stable
Clone or download
Read-only
Project admin can choose if the usage of PKCE [0] is mandatory or not when creating a new OAuth2 app
App that are not forced to use PKCE can still decide to use it opportunistically if they can but it will not be enforced. For now, the information is only stored and displayed. PKCE is recommended when using the authorization code grant [1] and might become mandatory in future versions of OAuth2. Security recommendations make the support of PKCE mandatory for authorization servers. This is part of story #14542: have OAuth2 flow [0] https://tools.ietf.org/html/rfc7636 [1] https://tools.ietf.org/html/draft-ietf-oauth-security-topics-14#section-2.1.1 Change-Id: I37e3df3155c2be487344819cdd5ad2e75497ff81
Modified Files
| Name | ||||
|---|---|---|---|---|
| M | plugins/oauth2_server/db/install.sql | +2 | −1 | Go to diff View file |
| A | plugins/oauth2_server/db/mysql/2020/202003181545_add_use_pkce_column_oauth2_server_app.php | +50 | −0 | Go to diff View file |
| M | plugins/oauth2_server/include/App/AppDao.php | +7 | −6 | Go to diff View file |
| M | plugins/oauth2_server/include/App/AppFactory.php | +3 | −3 | Go to diff View file |
| M | plugins/oauth2_server/include/App/NewOAuth2App.php | +16 | −2 | Go to diff View file |
| M | plugins/oauth2_server/include/App/OAuth2App.php | +12 | −1 | Go to diff View file |
| M | plugins/oauth2_server/include/ProjectAdmin/AddAppController.php | +2 | −1 | Go to diff View file |
| M | plugins/oauth2_server/include/ProjectAdmin/AppPresenter.php | +4 | −1 | Go to diff View file |
| M | plugins/oauth2_server/include/ProjectAdmin/ProjectAdminPresenterBuilder.php | +2 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/App/AppFactoryTest.php | +17 | −13 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/App/ClientIdentifierTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/App/LastCreatedOAuth2AppStoreTest.php | +1 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/App/NewOAuth2AppTest.php | +10 | −9 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/App/OAuth2AppCredentialVerifierTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationCodeResponseFactoryTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointGetControllerTest.php | +4 | −4 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationEndpointPostControllerTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationFormPresenterBuilderTest.php | +1 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/AuthorizationServer/AuthorizationFormRendererTest.php | +1 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/Grant/AccessTokenGrantControllerTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/Grant/AuthorizationCode/OAuth2AuthorizationCodeCreatorTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/Grant/OAuth2ClientAuthenticationMiddlewareTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/ProjectAdmin/ProjectAdminPresenterBuilderTest.php | +4 | −4 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/User/Account/AppsPresenterBuilderTest.php | +2 | −0 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/User/AuthorizationComparatorTest.php | +1 | −1 | Go to diff View file |
| M | plugins/oauth2_server/phpunit/User/AuthorizedScopeFactoryTest.php | +3 | −3 | Go to diff View file |
| M | plugins/oauth2_server/site-content/fr_FR/LC_MESSAGES/tuleap-oauth2_server.po | +6 | −0 | Go to diff View file |
| M | plugins/oauth2_server/templates/app-add-modal.mustache | +5 | −0 | Go to diff View file |
| M | plugins/oauth2_server/templates/project-admin.mustache | +2 | −0 | Go to diff View file |
| M | plugins/oauth2_server/tests/integration/AccessToken/OAuth2AccessTokenDAOTest.php | +2 | −0 | Go to diff View file |
| M | plugins/oauth2_server/tests/integration/Grant/AuthorizationCode/OAuth2AuthorizationCodeDAOTest.php | +2 | −0 | Go to diff View file |