An error occurred fetching the project authors.
  1. 17 Sep, 2012 7 commits
    • Łukasz Nowak's avatar
      Return also expiration time. · ed739a7a
      Łukasz Nowak authored
      ed739a7a
    • Łukasz Nowak's avatar
      Simplify. · 97dc0a2e
      Łukasz Nowak authored
      Use volatile cache to store tokens and one key per site.
      97dc0a2e
    • Łukasz Nowak's avatar
      Drop not needed log. · b2bb008e
      Łukasz Nowak authored
      b2bb008e
    • Łukasz Nowak's avatar
      Do not use Host header. · 5f46d31b
      Łukasz Nowak authored
      Token server can be totally different then resource server.
      5f46d31b
    • Łukasz Nowak's avatar
      Improve "interface". · f55c9148
      Łukasz Nowak authored
      Return token on addition.
      Use proxied scripts to access whole system in order to allow unprivileged user
      to manage own tokens.
      Update roles immediately in order to give unprivileged user access to
      validated token.
      f55c9148
    • Łukasz Nowak's avatar
      Improve token management. · 8ea51d93
      Łukasz Nowak authored
      BearerTokenModule_addNewToken allows to add token for Person passed as
      destination_reference. In case if Person has no key assigned new one is
      generated.
      
      BearerToken_isValid allows to validate token against (possibly) related person
      object.
      
      Base_getHMAC is low level interface to hmac module.
      
      In order to made tokens unique use User-Agent and REMOTE_ADDR in token
      generation body. Thanks to this token will be narrowed to one broswer. In order
      to avoid reuse token on different servers add Host.
      
      Key to generate HMAC are stored on Person object using bearer_token_key property.
      8ea51d93
    • Łukasz Nowak's avatar
      fae29934
  2. 25 Mar, 2011 1 commit
  3. 13 Jan, 2011 1 commit
  4. 25 Mar, 2006 1 commit
  5. 02 Dec, 2005 3 commits