Kagami Sascha Rosylight
|
ad346b6f36
|
feat(backend/oauth): allow CORS for token endpoint (#12814)
* feat(backend/oauth): allow CORS for token endpoint
* no need to explicitly set origin to `*`
* Update CHANGELOG.md
|
2023-12-27 15:10:24 +09:00 |
|
Chocolate Pie
|
c96bc36fed
|
Merge pull request from GHSA-7pxq-6xx9-xpgm
* fix: fix improper authorization when accessing with third-party application
* refactor: refactor type definitions
* fix: get rid of unnecessary access limitation
* enhance: サードパーティアプリケーションがWebsocket APIを使えるように
* fix: add missing parentheses
* Revert "fix(backend): add missing kind definition for admin endpoints to improve security"
This reverts commit 5150053275 .
* frontend: 翻訳の抜けを訂正, read:adminとwrite:adminはアクセス発行トークンのデフォルトでは非表示にする
* enhance(test): misskey-ghsa-7pxq-6xx9-xpgmに関するテストを追加
* enhance(test): Websocket APIに対するテストも追加
* enhance(refactor): `@/misc/api-permissions.ts`を`misskey-js/permissions`に統合
* fix(frontend): アクセストークン発行UIで全ての権限を有効にした際、管理者用APIへのアクセスも許可してしまう問題を修正
* enhance(backend): Websocketの接続に最低限必要な権限を変更
* fix(backend): `/api/admin/meta`をサードパーティアプリケーションからはアクセスできないように
* fix(backend): エンドポイントにアクセスするために必要な権限を変更
* fix(frontend/locale): Add missing type declaration
* chore: update `misskey-js/src/autogen`
---------
Co-authored-by: tamaina <tamaina@hotmail.co.jp>
|
2023-12-27 15:08:59 +09:00 |
|
syuilo
|
1fa1d31696
|
perf(backend): createdAtをidから取得するように & 無駄なDateインスタンスの生成を避けるように
|
2023-10-16 10:45:22 +09:00 |
|
syuilo
|
053da10e94
|
refactor(backend): update directory structure for models
|
2023-09-20 11:33:36 +09:00 |
|
syuilo
|
6cf466e5d1
|
update deps (#11820)
* update deps
* fix
* wip
* wip
* wip
* Update docker-compose.yml.example
* Delete reviewer-lottery.yml
* Update RepositoryModule.ts
* wip
* wip
* clean up
* update deps
* wip
* wip
|
2023-09-15 14:28:29 +09:00 |
|
syuilo
|
792622aead
|
refactor: prefix Mi for all entities (#11719)
* wip
* wip
* wip
* wip
* Update RepositoryModule.ts
* wip
* wip
* wip
* Revert "wip"
This reverts commit c1c13b37d2aaf3c65bc148212da302b0eb7868bf.
|
2023-08-16 17:51:28 +09:00 |
|
syuilo
|
ab3cd7b837
|
chore: add missing license identifier
|
2023-07-28 14:02:58 +09:00 |
|
Kagami Sascha Rosylight
|
eb7b5f905a
|
feat(backend): support OAuth 2.0 authorization (#11053)
* feat(backend): support OAuth 2.0 authorization
* secureRndstr fix
* nanndekowareta
* nanndekowareta2
* nanndekowareta3
* unref?
* refactor to not close fastify
* use microformats-parser
* Update OAuth2ProviderService.ts
* clarify the reason behind dns lookup
* refactor(backend): use @types/oauth2orize-pkce (#11350)
* refactor(backend): use @types/oauth2orize-pkce
* Update package.json
* Update pnpm-lock.yaml
---------
Co-authored-by: Kagami Sascha Rosylight <saschanaz@outlook.com>
---------
Co-authored-by: mtgto <hogerappa@gmail.com>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
|
2023-07-27 18:51:58 +09:00 |
|