Permalink
Commits on Feb 17, 2012
Commits on Feb 15, 2012
  1. Bump to version 0.3.0

    rfk committed Feb 15, 2012
  2. cleaned up

    tarekziade committed Feb 15, 2012
Commits on Feb 14, 2012
  1. Replace two-legged OAuth with MAC Access Auth.

    The MAC Access Auth signatures are much easier to generate and to
    verify, plus we get to avoid the confusion sometimes caused by the
    phrase "two-legged OAuth".
    rfk committed Feb 14, 2012
  2. Bump version to 0.2.0

    rfk committed Feb 14, 2012
Commits on Feb 13, 2012
  1. some more documentation + typo

    almet committed Feb 13, 2012
  2. The 'applications' parameter is not anymore given in the plugin (but …

    …in the TokenManager instead)
    almet committed Feb 13, 2012
Commits on Feb 9, 2012
  1. Merge pull request #3 from mozilla-services/token-manager-extensibility

    Minor changes in the token manager for extensibility
    rfk committed Feb 9, 2012
  2. Minor changes in the token manager for extensibility

    Request verification is now done in a separate method, so it is simpler to
    extend the `SignedTokenManager` class to have a different behavior (if we want
    to reject other requests than the ones based only on the "{application}"
    pattern.
    almet committed Feb 9, 2012
  3. fix typo in comment

    rfk committed Feb 9, 2012
  4. Merge pull request #2 from mozilla-services/ametaireau/multiple-appli…

    …cations-2nd-take
    
    Support for pattern-matching in the token_url, and extra data returned along with the token.
    rfk committed Feb 9, 2012
Commits on Feb 8, 2012
Commits on Feb 7, 2012
  1. preparing version 0.1.0

    rfk committed Feb 7, 2012
Commits on Feb 6, 2012
  1. Flake8ify

    almet committed Feb 6, 2012
Commits on Feb 3, 2012
  1. Allow the TokenManager to reject certain email addresses.

    This might be useful if e.g. it looks up the email in a database of
    existing users, and rejects any that don't exist.
    rfk committed Feb 3, 2012
Commits on Feb 2, 2012
  1. Make SignedTokenManager use encoded JSON by default.

    This is much closer to the intended token format for the Sagrada Token
    Server, which will make it easier to re-use.
    rfk committed Feb 2, 2012
Commits on Jan 30, 2012
  1. Ensure that invalid creds always result in a 401 response.

    By contrast, a request with *no* credentials will only generate a 401
    if the challenge decider thinks that it should.
    rfk committed Jan 30, 2012
  2. Use Authorization header to send creds, rather than post body.

    This opens up the possibility of supporting multiple auth schemes
    sometime in the future.
    rfk committed Jan 30, 2012
  3. Update license to MPL 2.0

    rfk committed Jan 30, 2012
Commits on Jan 11, 2012