Niklas Fiekas
|
e343d23e7e
|
avoid script-src unsafe-inline almost everywhere
|
2021-11-13 23:57:37 +01:00 |
Niklas Fiekas
|
e6002e94e9
|
also avoid classList for browser compatibility
|
2021-10-24 22:48:29 +02:00 |
Niklas Fiekas
|
b9a909ad4d
|
maximum browser compatibility for oauth prompt
|
2021-10-24 22:42:22 +02:00 |
Thibault Duplessis
|
7c2fd3b5b1
|
tweak token creation page
|
2021-08-26 20:03:43 +02:00 |
Thibault Duplessis
|
7fa3769690
|
more oauth screen tweaks
|
2021-07-13 22:04:16 +02:00 |
Thibault Duplessis
|
b1f519d2dc
|
tweak oauth screen
|
2021-07-13 21:45:51 +02:00 |
Niklas Fiekas
|
03331a5f99
|
push oauth apps to use https
|
2021-07-13 18:06:10 +02:00 |
Thibault Duplessis
|
9f9d01ea06
|
make the oauth authorize page work with elder browsers (no ES6)
|
2021-07-11 10:00:37 +02:00 |
Niklas Fiekas
|
7b4958a5ac
|
refactor oauth token form
|
2021-07-07 18:32:30 +02:00 |
Niklas Fiekas
|
0aa632dd9e
|
refactor access token collection
|
2021-07-07 14:40:18 +02:00 |
Niklas Fiekas
|
f32224b18f
|
fix typo
|
2021-07-03 16:40:20 +02:00 |
Niklas Fiekas
|
0327f65be9
|
introduce lila.common.Bearer newtype
|
2021-07-03 16:40:20 +02:00 |
Niklas Fiekas
|
86969b97e2
|
remove oauth app crud
|
2021-07-02 10:26:16 +02:00 |
Niklas Fiekas
|
39cf1bd7be
|
visually represent oauth button disabled state
|
2021-06-29 11:50:16 +02:00 |
Niklas Fiekas
|
378abab8f7
|
add deprecation warning to legacy prompt
|
2021-06-28 11:58:58 +02:00 |
Niklas Fiekas
|
e73f471908
|
add legacy oauth redirects
|
2021-06-28 10:36:57 +02:00 |
Niklas Fiekas
|
0eec335f09
|
no more new oauth apps without pkce
|
2021-06-18 20:57:38 +02:00 |
Niklas Fiekas
|
971cf19e6b
|
oauth appOrigin -> clientOrigin
|
2021-06-18 17:27:13 +02:00 |
Niklas Fiekas
|
1b7cff7fd2
|
add small timeout to prevent clickjacking
|
2021-06-17 16:09:13 +02:00 |
Niklas Fiekas
|
b66545e58f
|
add icon to authorization prompt
|
2021-06-17 15:51:15 +02:00 |
Niklas Fiekas
|
617a0ab4a9
|
tweak authorization prompt design
|
2021-06-17 15:36:52 +02:00 |
Niklas Fiekas
|
f52ee12722
|
implement grant with fake code verification
|
2021-06-17 15:36:52 +02:00 |
Niklas Fiekas
|
5b2d783926
|
model oauth protocol with types
|
2021-06-17 15:36:52 +02:00 |
Niklas Fiekas
|
5566bca48f
|
handle all authorization errors
|
2021-06-17 15:36:51 +02:00 |
Niklas Fiekas
|
4ad8ee8aa8
|
basic styles for oauth form
|
2021-06-17 15:36:51 +02:00 |
Niklas Fiekas
|
fd5f5d6b34
|
implement cancellation link
|
2021-06-17 15:36:51 +02:00 |
Niklas Fiekas
|
c31187bdc7
|
create view for authorization prompt
|
2021-06-17 15:36:51 +02:00 |
Andrew Mazur
|
e4db7c25e6
|
Icons private use area (#9136)
* move all glyphs to private area
* replace exclamation mark icon
* replace quotation mark icon
* replace rapid icon
* replace share icon
* replace patron icon
* replace gear icon
* replace phone icon
* replace streak icon
* replace die-six and ograve icons
* replace flag icon
* replace flame icon
* replace feather icon
* replace turtle icon
* replace nuclear icon
* replace arrow-streamline-target icon
* replace buffer icon
* replace upload-cloud icon
* replace number and some special characters icons
* replace upper case alphabet characters icons
* replace alphabet characters icons and a few special characters icons
* fixing some missing icons
* notifications icons fix
* a few more icons found
* changing a few more icons
|
2021-06-14 09:13:27 +02:00 |
Thibault Duplessis
|
7c481a5f32
|
only keep user mod roles when oauth scope web:mod is set
|
2021-05-11 10:18:12 +02:00 |
Thibault Duplessis
|
50a0ecaac1
|
require absolute urls in oauth apps
|
2021-03-24 09:17:07 +01:00 |
Thibault Duplessis
|
2baa038b3b
|
show oauth token key on /account/oauth/token
|
2021-02-12 09:34:11 +01:00 |
Thibault Duplessis
|
42084de5fa
|
fix routing and form binding for play 2.8.7
|
2021-02-08 15:25:21 +01:00 |
Thibault Duplessis
|
d50262c6b7
|
mention pre-filling on the oauth token form
|
2021-01-31 23:10:18 +01:00 |
Thibault Duplessis
|
2317e0a0f2
|
only send the OAuth token public ID to the owner's client
Reported by https://hackerone.com/gamerited
|
2020-10-06 10:09:53 +02:00 |
Thibault Duplessis
|
6d936f2472
|
oauth token input autofocus
|
2020-08-28 09:08:23 +02:00 |
Thibault Duplessis
|
b48699798d
|
fix more warnings, getting ready for scala 3
|
2020-07-07 11:24:08 +02:00 |
Thibault Duplessis
|
e79ccb3878
|
list and revoke oauth app accesses
|
2020-05-10 14:13:28 -06:00 |
Thibault Duplessis
|
5488a09548
|
scalafmt 2.5
|
2020-05-05 22:11:15 -06:00 |
Niklas Fiekas
|
af6c5888cd
|
capitalize lichess in some more places
|
2020-03-30 19:12:23 +02:00 |
Thibault Duplessis
|
4e4edc1ebc
|
pre-select oauth tokens from URL
|
2020-03-09 11:06:03 -06:00 |
Thibault Duplessis
|
7c144277d8
|
reformat
|
2020-03-03 15:55:58 -06:00 |
Thibault Duplessis
|
2563a13e98
|
safer mod notes
|
2020-03-03 15:22:48 -06:00 |
Thibault Duplessis
|
b0d9e10144
|
board API can't access spectator chat
|
2020-02-24 18:45:04 -06:00 |
Thibault Duplessis
|
dc9e1b3633
|
new Board API for e-boards and any 3rd party client
allows playing with a normal Lichess account
- rated: Classical and slower
- casual: Rapid and slower
|
2020-02-24 16:24:33 -06:00 |
Thibault Duplessis
|
d94ed23fcc
|
let normal accounts play with BOT API in some cases - closes #6073
|
2020-02-24 12:22:02 -06:00 |
Thibault Duplessis
|
1d8a5b1351
|
improve account forms and add flash messages
|
2020-01-17 10:54:13 -06:00 |
Thibault Duplessis
|
ff1cc70bef
|
reformat with scalafmt
|
2019-12-13 08:37:32 -06:00 |
Thibault Duplessis
|
3d2a4fca65
|
scala form template refactoring
|
2019-08-02 09:54:15 +02:00 |
Thibault Duplessis
|
f81b9db930
|
get rid of twirl
|
2019-04-22 16:42:25 +07:00 |
Niklas Fiekas
|
e837d362e1
|
simplify some optional boolean attributes
|
2019-04-18 11:29:39 +02:00 |