Commit Graph

35 Commits (e099d57bdec79c3b92daf12f0a621d993ff55982)

Author SHA1 Message Date
Paulus Schoutsen 5a9e543087
Whitelist Android/iOS auth callbacks (#30082)
* Whitelist Android/iOS

* Add iOS alternate flavor URLs

* Update indieauth.py

Co-authored-by: Robbie Trencheny <me@robbiet.us>
2019-12-28 21:20:18 +01:00
Bas Nijholt 6ad3b6426a sort imports according to PEP8 for auth (#29619) 2019-12-08 14:55:23 +01:00
Paulus Schoutsen 3231e22ddf
Remove direct authentication via trusted networks or API password (#27656)
* Remove direct authentication via trusted networks and API password

* Fix tests
2019-10-14 14:56:45 -07:00
Paulus Schoutsen 4de97abc3a Black 2019-07-31 12:25:30 -07:00
Paulus Schoutsen f4016b4aad
Add integration step to onboarding (#23732)
* Return an extra oauth2 auth code during onboarding

* Areas in const

* Add integration step

* Lint

* Fix tests

* Fix test

* Verify integration added to done

* Verify step is marked as done
2019-05-07 22:51:24 -07:00
Paulus Schoutsen d1a621601d No more opt-out auth (#18854)
* No more opt-out auth

* Fix var
2018-12-02 16:32:53 +01:00
Paulus Schoutsen 312d49caec Allow creating signed urls (#17759)
* Allow creating signed urls

* Fix parameter

* Lint
2018-10-25 16:44:57 +02:00
Jason Hu ff78a5b04b Track refresh token last usage information (#16408)
* Extend refresh_token to support last_used_at and last_used_by

* Address code review comment

* Remove unused code

* Add it to websocket response

* Fix typing
2018-09-12 13:24:16 +02:00
Jason Hu 34d369ba26 Return if refresh token is current used one in WS API (#16575) 2018-09-12 09:49:44 +02:00
Paulus Schoutsen 0db13a99aa Add websocket commands for refresh tokens (#16559)
* Add websocket commands for refresh tokens

* Comment
2018-09-11 09:08:03 -07:00
Jason Hu 9583947012 Long-lived access token (#16453)
* Allow create refresh_token with specific access_token_expiration

* Add token_type, client_name and client_icon

* Add unit test

* Add websocket API to create long-lived access token

* Allow URL use as client_id for long-lived access token

* Remove mutate_refresh_token method

* Use client name as id for long_lived_access_token type refresh token

* Minor change

* Do not allow duplicate client name

* Update docstring

* Remove unnecessary `list`
2018-09-11 12:05:15 +02:00
Paulus Schoutsen cfe5db4350
Fail fetch auth providers if onboarding required (#16454) 2018-09-10 23:51:40 +02:00
Jason Hu e8775ba2b4
Add multi-factor auth module setup flow (#16141)
* Add mfa setup flow

* Lint

* Address code review comment

* Fix unit test

* Add assertion for WS response ordering

* Missed a return

* Remove setup_schema from MFA base class

* Move auth.util.validate_current_user -> webscoket_api.ws_require_user
2018-08-24 10:17:43 -07:00
Ville Skyttä dd9d53c83e Update pydocstyle to 2.1.1 and flake8-docstrings to 1.3.0 (#14557)
* Update pydocstyle to 2.1.1 and flake8-docstrings to 1.3.0

* Pydocstyle D401 fixes
2018-08-24 10:28:43 +02:00
Ville Skyttä 89d856d147 Spelling fixes (#16150) 2018-08-23 22:56:18 +02:00
Jason Hu 7e7f9bc6ac Add multi-factor authentication modules (#15489)
* Get user after login flow finished

* Add multi factor authentication support

* Typings
2018-08-22 09:52:34 +02:00
Paulus Schoutsen cdb8361050 Add support for revoking refresh tokens (#16095)
* Add support for revoking refresh tokens

* Lint

* Split revoke logic in own method

* Simplify

* Update docs
2018-08-21 11:02:55 -07:00
Paulus Schoutsen b26506ad4a Use new session when fetching remote urls (#16093) 2018-08-21 19:03:46 +02:00
Jason Hu f84a31871e Get user after login flow finished (#16047)
* Get user after login flow finished

* Add optional parameter 'type' to /auth/login_flow

* Update __init__.py
2018-08-21 10:18:04 +02:00
Ville Skyttä dbd0763f83 Grammar and spelling fixes (#16065) 2018-08-19 22:29:08 +02:00
Paulus Schoutsen e776f88eec
Use JWT for access tokens (#15972)
* Use JWT for access tokens

* Update requirements

* Improvements
2018-08-14 21:14:12 +02:00
Paulus Schoutsen 0ab3e7a92a
Add IndieAuth 4.2.2 redirect uri at client id (#15911)
* Add IndieAuth 4.2.2 redirect uri at client id

* Fix tests

* Add comment

* Limit to first 10kB of each page
2018-08-10 18:09:42 +02:00
Jason Hu 93d6fb8c60
Break up components/auth (#15713) 2018-07-28 17:54:26 -07:00
Jerad Meisner cbb5d34167 Added user credentials to current_user ws endpoint. (#15558)
* Added user credentials to current_user ws endpoint.

* Comments. Added another test.

* Return list of credentials.
2018-07-25 10:34:18 +02:00
Paulus Schoutsen 4e7dbf9ce5
Allow system users to refresh tokens (#15574) 2018-07-23 14:06:09 +02:00
Paulus Schoutsen 2fcacbff23
Allow auth providers to influence is_active (#15557)
* Allow auth providers to influence is_active

* Fix auth script test
2018-07-19 22:10:36 +02:00
Paulus Schoutsen 2a76a0852f
Allow CORS requests to token endpoint (#15519)
* Allow CORS requests to token endpoint

* Tests

* Fuck emulated hue

* Clean up

* Only cors existing methods
2018-07-19 08:37:00 +02:00
Paulus Schoutsen 8797cb78a9
Add current user WS command (#15485) 2018-07-17 09:24:51 +02:00
Paulus Schoutsen 864a254071
Aware comments (#15480)
* Make sure we cannot deactivate the owner

* Use different error code when trying to fetch token for inactive user
2018-07-15 23:09:05 +02:00
Paulus Schoutsen ed0cfc4f31
Add user via cmd line creates owner (#15470)
* Add user via cmd line creates owner

* Ensure access tokens are not verified for inactive users

* Stale print

* Lint
2018-07-15 20:46:15 +02:00
Paulus Schoutsen dbdd0a1f56
Expire auth code after 10 minutes (#15381) 2018-07-10 11:20:22 +02:00
Paulus Schoutsen 0d4841cbea
Use IndieAuth for client ID (#15369)
* Use IndieAuth for client ID

* Lint

* Lint & Fix tests

* Allow local IP addresses

* Update comment
2018-07-09 18:24:46 +02:00
Jason Hu a64a66dd62 Only create front-end client_id once (#15214)
* Only create frontend client_id once

* Check user and client_id before create refresh token

* Lint

* Follow code review comment

* Minor clenaup

* Update doc string
2018-07-01 13:36:50 -04:00
Paulus Schoutsen 5ec7fc7ddb Backend tweaks to make authorization work (#14339)
* Backend tweaks to make authorization work

* Lint

* Add test

* Validate redirect uris

* Fix tests

* Fix tests

* Lint
2018-05-10 10:38:11 +02:00
Paulus Schoutsen cdd45e7878 Foundation for users (#13968)
* Add initial user foundation to Home Assistant

* Address comments

* Address comments

* Allow non-ascii passwords

* One more utf-8 hmac compare digest

* Add new line
2018-05-01 18:20:41 +02:00