Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

157 lines (134 sloc) 6.43 KB
- OAuth 1 requests using query or form encoded parameters where being interpreted as OAuth2 [pelleb]
- OAuth 2 requests were not checking for invalidated tokens. Please upgrade for this if you offer OAuth 2 [rymai]
- Handle case where credentials[:options] in consumer plugin was nil [marnen]
- Better facebook example [marnen]
- fixes issue with erb generator in rails 3 [pelleb]
- various cleanups in generators [akonan]
- protect oauth consumer relay with :expose configuration option. It's off by default. [pelle]
- Reenable twitter client. It is now configurable for twitter tokens. :client=>:twitter_gem or :oauth_gem [pelle]
- fix issues with new consumer tokens [afeld]
- More forgiving about oob callback values[chrisrhoden]
- Update Twitter consumer to use latest Twitter Gem [afeld]
- removed portable_contacts client from Google Token [p8]
- Fixes various mongoid issues [3en]
- Adds oauth2 consumer support
- Fixes oauth2 provider. parameter should be redirect_uri not redirect_url [Kimtaro]
- Most core OAuth functionality is being put into OAuthFilter. This means Rails 2.3 and above only
- Fixed bug when creating a new user from a new consumer token
- Fix typo in consumer token [krasio]
- Fix issue with mongoid not supporting find_by_x style queries. [3en]
- Experimental rack filter for OAuth 1.0a:
see lib/oauth/rack/oauth_filter.rb for details
- mongoid defaults to being embedded
- new :auto_login option in oauth_config.rb which lets you use eg. twitter as a primary authentication method
- mongoid support in rails 3 [Alexander Semyonov]
- OAUTH 2.0 authorization_code and password grant types
- Supports OAuth 2.0 draft 10 (Note this is incompatible with previous drafts)
- Refactored application_controller_methods to be a lot less intrusive
- Increased default token and key size in anticipation of OAuth2 support
- Rails 3 support
- Rails 3 generators [Paul Rosiana] and patches by [Alexander Flatter]
- Modularized Rails 3 generators [Alexander Semyonov]
- Callback urls now allow query parameters. Multiple patches but I used [Unk]'s.
- Fixed the class generation when you have a custom token defined. [Brian Morearty]
- Got rid of yahoo token. To support it correctly requires way too much work. Let them suffer the consequences of their decissions.
- GoogleToken now uses portablecontacts gem
- Added a simple PortableContacts adapter for GoogleToken
- Added a SimpleClient wrapper to provide really simple wrapper for OAuth based json web services
- Increased token size in consumer_tokens table because of Yahoo's oversized tokens
- Added support for Yahoo
- Added support for Google (Boon Low)
- Moved twitter tokens dependency back to regular twitter gem
- Closed blocks in erb template (jcrosby) while pelle is hiding under his desk
- Handled error case on authorize with non existent token
- Fixed Agree2 token
- Security Fix: Only skip verify_authenticity_token for specific oauth token requests in provider controller
- Added an Index to oauth consumers controller. Rerun generator to create index template
- Added invalidate action to provider, which allows a token to invalidate itself /oauth/invalidate
- Added capabilities action to provider. Lets you expand to allow auto discovery of permissions and services that token provides.
- Can override how authorize form indicates an authorization. To get around ugly checkbox
def user_authorizes_token?
params[:commit] == 'Authorize'
- Fixed Gem Plugins Loading
- A blushing Pelle adds a missing file
- Twitter, Agree2 and FireEagle tokens are working in consumer.
- made it a gem
- more thorough tests of OAuth 1.0 consumer
- Add support for a OAUTH_10_SUPPORT constant to switch on support for OAuth 1.0 in provider
- Added support for OAuth 1.0 consumers (nov)
- Added back support for OAuth 1.0 for providers (nov)
- Added OAuth Consumer generator
- Moved oauth controller code to a module to make it easier to upgrade in the future
- Added support for OAuth version 1.0a
- Added haml support
- Improved OAuth Client Controller gui (alec-c4)
- Fixed escaping error and file path error in the generator simultaneously reported and fixed by Ivan Valdes and Mike Demers thanks
- Fixed compatibility issue with OAuth Gem 3.1 (wr0ngway and aeden)
- Added Test:Unit tests to generator (Ed Hickey)
- added missing oauth_clients/edit.html.erb view template (Ed Hickey)
- added missing :oauth_clients resource route in USAGE (Ed Hickey)
- Don't throw NPE it token is not in db (Haruska)
- Cleaned up whitespace (bricolage, Nicholas Nam)
- Fixed bug in default verify_oauth_signature (igrigorik)
- Doc fixes (skippy)
- Split OAuth controller into two parts: OAuth and OAuth clients. [jcrosby]
revision 31
- patch that fixes a problem in oauth_required from Hannes Tyden and Sean Treadway from SoundCloud. Thanks.
revision 30
- updated to use oauth gem 0.2.1
revision 23
- removed all core libraries from plugin. They are now in the oauth gem.
# oauth-plugin-pre-gem Branch created
revision 18
- added a generator for creation oauth_providers
revision 12
- the bug with post and put has now been fixed.
- better documentation
revision 9
- added a test helper. Include OAuth::TestHelper in your tests or specs to mock incoming requests
revision: 8
- moved tests into oauth folder and renamed them to make them work with autotest by default
- Refactored the request methods to make them more flexible and ready for integrating with ActiveResource
- There are a few tests that fail. All of them to do with put and post requests with payload data. I decided to commit anyway, to get the new api out.
revision: 7
- Done a lot of work on the Server side of things. The Server class has changed a lot and is likely to be incompatible with previous versions
revision: 6
- Throws InsecureSignatureMethod exception if attempting to use straight sha1 or md5.
- Disables plaintext signature over http (throws an InsecureSignatureMethod)
- Better testing of signature methods - the prior tests were seriously flawed.
revision: 5
- Removed support for sha1 and md5
- Implemented draft 6 support of OAuth removing secrets from base string
Jump to Line
Something went wrong with that request. Please try again.