cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
8400 commits 4 branches 1 tag 499 MiB
Commit graph

28 commits

Author SHA1 Message Date
Tom Hughes
fb94bb6c58 Don't override non-existent policy 2018-05-23 12:50:10 +01:00
Tom Hughes
ff86bf136a Use an empty array for ruby 2.3 compatibility 
Apparently `false.dup` throws in ruby 2.3 and not in 2.5...
 2018-05-23 12:21:24 +01:00
Tom Hughes
5deba2782a Completely remove form-action restrictions for OAuth callbacks 
The CSP3 draft only allows a * rule match network schemes and
mobile devices often use callbacks to custom URL schemes.
 2018-05-23 12:09:21 +01:00
Andy Allan
8445561fcc Use lazy translation lookups for the oauth controller. 2018-04-25 15:42:34 +08:00
Tom Hughes
a83030dab7 Fix new rubocop warnings 2018-01-22 18:55:45 +00:00
Tom Hughes
986779966b Extend form-action policies for Chrome 
It seems that unlike other browsers Chrome requires that if a form
submission redirects that the redirected URL also match the form-action
policy rather than just requiring the original URL to match.
 2017-11-25 12:04:02 +00:00
Tom Hughes
5b33f3f8e3 Fix rubocop warnings 2017-06-02 00:08:30 +01:00
Tom Hughes
e17b89e89f Fix rubocop warnings 2016-10-20 22:35:51 +01:00
Tom Hughes
8fe1899596 Fix rubocop warnings 2016-01-19 09:51:24 +00:00
Tom Hughes
081ac24295 Fix rubocop warnings 2015-11-19 21:41:33 +00:00
Tom Hughes
7fef0353f2 More test work 2015-03-08 00:48:13 +00:00
Tom Hughes
dc2a2c8ebd Standardise on double quoted strings 2015-02-20 19:47:26 +00:00
Tom Hughes
5cbd4038ed Fix rubocop style issues 2015-02-20 08:56:16 +00:00
Tom Hughes
ef7f3d800c Fix most auto-correctable rubocop issues 2015-02-20 08:56:16 +00:00
Tom Hughes
f9ae6d252f Drop the slim layout 
The slim layout is not really needed since the redesign as the
pages it was used for in the OAuth flow now have less chrome and
work fine on small screens with the normal layout.

Fixes #689
 2014-02-16 16:03:00 +00:00
Tom Hughes
a9f4549327 Tidy up the OAuth authorization screens 
Make sure all messages are translatable, separate errors from
user initiated denial of authorization.
 2013-11-30 12:25:22 +00:00
Tom Hughes
3a1e7a67ac Specify the username when redirecting to the OAuth client list 2012-03-14 13:57:28 +00:00
Tom Hughes
7c621a6a04 Add the OAuth verifier to 1.0a callbacks correctly 2011-11-19 17:11:54 +00:00
Tom Hughes
093651c208 Override oauth1_authorize pending a fixed version of oauth-plugin 2011-11-19 00:25:17 +00:00
Tom Hughes
7b89dc6349 Make OAuth work again 2011-11-16 21:13:25 +00:00
Andy Allan
6edbcc12df Use slim layout for OAuth pages too 2011-04-03 13:46:17 +01:00
Tom Hughes
2150d1021e Display the verifier if OAuth 1.0a is being used in OOB mode 2010-09-21 16:20:30 +01:00
Tom Hughes
1c3a9ee62b Update oauth models and controllers for OAuth 1.0a support 2010-09-21 16:20:30 +01:00
Matt Amos
69ab396f08 Fixed bug when oauthorizing with a token which no longer exists (merged 17416 from oauth branch). 2009-09-01 10:25:53 +00:00
Tom Hughes
1ce8368f64 Remove debugging. 2009-08-19 08:04:42 +00:00
Tom Hughes
173e92edb8 Cleanup some of the oauth stuff: 
- Detabify views.
- Move translations to correct names.
- Make flash messages translatable.
 2009-08-19 07:59:15 +00:00
Tom Hughes
9fec2fd137 Call the set_locale filter for oauth methods which display web 
pages to the user. Closes #2203.
 2009-08-19 07:45:24 +00:00
Matt Amos
b8f6dbd403 Adding initial version of the OAuth token authentication method. This adds basic OAuth support for registering apps, getting and revoking keys, etc... The tokens come with 6 separate permissions bits; read/write user preferences, write diaries, write API and read/write GPS traces. Needs more tests. 2009-06-22 16:54:37 +00:00