kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
78,822 Commits 1 Branch 0 Tags 899 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
Marcel Amirault 95a111c711 Update _scopes_form.html.haml to remove duplicate information 2018-06-26 13:54:23 +00:00
Hassan Zamani 583ef9458c
Add groups to OpenID Connect claims 2018-02-08 13:22:41 +01:00
Douwe Maan ab1f3b47a8 Merge branch '32059-fix-oauth-phishing' into 'security-10-1' 
Prevent OAuth phishing attack by presenting detailed wording about app to user during authorization

See merge request gitlab/gitlabhq!2205
 2017-11-10 16:26:53 +08:00
Douwe Maan 3f24f9ed18 Add sudo API scope 2017-11-02 11:39:03 +01:00
Markus Koller c498289048 Implement OpenID Connect identity provider 2017-03-07 14:54:35 +01:00
Timothy Andrew 7fa06ed55d Calls to the API are checked for scope. 
- Move the `Oauth2::AccessTokenValidationService` class to
  `AccessTokenValidationService`, since it is now being used for
  personal access token validation as well.

- Each API endpoint declares the scopes it accepts (if any). Currently,
  the top level API module declares the `api` scope, and the `Users` API
  module declares the `read_user` scope (for GET requests).

- Move the `find_user_by_private_token` from the API `Helpers` module to
  the `APIGuard` module, to avoid littering `Helpers` with more
  auth-related methods to support `find_user_by_private_token`
 2016-12-16 16:29:31 +05:30
Douwe Maan 0c4653e101 Improve OAuth application flash messages. 2015-05-13 09:41:56 +02:00
Valery Sizov e41dadcb33 Doorkeeper integration 2014-12-24 15:38:07 +02:00