delta/gitlab/gitlab-ce.git/config/initializers/doorkeeper.rb, branch document-lambda-deploy gitlab.com: gitlab-org/gitlab-ce.git Merge branch 'security-fix-uri-xss-applications' into 'master' 2018-11-29T00:14:15+00:00 Cindy Pallares cindy@gitlab.com 2018-11-28T22:53:48+00:00 5736d6606ad7c6d729baa6c4ef789a47ada4ceda [master] Resolve "Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols" See merge request gitlab/gitlabhq!2572 
[master] Resolve "Reflected XSS in OAuth Authorize window due to redirect_uri allowing arbitrary protocols"

See merge request gitlab/gitlabhq!2572
 Enabling Doorkeeper reuse_access_token option 2018-06-29T09:40:41+00:00 Francisco Javier López fjlopez@gitlab.com 2018-06-29T09:40:41+00:00 02709334d4013073dffe5b6c2fd6ff7377b87ba9 






Fix OAuth application authorization screen to appear with every access
2018-06-29T08:15:42+00:00

Francisco Javier López
fjlopez@gitlab.com

2018-06-29T08:15:42+00:00

7a0bb214f33bf25af7e5a53981f93b95ac6a4235












Define custom base controller for Doorkeeper
2018-04-30T09:40:51+00:00

Bob Van Landuyt
bob@vanlanduyt.co

2018-04-26T10:05:18+00:00

0f593b1c579c272f681696b96a8fc6aa32342ae6

Since we only need the `can?` view helpers there, it's better to
include those in a separate controller.

If we inherit from `ApplicationController` we also need to deal with
authentication, that needs to be done in some, but not all doorkeeper controllers.





Since we only need the `can?` view helpers there, it's better to
include those in a separate controller.

If we inherit from `ApplicationController` we also need to deal with
authentication, that needs to be done in some, but not all doorkeeper controllers.







Specify base controller for Doorkeeper
2018-02-28T11:05:19+00:00

Bob Van Landuyt
bob@vanlanduyt.co

2018-02-27T11:03:22+00:00

417e3ba8e3f02361a8fecd116f269fe69732a3b5

This will make sure the `ApplicantionController#can?` method is
available for views rendering menus based on the current user's abilities.





This will make sure the `ApplicantionController#can?` method is
available for views rendering menus based on the current user's abilities.







Clean up read_registry scope changes
2017-09-18T12:39:01+00:00

Robin Bobbitt
ryehle@us.ibm.com

2017-09-15T15:43:49+00:00

0013e6c00dc1743edb35b9b35a59c09fa0a0868e

Closes #37789





Closes #37789







Backport gitlab-ee!2456
2017-07-27T16:09:46+00:00

Oswaldo Ferreira
oswaldo@gitlab.com

2017-07-24T20:45:12+00:00

e561b142fa7c9dd636fd056fc0a6c84961d0cd46












#20628 Enable implicit flow in Gitlab as OAuth Provider
2017-07-07T14:54:48+00:00

Mateusz Pytel
mateusz.pytel.87@gmail.com

2017-07-07T14:52:45+00:00

a7c571ae4d547443bd33b1d7f6e5819351239113

Closes #20628 by re-enabling implicit grant in Doorkeeper config. OAuth2 documentation refactored. 





Closes #20628 by re-enabling implicit grant in Doorkeeper config. OAuth2 documentation refactored. 







Add specs for Doorkeeper resource_owner_authenticator
2017-03-07T14:08:15+00:00

Markus Koller
markus-koller@gmx.ch

2017-02-08T19:23:43+00:00

b2ca28d24bfbb0a574fccdf1ea05d549ccd6bf66












Implement OpenID Connect identity provider
2017-03-07T13:54:35+00:00

Markus Koller
markus-koller@gmx.ch

2016-12-09T17:36:50+00:00

c4982890489d254da2fe998aab30bf257767ed5e