• last updated 22 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
added cacnvas support to public repo

improved spelling

  1. … 15 more files in changeset.
use everywhere util::json2dict

  1. … 2 more files in changeset.
improved spelling

  1. … 14 more files in changeset.
"An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing"

See e.g. https://cloud.google.com/blog/products/data-analytics/iframe-sandbox-tutorial

We set in xooauth/tcl/lti-procs.tcl a restrictive default (all sandboxing restrictions are applied by default). Users should relax it according to their embedded application.

xooauth/www/admin/lti-test.tcl is not really a productive file, so we set the already hardcoded value to no-sandboxing and note that this would be appropriate.

  1. … 1 more file in changeset.
improved error handling, when mapped fields are missing

fix typos

bugfix for azure content with multibyte characters

This change fixes two bugs:

a) base64decode was used instead of base64urldecode

b) the binary flag is harmful, since this leads to double-encoding

Many thanks to Sebastian Scheder for the fix.

do not abbreviate tcl names

Replace deprecated api

Move doc so that the api-doc can pick it up

use in the configuration file more consistent names

All OpenACS package con be configured via the path

ns/server/[ns_info server]/acs/PACKAGE_NAME, so use as well

this nameing convention for the OAuth parameters.

Examples are:

ns_section ns/server/$server/acs/oauth/ms {

#

# Defaults for client ID and secret for the app (administrative

# agent) "ms::app" and the external identity provider for azure,

# which might be created via

#

# ::ms::Graph create ::ms::app

# ::ms::Authorize create ::ms::azure

#

ns_param client_id "..."

ns_param client_secret "..."

ns_param tenant "..."

ns_param version "v1.0"

}

ns_section ns/server/$server/acs/oauth/github {

#

# Defaults for client ID and secret for the the external identity

# provider github, which might be created via

#

# ::xo::oauth::GitHub create ::xo::oauth::github

#

ns_param client_id "..."

ns_param client_secret "..."

}

use consistently the term "return_url"

Record the fact that a certain user_id was created via an OAuth identity provider.

  1. … 1 more file in changeset.
use oauth state to transport a nonce and a return_url

  1. … 2 more files in changeset.
fix typo

Avoid "ad_url" for producing fully qualified URLs

"ad_url" is not subsite aware.

enforce providing of "given_name" and "family_name" only, when creating of not yet registered users is configured

Added support for using GitHub as an identity provider

The handler allows using GitHub as an identity provider for

logins. The GitHub account of the user must have an email address

configured. Optionally, new OpenACS accounts can be created based on

the identity data provided from GitHub.

This functionality is very similar to using Azure accounts via the

Microsoft identity platform provider.

Setup instructions will follow soon.

  1. … 5 more files in changeset.
make scope and response_type for ms::Authorize configurable

Added support for v2.0 for "Microsoft identity platform ID tokens"

  1. … 2 more files in changeset.
Provide external registry information for usage in the login cookie

- This allows a logout operation from Azure, when login happend from

there as well.

- Bump version number to 0.4d3

  1. … 1 more file in changeset.
Added preliminary support for Microsoft identity platform ID tokens

  1. … 2 more files in changeset.
added minimal comments

Fix typo, make mailNickname required as per Microsoft specs (see https://learn.microsoft.com/en-us/graph/api/team-clone?view=graph-rest-1.0&tabs=http#request-body)

Many thanks to Sebastian Scheder

initialize list for cases, where no parameters are provided.

not sure, whether such requests are useful, nut at least, these

should not error out.

improve spelling

  1. … 4 more files in changeset.
prefer dict over anonymous array

Document public api

  1. … 1 more file in changeset.
Add documentation to public api