Tree: 6b48a37066

0.1.1

backend-refactor

btrimports

dependabot/npm_and_yarn/test/automated/browser/cypress/request-and-cypress-3.0.1

develop

gek/admin-api-disable-cors

gek/auto-complete-chat-input

gek/browser-test-errors

gek/ffmpeg-6

gek/fix-access-token-validation

gek/initial-replay-functionality

gek/ios-browser-notifications

gek/load-tests

gek/new-load-tests

gek/router-refactor

gek/test-caches

gek/transcoder-log

gek/user-repository

gek/video-test-page

l10n_localization

localization

localization_updates

renovate/cssnano-5.x

renovate/knip-3.x

renovate/nextjs-monorepo

renovate/preact-10.x

renovate/react-monorepo

renovate/regexpu-core-6.x

renovate/stylelint-15.x-lockfile

renovate/stylelint-16.x

renovate/video.js-7.x

replays-clips

replays-clips-recordings

vaapi-hardware-decoding

v0.0.1

v0.0.10

v0.0.11

v0.0.12

v0.0.13

v0.0.2

v0.0.3

v0.0.4

v0.0.5

v0.0.6

v0.0.7

v0.0.8

v0.0.9

v0.1.0

v0.1.1

v0.1.2

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '6b48a37066'

${ noResults }

Commit Graph

7 Commits (6b48a370665cab51abef8f365fba1a29c72ae954)

Author	SHA1	Message	Date
Gabe Kangas	a6dbc37a84	fix: add additional validation before making remote requests (#3398)	2 years ago
Gabe Kangas	85e7af3d5f	Update to Go 1.20 + run better align (#2927) ... * chore(go): update go version to 1.20. Closes #2185 * chore(go): run better align against project To optimize struct field order. Closes #2870 * chore(go): update CI jobs to use Go 1.20 * fix(go): linter warnings for Go 1.20 update	2 years ago
Gabe Kangas	f40135dbf2	fix: disable redirects to guard against possible SSRFs	2 years ago
Gabe Kangas	3894f410d2	Enforce https before indieauth parsing. For #2492	3 years ago
Gabe Kangas	87eeeffa1c	Prune expired auth requests + add global max limit. Closes #2490	3 years ago
Gabe Kangas	26eebf47d5	Pass back actual error payload	3 years ago
Gabe Kangas	b835de2dc4	IndieAuth support (#1811) ... * Able to authenticate user against IndieAuth. For #1273 * WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272 * Add migration to remove access tokens from user * Add authenticated bool to user for display purposes * Add indieauth modal and auth flair to display names. For #1273 * Validate URLs and display errors * Renames, cleanups * Handle relative auth endpoint paths. Add error handling for missing redirects. * Disallow using display names in use by registered users. Closes #1810 * Verify code verifier via code challenge on callback * Use relative path to authorization_endpoint * Post-rebase fixes * Use a timestamp instead of a bool for authenticated * Propertly handle and display error in modal * Use auth'ed timestamp to derive authenticated flag to display in chat * don't redirect unless a URL is present avoids redirecting to `undefined` if there was an error * improve error message if owncast server URL isn't set * fix IndieAuth PKCE implementation use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding * return real profile data for IndieAuth response * check the code verifier in the IndieAuth server * Linting * Add new chat settings modal anad split up indieauth ui * Remove logging error * Update the IndieAuth modal UI. For #1273 * Add IndieAuth repsonse error checking * Disable IndieAuth client if server URL is not set. * Add explicit error messages for specific error types * Fix bad logic * Return OAuth-keyed error responses for indieauth server * Display IndieAuth error in plain text with link to return to main page * Remove redundant check * Add additional detail to error * Hide IndieAuth details behind disclosure details * Break out migration into two steps because some people have been runing dev in production * Add auth option to user dropdown Co-authored-by: Aaron Parecki <aaron@parecki.com>	3 years ago