1. 30 May, 2014 1 commit
    • Christophe de Vienne's avatar
      Implements revalidate_login · caf6b4f8822b
      Christophe de Vienne authored
      I the case of the oauth WebAuthRetriever classes, revalidate_login should always
      lead to an invalid session because if one of the retriever finds some authentication
      data in the form, the authentication process must be runned.
      Closes #3905894
  2. 28 Apr, 2014 2 commits
    • Christophe de Vienne's avatar
      port to cw 3.19 + Rework the authentication process. · 0222a46b60ab
      Christophe de Vienne authored
      Avoid extra redirections by handling the second oauth phase directly in a
      This make the 'login_now' function useless (\o/)
      Port the code to cubicweb 3.19.
      Closes #3905895
      Closes #3203148
    • Christophe de Vienne's avatar
      [schema] Add composite on a few relations · bc93e739b1a2
      Christophe de Vienne authored
      The following behaviors are expected :
      *   ExternalAuthProvider deletion should delete the linked ExternalAuthService
          and ExternalIdentity.
      *   OAuth2Session should be deleted if its 'external_identity' or 'service' is
  3. 04 Apr, 2014 1 commit
    • Christophe de Vienne's avatar
      Use the request build_url function. · d84042e5113e
      Christophe de Vienne authored
      Building the redirection url without the request is an issue when the site is accessed
      by https.
      This make use of the req.build_url function in the web authentication retriever, so it
      forges a consistent redirect_url for the oauth service.
      Closes #3708047.
  4. 08 Jan, 2014 1 commit
  5. 01 Oct, 2013 2 commits
  6. 30 Sep, 2013 1 commit
  7. 25 Sep, 2013 2 commits
  8. 03 Sep, 2013 1 commit