1
0
Commit Graph

30 Commits

Author SHA1 Message Date
Marie 10bfc61670 merge: upstream 2024-02-19 10:47:42 +01:00
tamaina c1514ce91d (re) update SPDX-FileCopyrightText
Fix  #13290
2024-02-13 15:59:27 +00:00
tamaina 311c2172d7 Revert "update SPDX-FileCopyrightText"
This reverts commit 9b5aeb76d8.
2024-02-13 15:50:11 +00:00
syuilo 9b5aeb76d8 update SPDX-FileCopyrightText 2024-02-12 11:37:45 +09:00
Marie 031d748d0c fix: /oauth/oauth to /oauth 2023-12-31 17:25:38 +01:00
Marie 592027cf68 merge: upstream 2023-12-28 09:54:32 +01:00
Kagami Sascha Rosylight 544b8106b2 feat(backend/oauth): allow CORS for token endpoint (#12814)
* feat(backend/oauth): allow CORS for token endpoint

* no need to explicitly set origin to `*`

* Update CHANGELOG.md
2023-12-28 09:46:19 +01:00
Kagami Sascha Rosylight ad346b6f36 feat(backend/oauth): allow CORS for token endpoint (#12814)
* feat(backend/oauth): allow CORS for token endpoint

* no need to explicitly set origin to `*`

* Update CHANGELOG.md
2023-12-27 15:10:24 +09:00
Chocolate Pie c96bc36fed Merge pull request from GHSA-7pxq-6xx9-xpgm
* fix: fix improper authorization when accessing with third-party application

* refactor: refactor type definitions

* fix: get rid of unnecessary access limitation

* enhance: サードパーティアプリケーションがWebsocket APIを使えるように

* fix: add missing parentheses

* Revert "fix(backend): add missing kind definition for admin endpoints to improve security"

This reverts commit 5150053275.

* frontend: 翻訳の抜けを訂正, read:adminとwrite:adminはアクセス発行トークンのデフォルトでは非表示にする

* enhance(test): misskey-ghsa-7pxq-6xx9-xpgmに関するテストを追加

* enhance(test): Websocket APIに対するテストも追加

* enhance(refactor): `@/misc/api-permissions.ts`を`misskey-js/permissions`に統合

* fix(frontend): アクセストークン発行UIで全ての権限を有効にした際、管理者用APIへのアクセスも許可してしまう問題を修正

* enhance(backend): Websocketの接続に最低限必要な権限を変更

* fix(backend): `/api/admin/meta`をサードパーティアプリケーションからはアクセスできないように

* fix(backend): エンドポイントにアクセスするために必要な権限を変更

* fix(frontend/locale): Add missing type declaration

* chore: update `misskey-js/src/autogen`

---------

Co-authored-by: tamaina <tamaina@hotmail.co.jp>
2023-12-27 15:08:59 +09:00
Mar0xy 5af274ef0a upd: register contentParser 2023-11-16 20:21:33 +01:00
Mar0xy 67dceab22e fix: errors 2023-11-16 20:08:16 +01:00
Mar0xy 2fae63fe15 upd: add multipart support to oauth/token 2023-11-16 20:04:19 +01:00
Mar0xy 885800ee5e revert: deletion of oauth.pug 2023-11-09 15:06:57 +01:00
Mar0xy 0087bc3ace test: oauth/authorize on api endpoint 2023-11-08 22:45:40 +01:00
Mar0xy c5008452c1 fix: oauth/authorize not working 2023-11-08 22:18:28 +01:00
Mar0xy 88da6f16a9 upd: add oauth decision endpoint 2023-11-08 21:11:54 +01:00
syuilo 1fa1d31696 perf(backend): createdAtをidから取得するように & 無駄なDateインスタンスの生成を避けるように 2023-10-16 10:45:22 +09:00
Mar0xy 3fd2b55406 Revert "test: check old megalodon version"
This reverts commit 89eea5df52.
2023-09-25 01:49:57 +02:00
Mar0xy 89eea5df52 test: check old megalodon version 2023-09-25 01:20:03 +02:00
Mar0xy 60b2842203 chore: lint 2023-09-24 23:25:04 +02:00
Mar0xy 37d7a4b604 upd: change parser and fix fetchAccessToken 2023-09-24 23:18:39 +02:00
Mar0xy 30cc0a9b18 fix: oauth headers 2023-09-24 23:01:46 +02:00
Mar0xy c19ef16a06 chore: make lint happy 2023-09-24 19:53:56 +02:00
Mar0xy c782085af4 upd: change oauth 2023-09-24 19:47:12 +02:00
Mar0xy 250beca901 fix oauth login 2023-09-24 19:15:08 +02:00
syuilo 053da10e94 refactor(backend): update directory structure for models 2023-09-20 11:33:36 +09:00
syuilo 6cf466e5d1 update deps (#11820)
* update deps

* fix

* wip

* wip

* wip

* Update docker-compose.yml.example

* Delete reviewer-lottery.yml

* Update RepositoryModule.ts

* wip

* wip

* clean up

* update deps

* wip

* wip
2023-09-15 14:28:29 +09:00
syuilo 792622aead refactor: prefix Mi for all entities (#11719)
* wip

* wip

* wip

* wip

* Update RepositoryModule.ts

* wip

* wip

* wip

* Revert "wip"

This reverts commit c1c13b37d2aaf3c65bc148212da302b0eb7868bf.
2023-08-16 17:51:28 +09:00
syuilo ab3cd7b837 chore: add missing license identifier 2023-07-28 14:02:58 +09:00
Kagami Sascha Rosylight eb7b5f905a feat(backend): support OAuth 2.0 authorization (#11053)
* feat(backend): support OAuth 2.0 authorization

* secureRndstr fix

* nanndekowareta

* nanndekowareta2

* nanndekowareta3

* unref?

* refactor to not close fastify

* use microformats-parser

* Update OAuth2ProviderService.ts

* clarify the reason behind dns lookup

* refactor(backend): use @types/oauth2orize-pkce (#11350)

* refactor(backend): use @types/oauth2orize-pkce

* Update package.json

* Update pnpm-lock.yaml

---------

Co-authored-by: Kagami Sascha Rosylight <saschanaz@outlook.com>

---------

Co-authored-by: mtgto <hogerappa@gmail.com>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
2023-07-27 18:51:58 +09:00