about summary refs log tree commit diff
path: root/kittybox-rs/indieauth/src
Commit message (Collapse)AuthorAgeFilesLines
* indieauth: add "token_type" and "scope" to token grant responseVika2022-09-281-0/+21
| | | | | | | It looks like some badly-behaved apps require "scope" even though it is optional according to OAuth2. Additionally, both of these fields are not present in the IndieAuth spec (this is an error in the spec, tracked here: https://github.com/indieweb/indieauth/issues/116
* kittybox-indieauth: fix extraneous padding in PKCE challengesVika2022-09-202-5/+25
|
* kittybox-indieauth: Allow converting more types to/from stringsVika2022-09-193-0/+41
| | | | | Sometimes it is needed, for example, to construct an HTML form pre-filled with the request data.
* indieauth: replace numerous placeholders in the prototypeVika2022-07-271-3/+6
| | | | | | Fetching profiles is now fully implemented. The only missing pieces are the frontend template and the persistent store for tokens and codes.
* kittybox-indieauth: fix AuthorizationRequest doctestVika2022-07-221-2/+3
|
* kittybox-indieauth: document the entire crateVika2022-07-223-23/+333
| | | | I am procrastinating very hard right now.
* kittybox-indieauth: axum helpers for responsesVika2022-07-221-0/+40
| | | | Some responses need to set Cache-Control and Pragma: no-cache headers according to RFC 6749.
* kittybox-indieauth: convert Error into axum::response::ResponseVika2022-07-191-0/+14
| | | | | | This requires the `axum` feature to be enabled, to prevent unwanted dependencies (e.g. in client apps or when using a different framework, since the library doesn't concern itself with I/O)
* kittybox-indieauth: improve docs and the Error typeVika2022-07-192-22/+97
| | | | | | | `kittybox_indieauth::Error` now represents errors in the IndieAuth process itself. `IndieAuthError` got renamed to `ResourceErrorKind` to reflect errors that a resource server (i.e. IndieAuth consumer) might return to a client who somehow didn't authorize themselves properly.
* WIP: IndieAuth progressVika2022-07-152-3/+7
| | | | | | | | | | | | - Some kittybox-indieauth crate bugs were fixed - Things should mostly work... - ...if you somehow supply your own backend store - YES I MADE IT MODULAR AGAIN - NO I AM NOT SORRY - YOU WILL THANK ME LATER - DO NOT DENY THE HEAVENLY GIFT OF GENERICS IN RUST - Retrieving profiles doesn't work for now because I am unsure how to implement it best
* Add enum for requests that the authorization endpoint may encounterVika2022-07-151-1/+8
| | | | | | Really, it should be `Either<AuthorizationRequest, GrantRequest>` but either serde or axum got iffy about me deserializing it from a form. Not sure which one.
* kittybox-indieauth: add From impls for TokenIntrospectionResponseVika2022-07-151-0/+16
| | | | | | | | | This makes converting Option<TokenData> into a response and vice versa a breeze, and hide the complexity of TokenIntrospectionResponse forced upon this library by the IndieAuth standard. Really, this type should've been represented as Option<TokenData>, I just don't know how to add the "active" field to it properly.
* kittybox-indieauth: improve types and make more of them publicVika2022-07-103-14/+49
|
* kittybox-indieauth: implement FromStr for ScopesVika2022-07-101-3/+12
|
* Security bugfix: fix Scopes::has_all() incorrectly checking scopesVika2022-07-101-2/+15
| | | | | Turns out it was comparing the list of required scopes with **itself**. Oops, that's a major security issue.
* kittybox-indieauth: initVika2022-07-103-0/+499
This crate is the base framework-agnostic implementation of all data structures and methods required for IndieAuth protocol. Anything that can deserialize HTTP request payloads with serde can utilize this crate. This is a good candidate to independently release on crates.io when the interface becomes stable enough.