Sean McGivern
de37dcee90
Merge branch 'siemens/gitlab-ce-feature/openid-connect'
2017-03-07 16:16:08 +00:00
Markus Koller
8699c8338f
Require explicit scopes on personal access tokens
...
Gitlab::Auth and API::APIGuard already check for at least one valid
scope on personal access tokens, so if the scopes are empty the token
will always fail validation.
2017-03-07 15:00:29 +01:00
Markus Koller
eefbc83730
Only use API scopes for personal access tokens
2017-03-07 15:00:29 +01:00
Tiago Botelho
2b474dc2b2
refactors finder and correlated code
2017-03-01 13:11:11 +00:00
Tiago Botelho
9f2e4742e3
applies relevant changes to the code and code structure
2017-02-28 22:15:40 +00:00
Simon Vocella
a3dfb58e7f
add impersonation token
2017-02-28 22:15:39 +00:00
Simon Vocella
81246e5649
manage personal_access_tokens through api
2017-02-28 22:15:39 +00:00
Timothy Andrew
1d0ccec6dd
Add a scopes column to the personal_access_tokens table
2016-12-16 15:08:10 +05:30
Timothy Andrew
bafbf22c6a
Address @DouweM's feedback on !3749 .
...
- Use `TokenAuthenticatable` to generate the personal access token
- Remove a check for `authenticity_token` in application controller;
this should've been `authentication_token`, maybe, and doesn't make
any sense now.
- Have the datepicker appear inline
2016-04-28 22:28:36 +05:30
Timothy Andrew
fc4bce755d
Make fixes based on @vsizov's comments on MR !3749
2016-04-28 22:28:36 +05:30
Timothy Andrew
fb2da6795c
Add an "Inactive Personal Access Tokens" section.
...
- Show the count for each section in parens
- Remove the `revoked?` check, because everything in the
active section is guaranteed to not be revoked.
2016-04-28 22:28:36 +05:30
Timothy Andrew
e5cf527f27
Allow expiration of personal access tokens.
2016-04-28 22:28:36 +05:30
Timothy Andrew
6d76f14f54
Allow revoking personal access tokens.
2016-04-28 22:28:36 +05:30
Timothy Andrew
3a60903874
Allow creating Personal Access Tokens through the website.
2016-04-28 22:28:36 +05:30
