Skip to content
Snippets Groups Projects
  1. Sep 01, 2022
  2. Aug 30, 2022
  3. Jul 29, 2022
  4. Jul 25, 2022
  5. Jul 22, 2022
  6. Jul 21, 2022
  7. Jul 19, 2022
  8. Jun 17, 2022
  9. May 30, 2022
  10. May 03, 2022
    • Bojan Bogdanovic's avatar
      Updated OAuth2 scope reference · 12def9a9
      Bojan Bogdanovic authored
      • Added possiblity to retrieve all referenced scopes via the OAuth2 Scope reference field type
      • Updated tests with new scope data model
      12def9a9
    • Bojan Bogdanovic's avatar
      Moved PKCE to the authorization_code form details element and removed... · 822c5fe7
      Bojan Bogdanovic authored
      Moved PKCE to the authorization_code form details element and removed enforcing PKCE, it should be optional; https://datatracker.ietf.org/doc/html/rfc7636#section-5.
      822c5fe7
    • Bojan Bogdanovic's avatar
      Enhanced/updated consumer entity · 9b3fefd9
      Bojan Bogdanovic authored
      • Migrated settings to the consumer entity; so that there is more flexiblity.
      • Removed the “use_implicit” setting; it’s no longer recommended by the OAuth2 spec.
      • Added hook_updates for installing/updating/removing BaseFields on the “consumer” and “oauth2_token” entity.
      • Disabled translation on BaseFields that should not be translatable on the “consumer” entity.
      • Introduced custom field type for referencing to OAuth2 scopes; it can reference to static or dynamic scopes dependent on the active scope provider.
      • Introduced custom validation constraint for the “Redirects” BaseField and using string as field type; the uri field type does not support custom URL schemes, this is the reason why string is used as field type. The validation constraint allows more than scoped in the issue, because local domains can differ alot.
      • Added custom validation constraint for the “oauth2_scope_reference” field type; so that non-existing scopes can’t be referenced.
      • The “third_party” BaseField is defined on in the consumers module; leaving it for now.
      • Enforcing PKCE when client is public and Authorisation Code grant type is active.
      • Vertical tabs don’t work properly yet with states, wrote todo to pickup it up when the following issue gets fixed: https://www.drupal.org/project/drupal/issues/1148950.
      • Made “scope_provider” setting disabled when there are scopes referenced in consumers.
      • Removed “ContainerFactoryPluginInterface” from the “Oauth2GrantBase”; not all plugins need dependency injection.
      • Removed Oauth2Grant plugins (and associated tests) that are no longer recommended; this way they can’t be selected anymore from the consumer entity or dynamic/static scope, this related to issue: #3261247.
      9b3fefd9
    • Bojan Bogdanovic's avatar
    • Bojan Bogdanovic's avatar
    • Bojan Bogdanovic's avatar
    • Bojan Bogdanovic's avatar
      Updated scope model · 2390fca9
      Bojan Bogdanovic authored
      • Renamed scope property label; name is more descriptive (e.g: loadByName makes more sense)
      • Generating OAuth2 Scope entity id as machine name
      • Added laod possiblities by name, multiple by name and parent
      • Added dedicated interface for the OAuth2 scope provider
      • Added possibility to retrieve a flatten permission tree by providing a scope object
      • Removed redundant label property from the OAuth2 scope plugin definition; it is not possible to create plugin instances by a property, thus plugin id is now acting as scope id and name
      • Removed derivative possiblity on the OAuth2 scope plugins; it was conflicting with scope names with colon usage
      • Made OAuth2 scope description property required; this description is now also being used as fallback when there is no grant type description
      2390fca9
    • Bojan Bogdanovic's avatar
    • Bojan Bogdanovic's avatar
      Updated parent options form element, removed pagination from scope plugin... · 42f1eaf9
      Bojan Bogdanovic authored
      Updated parent options form element, removed pagination from scope plugin overview and updated interfaces
      42f1eaf9
    • Bojan Bogdanovic's avatar
    • Bojan Bogdanovic's avatar
      Implementing static/dynamic OAuth2 scopes · 45e73400
      Bojan Bogdanovic authored
      • Implementing static scopes via Plugin YAML discovery.
      • Implementing dynamic scopes via Config entity.
      • Introduced scope provider service; which is leveraging the adapter design pattern. The service instantiated via a factory; due the fact that the instantiation is dependent on config settings.
      • Added scope provider setting.
      • Added dedicated overview pages per scope provider.
      • Added controller for the static scope view operation.
      • Moved "Oauth2GenerateKeyForm" and "Oauth2TokenSettingsForm" from Entity namespace/dir, these forms are not related to the Entity.
      • Moved "AccessTokenAccessControlHandler" and "Oauth2TokenListBuilder" to "src/Entity/Access"; this is a more fitting place for these files/classes.
      • Removed redundant "_admin_route" and "base_route" option in the routing, because routes that start with "/admin" will by default have the option "_admin_route" set to TRUE and "base_route" is not applicable in the routing.yml.
      • Moved token entity routes under the "oauth2_token" namespace, we have now multiple entities and they should be structered.
      • Added custom menu link to show the active scope provider in the menu.
      • Added dedicated scope permissions.
      • Added Unit/Kernel tests for the scope: entity, plugin, plugin manager, provider.
      45e73400
  11. Apr 26, 2022
  12. Jan 19, 2022
  13. Jan 05, 2022
  14. Jan 03, 2022
  15. Dec 22, 2021
  16. Dec 21, 2021
  17. Sep 19, 2021
  18. May 02, 2021
  19. Dec 08, 2020
  20. Sep 27, 2020
Loading