Permalink
Commits on Jan 17, 2018
  1. Merge pull request #71 from kivra/hn-otp

    plux committed Jan 17, 2018
    Pass on error from authenticate_user
Commits on Jan 16, 2018
  1. Update specs

    plux committed Jan 16, 2018
Commits on Jan 12, 2018
  1. Pass on error from authenticate_user

    plux committed Dec 19, 2017
Commits on Nov 7, 2017
  1. Tag 0.7.0

    plux committed Nov 7, 2017
  2. Merge pull request #70 from kivra/fix-response-record-types

    plux committed Nov 7, 2017
    Response record fields can be undefined
Commits on Nov 6, 2017
  1. Response record fields can be undefined

    plux committed Nov 6, 2017
Commits on Apr 20, 2016
  1. Merge pull request #65 from mdaguete/relation_refresh_and_access

    bipthelin committed Apr 20, 2016
    Relation refresh and access token via access token context
  2. Merge pull request #64 from mdaguete/implicit_grant

    bipthelin committed Apr 20, 2016
    Implicit Grant doesn't need client secret
Commits on Mar 11, 2016
Commits on Feb 25, 2016
  1. Implicit Grant doesn't need client secret

    mdaguete committed Feb 25, 2016
    As RFC mentions:
    
    > The implicit grant type does not include client authentication, and
       relies on the presence of the resource owner and the registration of
       the redirection URI.
    
    Client secret is not needed.
Commits on Feb 18, 2016
Commits on Feb 17, 2016
Commits on Feb 8, 2016
  1. Tag 0.6.1

    bipthelin committed Feb 8, 2016
Commits on Sep 11, 2015
  1. Merge pull request #60 from synlay/feature/otp_18.0_tweaks

    bipthelin committed Sep 11, 2015
    Tweaks for OTP 18.0 support and dependency updates
Commits on Sep 9, 2015
  1. Update dependencies and introduce a compiler directive for proper bui…

    drobakowski committed Sep 9, 2015
    …lds with OTP >= 18
    
    The rebar option 'require_otp_vsn' was removed and replaced through
    'require_min_otp_vsn' in order to support future OTP releases right
    away.
Commits on Apr 1, 2015
  1. oauth2_backend:verify_redirection_uri/3 should take client's identity

    bipthelin committed Apr 1, 2015
    auth_client/3 likely takes the client's credentials, performs a database
    query, and returns the client's identity. verify_client_scope/3 should
    take this identity and not the credentials again, so a repeated query
    can be avoided. This is consistent with how
    oauth2:authorize_code_grant/4, oauth2:authorize_code_request/5 and
    oauth2_mock_backend:verify_redirection_uri/3 are already implemented.
Commits on Nov 18, 2014
  1. Merge branch 'bt-6.0'

    bipthelin committed Nov 18, 2014
  2. Change types

    bipthelin committed Nov 18, 2014
Commits on Nov 14, 2014
  1. Typo in map-tests

    bipthelin committed Nov 14, 2014
Commits on Nov 13, 2014
  1. Add RefreshTokenExpiresIn

    bipthelin committed Nov 13, 2014
  2. Typo

    bipthelin committed Nov 13, 2014
Commits on Nov 12, 2014
  1. Refactor for 0.6

    bipthelin committed Nov 12, 2014
  2. Adds response_type/grant_type parameter to API

    bipthelin committed Nov 12, 2014
    WARNING: Breaks the compatibility with any code using the library
    The specification of Authorization Code Grant and Implicit Grant
    requires that unsupported_response_type errors are sent to the redirect
    URI if this is valid (see 4.1.2.1 and 4.2.2.1). In order to facilitate
    this, authorize_code_request and authorize_password have been modified
    to return unsupported_response_type when response_type in the request is
    wrong but client and redirect_uri are valid.
    response_type or grant_type parameters have been added to every other
    API function for the shake of consistency.
    See an example of how this API could be used in
    
    https://github.com/IvanMartinez/oauth2_webmachine/tree/test
Commits on Aug 20, 2014
  1. Roll a new tag

    bipthelin committed Aug 20, 2014
Commits on Aug 19, 2014
  1. Add functions for implicit grant

    bipthelin committed Aug 19, 2014
    Added `authorize_password/7` to aid in implementing `implicit_grant`(4.2)
    To validate a public client(just validate the redirection_uri) and a
    authenticate a user and issue a token use:
    
    ```erlang
    {ok, {Ctx, Auth}} =
        oauth2:authorize_password( CLIENT_ID
                                 , CLIENT_SECRET
                                 , CLIENT_REDIR_URI
                                 , UNAME
                                 , UPWD
                                 , USCOPE
                                 , CONTEXT ),
    {ok, {Ctx, Response}} = oauth2:issue_token(Auth, Ctx),
    ```
Commits on Aug 18, 2014
  1. Prepare 0.5.1

    bipthelin committed Aug 18, 2014
  2. Merge pull request #42 from synlay/feature/oauth2_response_to_map_con…

    bipthelin committed Aug 18, 2014
    …venience_function
    
    Introduce new convenience function oauth2_response:to_map/1