|
06278935b6
|
Add support for selecting scopes during IndieAuth's 'code' type
|
2017-11-01 13:27:55 +11:00 |
|
|
387e7d859c
|
Smarter handling of IndieAuth code verification, including verifying the response type is correct
|
2017-11-01 10:56:49 +11:00 |
|
|
bfa7f68edc
|
Make POST /indie/auth return a 403 if parameters are missing, rather than a 500
|
2017-10-30 08:27:19 +11:00 |
|
|
e5d3af1b51
|
Make redirect_uri verification optional because many IndieAuth clients don't implement it - show a stylish icon to convey whether the client was verified
|
2017-10-29 19:15:29 +11:00 |
|
|
acce72e90e
|
Implement the auth-code verification step, producing a complete IndieAuth implementation for 'id' type (nothing for 'code' type yet tho)
|
2017-10-29 17:07:36 +11:00 |
|
|
8b4a14ffa3
|
On approving an IndieAuth request, actually generate an auth code and redirect
|
2017-10-29 16:16:27 +11:00 |
|
|
221d548e4a
|
Give better 'me' normalisation to IndieAuth processing + Aadd a simple POST route for actually submitting the form
|
2017-10-29 14:39:30 +11:00 |
|
|
e2e21f4afa
|
Make sure IndieAuth is agnostic to whether the 'me' parameter has a trailing slash or not
|
2017-10-27 22:03:25 +11:00 |
|
|
5690e4bfab
|
Add some niiiice h-x-app rendering to the authorisation page, so you can get a pretty view of who's trying to auth
|
2017-10-27 21:32:14 +11:00 |
|
|
93be2f5a32
|
Half-implement an IndieAuth authorization endpoint - it accepts the right parameters, verifies your client_id, and displays a prompt, but you can't actually approve the auth yet
|
2017-10-26 11:35:57 +11:00 |
|