1. 26 Jul, 2012 1 commit
  2. 13 Jul, 2012 7 commits
  3. 11 Jul, 2012 2 commits
  4. 10 Jul, 2012 4 commits
  5. 09 Jul, 2012 2 commits
  6. 08 Jul, 2012 1 commit
    • Rafael Monnerat's avatar
      Sometimes section is not present · b3595458
      Rafael Monnerat authored
      Sometimes on configuration product-config can be defined but promise-path and
      site id isn't, like for example when some instance use DeadlockDebugger.
      b3595458
  7. 06 Jul, 2012 1 commit
  8. 04 Jul, 2012 1 commit
  9. 28 May, 2012 1 commit
  10. 21 May, 2012 1 commit
  11. 18 May, 2012 6 commits
  12. 09 May, 2012 1 commit
  13. 03 May, 2012 3 commits
  14. 02 May, 2012 5 commits
  15. 26 Apr, 2012 4 commits
    • Łukasz Nowak's avatar
    • Łukasz Nowak's avatar
      Improve "interface". · 0f4b26a3
      Łukasz Nowak authored
      Return token on addition.
      Use proxied scripts to access whole system in order to allow unprivileged user
      to manage own tokens.
      Update roles immediately in order to give unprivileged user access to
      validated token.
      0f4b26a3
    • Łukasz Nowak's avatar
      Delegate token validation. · d2279cd9
      Łukasz Nowak authored
      By requiring token_validation_method extraction plugin is only responsible
      for low level implementation.
      d2279cd9
    • Łukasz Nowak's avatar
      Improve token management. · fad3d37b
      Łukasz Nowak authored
      BearerTokenModule_addNewToken allows to add token for Person passed as
      destination_reference. In case if Person has no key assigned new one is
      generated.
      
      BearerToken_isValid allows to validate token against (possibly) related person
      object.
      
      Base_getHMAC is low level interface to hmac module.
      
      In order to made tokens unique use User-Agent and REMOTE_ADDR in token
      generation body. Thanks to this token will be narrowed to one broswer. In order
      to avoid reuse token on different servers add Host.
      
      Key to generate HMAC are stored on Person object using bearer_token_key property.
      fad3d37b