mirror of https://github.com/tootsuite/mastodon
Remove OAuth Password Grant Type support (#30960)
parent
e975b55c24
commit
454d21ab5a
|
@ -9,16 +9,9 @@ Doorkeeper.configure do
|
||||||
current_user || redirect_to(new_user_session_url)
|
current_user || redirect_to(new_user_session_url)
|
||||||
end
|
end
|
||||||
|
|
||||||
resource_owner_from_credentials do |_routes|
|
# Disable Resource Owner Password Credentials Grant Flow
|
||||||
user = User.authenticate_with_ldap(email: request.params[:username], password: request.params[:password]) if Devise.ldap_authentication
|
resource_owner_from_credentials do
|
||||||
user ||= User.authenticate_with_pam(email: request.params[:username], password: request.params[:password]) if Devise.pam_authentication
|
nil
|
||||||
|
|
||||||
if user.nil?
|
|
||||||
user = User.find_by(email: request.params[:username])
|
|
||||||
user = nil unless user&.valid_password?(request.params[:password])
|
|
||||||
end
|
|
||||||
|
|
||||||
user unless user&.otp_required_for_login?
|
|
||||||
end
|
end
|
||||||
|
|
||||||
# Doorkeeper provides some administrative interfaces for managing OAuth
|
# Doorkeeper provides some administrative interfaces for managing OAuth
|
||||||
|
@ -169,7 +162,7 @@ Doorkeeper.configure do
|
||||||
# http://tools.ietf.org/html/rfc6819#section-4.4.3
|
# http://tools.ietf.org/html/rfc6819#section-4.4.3
|
||||||
#
|
#
|
||||||
|
|
||||||
grant_flows %w(authorization_code password client_credentials)
|
grant_flows %w(authorization_code client_credentials)
|
||||||
|
|
||||||
# Under some circumstances you might want to have applications auto-approved,
|
# Under some circumstances you might want to have applications auto-approved,
|
||||||
# so that the user skips the authorization step.
|
# so that the user skips the authorization step.
|
||||||
|
|
Loading…
Reference in New Issue