gnh1201/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2025-11-29 10:53:39 +00:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity
19,115 Commits 173 Branches 320 Tags 1.3 GiB
4a32e720f5
Commit Graph

2932 Commits

Author SHA1 Message Date
Emelia Smith
4a32e720f5
Rearrange code to flow better 2025-07-23 21:34:17 +02:00
Emelia Smith
514540d52e
Ensure the asserted scopes are the ones in the access grant 2025-07-23 21:32:17 +02:00
Emelia Smith
3c077e5fc8
Adjust the specs based on feedback from Claire to ensure we're still testing the invalid scope for authorization code grant flow case 2025-07-23 21:27:08 +02:00
Emelia Smith
4b72ac71e1
Improve /oauth/token request specs 
Previously these specs passed incorrect parameters to both the authorization_code
and client_credentials grant flows.

The authorization_code flow does not accept a `scope` parameter, instead the scope
is set when the access grant is created, per RFC 6749 Section 4.1.2. The `code`
parameter is accepted by this flow.

https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2

The client_credentials flow does not accept a `code` parameter, and instead accepts
a `scope` parameter, per RFC 6749 Section 4.4.1

https://www.rfc-editor.org/rfc/rfc6749#section-4.4.1

This ensures we're only testing valid oauth flows, and not deviating from the
specification. The OAuth flows should ignore any unknown parameters (i.e., passing
`code` to client_credentials would have no impact on the functionality, and this
would be asserted at the Doorkeeper level).
 2025-07-23 20:47:00 +02:00
Emelia Smith
9e8631b402
Change /oauth/token request specs to use client_secret_basic authentication 2025-07-23 20:47:00 +02:00
Eugen Rochko
14a781fa24
Add button to load new replies in web UI (#35210) 2025-07-23 13:42:07 +00:00
Matt Jankowski
fab95b8dae
Add coverage for api/v1/invites scenarios (#35389) 2025-07-21 14:17:53 +00:00
Claire
d36bf3b6fb
Fix support for quote verification in implicit status updates (#35384) 2025-07-15 15:36:12 +00:00
Claire
594976a538
Refactor ActivityPub::Activity::Accept and ActivityPub::Activity::Reject specs (#35382) 2025-07-15 13:18:37 +00:00
Matt Jankowski
0efb889a9c
Extract constant for attribution domains limit in account (#35350) 2025-07-15 13:08:24 +00:00
Matt Jankowski
30344d6abf
Confirm User#login_activities in auth/sessions spec (#35372) 2025-07-15 06:31:00 +00:00
Matt Jankowski
1637297085
Add coverage for CustomFilterStatus model (#35374) 2025-07-15 06:28:40 +00:00
Matt Jankowski
dec1fb71f4
Add coverage for FollowRecommendationMute model (#35376) 2025-07-15 06:27:36 +00:00
Matt Jankowski
7273f6c03c
Move shared params to common method in admin/reports/actions (#35353)
Some checks are pending
Check i18n / check-i18n (push) Waiting to run
Details
CodeQL / Analyze (javascript) (push) Waiting to run
Details
CodeQL / Analyze (ruby) (push) Waiting to run
Details
Check formatting / lint (push) Waiting to run
Details
Ruby Linting / lint (push) Waiting to run
Details
Historical data migration test / test (14-alpine) (push) Waiting to run
Details
Historical data migration test / test (15-alpine) (push) Waiting to run
Details
Historical data migration test / test (16-alpine) (push) Waiting to run
Details
Historical data migration test / test (17-alpine) (push) Waiting to run
Details
Ruby Testing / build (production) (push) Waiting to run
Details
Ruby Testing / build (test) (push) Waiting to run
Details
Ruby Testing / test (.ruby-version) (push) Blocked by required conditions
Details
Ruby Testing / test (3.2) (push) Blocked by required conditions
Details
Ruby Testing / test (3.3) (push) Blocked by required conditions
Details
Ruby Testing / ImageMagick tests (.ruby-version) (push) Blocked by required conditions
Details
Ruby Testing / ImageMagick tests (3.2) (push) Blocked by required conditions
Details
Ruby Testing / ImageMagick tests (3.3) (push) Blocked by required conditions
Details
Ruby Testing / End to End testing (.ruby-version) (push) Blocked by required conditions
Details
Ruby Testing / End to End testing (3.2) (push) Blocked by required conditions
Details
Ruby Testing / End to End testing (3.3) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, docker.elastic.co/elasticsearch/elasticsearch:8.10.2) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (.ruby-version, opensearchproject/opensearch:2) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (3.2, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Blocked by required conditions
Details
Ruby Testing / Elastic Search integration testing (3.3, docker.elastic.co/elasticsearch/elasticsearch:7.17.13) (push) Blocked by required conditions
Details
2025-07-14 09:23:18 +00:00
Matt Jankowski
a3ffd2edf8
Use sequence for unique names on webauthn cred fabricator (#35356) 2025-07-14 09:20:50 +00:00
Matt Jankowski
1496488771
Add Status#not_replying_to_account scope for annual report classes (#35257) 2025-07-10 07:35:04 +00:00
Matt Jankowski
f9beecb343
Improve Accounts CLI prune spec (#35302) 2025-07-10 07:23:09 +00:00
Matt Jankowski
4ecfbd3920
Add Status.only_polls (and without polls) scope (#35330) 2025-07-10 07:13:22 +00:00
Claire
8bd2c87399
Fix support for special characters in various environment variables (#35314) 
Co-authored-by: Matt Jankowski <matt@jankowski.online>
 2025-07-09 08:58:41 +00:00
David Roetzel
8ee6cee36e
Better error response to malformed headers (#35278) 2025-07-08 09:31:04 +00:00
Matt Jankowski
bdffdcb12f
Remove unused scopes in Account model (#35276) 2025-07-07 08:07:01 +00:00
David Roetzel
1fa72d6c44
Raise better exception on FASP error responses (#35262) 2025-07-04 07:25:42 +00:00
Matt Jankowski
e8d2432e6a
Fix intermittent failure of TOS model spec from effective date collision (#35244) 2025-07-03 16:28:47 +00:00
Claire
e97f43399b
Fix error handling for blank actions in account moderation action form (#35246) 2025-07-03 14:42:48 +00:00
Matt Jankowski
1ae3510ede
Add coverage for TOS interstitial interruption flow of web app controller concern (#35235) 2025-07-02 09:21:32 +00:00
Matt Jankowski
c047014214
Add coverage for valid_locale_or_nil languages helper method (#34866) 2025-07-02 07:34:42 +00:00
David Roetzel
c357a7f8d6
Add optional bulk mailer settings (#35203) 2025-06-30 14:49:14 +00:00
David Roetzel
bae258925c
Persist follow recommendations from FASP (#35218) 2025-06-30 13:39:36 +00:00
Claire
153af19f55
Add specs for PublicFileServer middleware (#35219) 2025-06-30 11:23:11 +00:00
Matt Jankowski
964916c71b
Add coverage for TermsOfService scopes/validations (#35204) 2025-06-30 10:28:14 +00:00
David Roetzel
ac4b735c67
Add FASP account search support (#34033) 2025-06-30 07:42:34 +00:00
David Roetzel
48451b782d
Move email env var reading to yml files (#35191) 2025-06-26 12:18:30 +00:00
Claire
2e0a00ab46
Fix search operators sometimes getting lost (#35190) 2025-06-26 10:35:49 +00:00
Matt Jankowski
8285194451
Move layout setup for OAuth views to controllers (#35176) 2025-06-25 13:26:17 +00:00
Emelia Smith
72f2f35bfb
Implement Instance Moderation Notes (#31529) 2025-06-25 08:15:44 +00:00
Matt Jankowski
47fda2df2c
Update OAuth inflection to match spec (#35160) 2025-06-25 07:52:30 +00:00
Matt Jankowski
377289c961
Add coverage for doorkeeper model extensions (#35161) 2025-06-25 07:50:20 +00:00
Matt Jankowski
f852da50f6
Add User#email_domain method to extract domain from email address (#35159) 2025-06-25 07:22:19 +00:00
Matt Jankowski
fd902c04f7
Use config_for for omniauth enabled values (#35015) 2025-06-24 09:32:13 +00:00
Matt Jankowski
0338733531
Add model coverage and scopes to RuleTranslation class (#35098) 2025-06-24 07:44:50 +00:00
Matt Jankowski
0d7f1584bc
Move remaining _map method specs from account to mappings spec (#35142) 2025-06-24 07:40:24 +00:00
Matt Jankowski
36f01af6c4
Add Status#only_reblogs scope for annual report classes (#35141) 2025-06-24 06:54:55 +00:00
Matt Jankowski
c023ebc87a
Limit count to pending&trending on admin/trends/tags page (#35120) 2025-06-23 13:30:12 +00:00
Matt Jankowski
b08ccaa5b3
Extract Account::Mappings concern from "interactions" (#35119) 2025-06-23 12:02:14 +00:00
David Roetzel
adf812efb3
Fix missing terms of services link (#35115) 2025-06-21 08:59:47 +00:00
Matt Jankowski
54f9a1b43b
Extract secret size constants in Webhook model (#35104) 2025-06-20 10:05:24 +00:00
Matt Jankowski
e9b1c1edfe
Simplify WebauthnCredential constant limit math (#35107) 2025-06-20 10:04:14 +00:00
David Roetzel
0ec6c26af3
Fix error when RFC9421 signatures are used (#35109) 2025-06-20 09:44:26 +00:00
Matt Jankowski
ca3cc36549
Allow more flexible host/port treatment with LOCAL_DOMAIN values in tests (#35040) 2025-06-16 13:12:23 +00:00
David Roetzel
b2506478ba
Add FASP follow recommendation support (#34964) 2025-06-16 10:43:27 +00:00