

3d033cc96897b1257b010a59f425ee7494eb3af5 authored over 13 years ago by Tom Ward <[email protected]>
Add some tests for the middleware

In the process of adding these tests, responsibility for calling custom_failure! on warden has b...

7209fb390effc2ffae90dacdf5045e5becd2b62d authored over 13 years ago by Tom Ward <[email protected]>
Authorization code requests should be validated during initialization

d4d9999bdd605fbd1448d1561da54d441faa6ad9 authored over 13 years ago by Tom Ward <[email protected]>
Mock and stub with Mocha.

d13ec7f0aae90551529f7d0d4e782c0423209769 authored over 13 years ago by Tom Ward <[email protected]>
Release version 0.0.17

feb440d50f516ff0ebfd9bcdeaa3f5231cc35f75 authored over 13 years ago by Tom Ward <[email protected]>
Client#valid_redirection? => Client#allow_redirection?

1b23d16b969ea68a563698583c07fc2cb2ae33c2 authored over 13 years ago by Tom Ward <[email protected]>
Move responsibility for validating the redirect_uri to the client.

This should make it easier to override the behaviour without having to rewrite the request object

d5dc952817e3c73878ea7eb993cf0fba1397e989 authored over 13 years ago by Tom Ward <[email protected]>
Pass a date to Timecop.freeze, as the default in 1.9.2 seems to be year zero, causing issues in mongoid and activerecord

186ca6df34c11c36afa7b2be901b0bd9ac2b9a23 authored over 13 years ago by Tom Ward <[email protected]>
Merge pull request #7 from somuchbetter/patch-1

Ruby 1.9.2 doesn't add the current directory to the path, so be explicit when requiring the exam...

cdcd919cdee717e439c252812414b7e616dcb3e8 authored over 13 years ago by Tom Ward <[email protected]>
AuthorizationCodeRequest no longer requires the rack.env

c6d4bf9d39c26a43cbf03977385829efa5528506 authored over 13 years ago by Tom Ward <[email protected]>
throw can take an object, so no need to stash responses within the rack env

67063434cf06b932bddee8c180209b37e6433160 authored over 13 years ago by Tom Ward <[email protected]>
ActiveSupport should be required by the main oauth2/provider file, not the bundler bootstrap version

d19d387e2c776584b9404ff09bbfddd7d3e8b01d authored over 13 years ago by Tom Ward <[email protected]>
I think it's better to change this so you can run the sinatra app without any problems

b6be047f819f0a7570798f75e6537e13b98a3949 authored over 13 years ago by Dobromir Minchev <[email protected]>
Add Authorization.allowed method, returning authorizations that allow the given client, owner and scope

9623bc8c0522e2cdeb862347c5b58e0ee897338a authored over 13 years ago by Tom Ward <[email protected]>
This spec had a misleading name.

47d9911b33881666608c1b8040f31249aaf4f519 authored over 13 years ago by Tom Ward <[email protected]>
If clients have a redirect_uri recorded, ensure provided redirect_uri is from the same host

We're not checking for equality to give clients flexibility to change their callback URIs, or ev...

e228d8f7e8d84ee8753c6da5cd24d3cbca9684c6 authored over 13 years ago by Tom Ward <[email protected]>
Give apps an opportunity to display their own responses when authorization code requests are invalid

f84ee0217a3a196ad2c09f6600fbbfbe2f9f545f authored over 13 years ago by Tom Ward <[email protected]>
The latest spec (draft 16) states in 2.1.1 that 'The authorization server SHOULD NOT redirect the user-agent to unregistered or untrusted URIs'

For now respond with a 400 error, but there will be a need for users of this gem to display thei...

c2f2b9b8fda97684266530994244c63f38f6703b authored over 13 years ago by Tom Ward <[email protected]>
Any 3.x version of ActiveSupport should work fine

4e06ecceda7b81c009add0a292c89c4771066f62 authored over 13 years ago by Tom Ward <[email protected]>
Clean up development dependencies

64505c3325c8129492c2e07ba2fc875d568237f9 authored over 13 years ago by Tom Ward <[email protected]>
Explicitly require bundler/setup in rakefile for the benefit of the rspec task

c6ac71d7490c6870730769c3dc9ae053f0c3464c authored over 13 years ago by Tom Ward <[email protected]>
Use bundler tasks to generate and publish gem

e3e0029c33429db33600f7c7f390c2bfe846ba5e authored over 13 years ago by Tom Ward <[email protected]>
Add a constant to hold the gem version

2a6c38edab12dde012d732b1dbbf1cc6c93cd9db authored over 13 years ago by Tom Ward <[email protected]>
A very basic example resource server, together with a simple client

431bd9c5b1643ee1eb94f1318bf25347d21c5164 authored over 13 years ago by Tom Ward <[email protected]>
Be slightly more helpful when some requests are missing required parameters

6ff4d20b68377d665a253dd2f7fb4d3b752a8fbe authored over 13 years ago by Tom Ward <[email protected]>
And a tiny bit more explanation for when provided tokens conflict

40694e50fec696ce7bf8da0bc84f0d1a9b2a95eb authored over 13 years ago by Tom Ward <[email protected]>
Merge pull request #6 from kiote/master

little fix for bug "cannot install gem"

7ec849736346a2119e026a4668b8ce51bbd489a7 authored over 13 years ago by Tom Taylor <[email protected]>
Don't include Gemfile.lock in the list of files.

bb143ac2de9a358d29641b12a5335a733042d614 authored over 13 years ago by James Adam <[email protected]>
gemfile.lock removed

f619856790ff3888da114f1af90b3307eb8b3bee authored over 13 years ago by Krivich Ekaterina <[email protected]>
The Gemfile.lock shouldn't be committed when developing gems

8989efa154ea9067713832366e8dbe7da1586996 authored over 13 years ago by Tom Ward <[email protected]>
Released version 0.0.15

5424de166330243a6931d6728e20ad1384b993a5 authored over 13 years ago by Tom Ward <[email protected]>
Respond with 400 if requests contain invalid redirect uris

b59e812a3fa3a3b6e1af811955527d265a38ae7f authored over 13 years ago by Tom Ward <[email protected]>
Added some basic usage instructions.

d00cc1182195e6e19feea3b25815d79b71238ebc authored over 13 years ago by Tom Taylor <[email protected]>
Updated version to 0.0.14

fa8da99688fa6b3a697bb09cda660bf911c96a71 authored almost 14 years ago by Tom Ward <[email protected]>
Token validation should only occur a single time

d8aa4dc7e114c0cf7e07cb85603d50fc2b1aa646 authored almost 14 years ago by Tom Ward <[email protected]>
Release version 0.0.13

be0a5f56c0d3f595ea947e3214e1690218d2abf7 authored almost 14 years ago by Kalvir Sandhu <[email protected]>
Should be able to retrieve authorizations for a resource owner.

18632607e390f1b0f12e0f8200514eab839513e4 authored almost 14 years ago by Kalvir Sandhu <[email protected]>
Remove the almost redundant request class

816d02d1db2913e6741d0e5166764debd468ce7d authored almost 14 years ago by Tom Ward <[email protected]>
Remove responsibility for authentication to a new ResourceRequest object.

This replaces the AuthenticationMediator and AuthenticationHandler. One consequence of this cha...

bf7225a7925f6eeb66c9e50f5394bd52581e8be7 authored almost 14 years ago by Tom Ward <[email protected]>
Remove unused delegation

0f2e2ec893c7d23ef08770e3d9a5b0a1b3e76529 authored almost 14 years ago by Tom Ward <[email protected]>
Remove unused accessor from the AuthenticationMediator

1dd17b61ed4adc7758caaff50ca99d02af4c6f6c authored almost 14 years ago by Tom Ward <[email protected]>
Allow servers to declare oauth scopes as invalid

a07210149890ac321a55775464ac571871a63b60 authored almost 14 years ago by Tom Ward <[email protected]>
Authorization codes should account for scope if included in request

196451dce1ee963266d56167cfafff1bd689b5f6 authored almost 14 years ago by Tom Ward <[email protected]>
Move mongoid and activerecord initialization required for testing into dedicated support files

529ee7ee6150c659ca7332b3e66afa8d99302401 authored almost 14 years ago by Tom Ward <[email protected]>
Remove the test.db from the repository

cac98e1caf6a8d4684b54a90064f846923885c82 authored almost 14 years ago by Tom Ward <[email protected]>
Use rack/test rather than rails for request testing.

This is the first step towards refactoring and cleaning the specs, working towards draft 13 of t...

c969000818b0a2306602b11e4a8eb53562c3ea0e authored almost 14 years ago by Tom Ward <[email protected]>
Merge branch 'master' of github.com:freerange/oauth2-provider

b9424e75a3bc332f0d42085094234f6c42999762 authored almost 14 years ago by Tom Ward <[email protected]>
Added the ability to ignore the oauth_token param for certain paths that match a regular expression.

abd9ba5a67e0ba63c5521539235747fa5a88857d authored almost 14 years ago by Tom Taylor <[email protected]>
Rename Rails initializers to useful names so they can be hooked into by external initializers.

53811025604e68eaa1c8b4b08748a8201bad1706 authored almost 14 years ago by Tom Taylor <[email protected]>