vassili/seitime-frappe

Fork 0

Commit graph

Author	SHA1	Message	Date
Revant Nandgaonkar	7757aaef6a	[Fix] oauth url delimiter moved to function instead of global (#2305 ) * [Fix] oauth url delimiter moved to function instead of global * [Fix] renamed oauth_url_delimiter to get_url_delimiter	2016-11-14 12:05:47 +05:30
Revant Nandgaonkar	a16e6a143f	OpenID Connect for Frappe (#2227 ) * Add field for client_secret in Oauth Client Doctype * openid_profile endpoint in oauth2.py * added stub methods for OpenID Connect in RequestValidator * [Fix] using werkzeug url_fix on uri * added 3 oidc methods in RequestValidator * Added Frappe Section in Social Login Keys Add section in `Social Login Keys` for fields `Frappe Client ID` and `Frappe Client Secret` and additional field Frappe OAuth 2 Server because github, facebook and google have fixed urls, Frappe server URL can change as per the hosting domain/server/company * [Fix] accept code id_token param for oidc * generate id_token jwt alg HS256 * Updates to OAuth 2 and OIDC `OAuth Authorization Code` and `OAuth Bearer Token` DocType made RO Delete Invalid Codes and Revoked Tokens periodically generate and send `id_token` only if scope of token is `openid` * [Fix] Periodically delete revoked tokens * Social Logins untested * Enabled Frappe social login * [Docs] OpenID Connect and Frappe social login * [Fix] Allow multiple scopes for OAuth 2 * [Docs] Added screenshot steps to configure openid and frappe social login * saved doctype to solve merge conflict * [fix] re-added client_secret after resolving merge conlict * [Fix] frappe_userid and default scope	2016-11-07 22:25:11 +05:30
Revant Nandgaonkar	d48b270bf5	OAuth 2 Provider for frappe (#2167 ) * OAuth 2.0 Classes Added Added oauthlib in requirement.txt Added class WebApplicationServer for Authorization code grant and Bearer tokens. Added class OAuthWebRequestValidator for Validating Oauth Request for Web Application * copied code from mnt_oauth needs review * [New] OAuth2 Doctypes and endpoints added Integrations > OAuth Provider Settings Integration Broker > OAuth Bearer Token Integration Broker > OAuth Authorization Code Integration Broker > OAuth Client endpoints for authorize, approve, get_token, revoke_token and test_resource * oauth2.py: renamed skipauth to skip_auth * [Fix] Parse URL instead of storing it in settings * [Fix] get skip_auth from OAuth Provider Settings * Success URL format. Failure URL added. Confirmation dialog layout changed. * Validate access token if passed during use of REST API * OAuth Confirmation colours fixed * Multiple Changes Added links for OAuth under Integrations in Module list. Updated permissions on OAuth doctypes. Updated layout of OAuth Client doctype. * [Docs] Integrations > How to setup OAuth * [Docs] Integration > Using OAuth * [Fix] get_token endpoint must to handle POST request * [Fix] http verbs and responses for OAuth 2.0 Endpoints * [Fix] accept oauth2 access_token from headers * Removed unused imports from api.py	2016-10-25 10:28:32 +05:30

Author

SHA1

Message

Date

Revant Nandgaonkar

7757aaef6a

[Fix] oauth url delimiter moved to function instead of global (#2305 )

* [Fix] oauth url delimiter moved to function instead of global

* [Fix] renamed oauth_url_delimiter to get_url_delimiter

2016-11-14 12:05:47 +05:30

Revant Nandgaonkar

a16e6a143f

OpenID Connect for Frappe (#2227 )

* Add field for client_secret in Oauth Client Doctype

* openid_profile endpoint in oauth2.py

* added stub methods for OpenID Connect in RequestValidator

* [Fix] using werkzeug url_fix on uri

* added 3 oidc methods in RequestValidator

* Added Frappe Section in Social Login Keys

Add section in `Social Login Keys` for fields `Frappe Client ID` and `Frappe Client Secret` and additional field Frappe OAuth 2 Server because github, facebook and google have fixed urls, Frappe server URL can change as per the hosting domain/server/company

* [Fix] accept code id_token param for oidc

* generate id_token jwt alg HS256

* Updates to OAuth 2 and OIDC

`OAuth Authorization Code` and `OAuth Bearer Token` DocType made RO
Delete Invalid Codes and Revoked Tokens periodically
generate and send `id_token` only if scope of token is `openid`

* [Fix] Periodically delete revoked tokens

* Social Logins untested

* Enabled Frappe social login

* [Docs] OpenID Connect and Frappe social login

* [Fix] Allow multiple scopes for OAuth 2

* [Docs] Added screenshot steps to configure openid and frappe social login

* saved doctype to solve merge conflict

* [fix] re-added client_secret after resolving merge conlict

* [Fix] frappe_userid and default scope

2016-11-07 22:25:11 +05:30

Revant Nandgaonkar

d48b270bf5

OAuth 2 Provider for frappe (#2167 )

* OAuth 2.0 Classes Added

Added oauthlib in requirement.txt
Added class WebApplicationServer for Authorization code grant and Bearer tokens.
Added class OAuthWebRequestValidator for Validating Oauth Request for Web Application

* copied code from mnt_oauth needs review

* [New] OAuth2 Doctypes and endpoints added

Integrations > OAuth Provider Settings
Integration Broker > OAuth Bearer Token
Integration Broker > OAuth Authorization Code
Integration Broker > OAuth Client
endpoints for authorize, approve, get_token, revoke_token and test_resource

* oauth2.py: renamed skipauth to skip_auth

* [Fix] Parse URL instead of storing it in settings

* [Fix] get skip_auth from OAuth Provider Settings

* Success URL format. Failure URL added. Confirmation dialog layout changed.

* Validate access token if passed during use of REST API

* OAuth Confirmation colours fixed

* Multiple Changes

Added links for OAuth under Integrations in Module list.
Updated permissions on OAuth doctypes.
Updated layout of OAuth Client doctype.

* [Docs] Integrations > How to setup OAuth

* [Docs] Integration > Using OAuth

* [Fix] get_token endpoint must to handle POST request

* [Fix] http verbs and responses for OAuth 2.0 Endpoints

* [Fix] accept oauth2 access_token from headers

* Removed unused imports from api.py

2016-10-25 10:28:32 +05:30

3 commits