github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
12,692 Commits 1,974 Branches 1,623 Tags
04135ffa414a3fb55b94de8010499ab2797f07ed
Commit Graph

112 Commits

Author SHA1 Message Date
Emily Stark
1c6a11e243 Make tool able to do oauth against new and old OAuth configurations 
Previously, the tool was hard-coded to use "?close" at the end of
redirect uris when it did OAuth flows with e.g. package servers or build
farms. Now, we use the same logic that the server uses to compute its
redirect uri: we add "?close" if a loginStyle option is present in the
configuration.
 2015-01-20 22:03:23 -08:00
David Glasser
6b204ca73a Bump package versions for 1.0.2 2014-12-19 10:31:59 -08:00
David Glasser
73b809c122 Bump versions for 1.0.2. 2014-12-11 22:44:41 -08:00
David Glasser
6ea8443f30 Update calls to addFiles, onUse, and onTest 2014-12-09 20:18:31 -08:00
David Glasser
de5f68cf70 bump all versions (due to source-map upgrade) 2014-11-25 09:06:26 -08:00
Emily Stark
cb54ae18fb Merge branch 'master' into devel 
Conflicts:
	History.md
	examples/localmarket/.meteor/release
	examples/localmarket/.meteor/versions
	packages/stylus/README.md
	tools/compiler.js
	tools/package-client.js
	tools/tests/old/app-with-private/.meteor/versions
	tools/tests/old/app-with-public/.meteor/versions
	tools/tests/old/empty-app/.meteor/versions
 2014-10-28 10:42:30 -07:00
Sashko Stubailo
ab22135543 Merge remote-tracking branch 'origin/readmes' into devel 
Conflicts:
	docs/client/full-api/packages/fastclick.html
	docs/client/full-api/packages/stylus.html
	docs/client/packages/stylus.html
	packages/blaze/README.md
	packages/spacebars-compiler/README.md
	packages/stylus/README.md
 2014-10-28 09:50:07 -07:00
Avital Oliver
2ca942f9cb Correct links to www.meteor.com project pages 2014-10-28 02:54:45 -07:00
Emily Stark
b4c10d8f61 bump package versions 2014-10-28 02:49:54 -07:00
Emily Stark
842bfac8df bump package versions for rc.11 2014-10-28 01:03:08 -07:00
Emily Stark
e50bd0d8c1 Make sure we only run cordova pageLoaded callback once per login 2014-10-28 00:58:15 -07:00
Emily Stark
171916dbdd Make sure we only run cordova pageLoaded callback once per login 2014-10-28 00:08:05 -07:00
Emily Stark
6c8c67afe8 bump package version numbers for rc.10 2014-10-27 20:03:42 -07:00
Emily Stark
3d2c0516ab Make Twitter login work in Android emulator 2014-10-27 17:12:41 -07:00
Emily Stark
89971d6205 Make Twitter login work in Android emulator 2014-10-27 17:11:50 -07:00
Sashko Stubailo
dda0c44b52 Add a bunch of READMEs 2014-10-23 15:06:33 -07:00
Sashko Stubailo
36da5aecb4 Make all version numbers not have rc 2014-10-13 14:09:37 -07:00
Sashko Stubailo
698fbedb10 Bump all of the version numbers to rc.0 2014-10-07 17:10:48 -07:00
Sashko Stubailo
1e53f6b598 Bump all version numbers again after cherry-picking unipackage fix 2014-10-01 17:06:57 -07:00
Sashko Stubailo
0129c3f5ac Bump all of the version numbers again, to republish with the unipackage.json fix 2014-10-01 15:43:05 -07:00
Sashko Stubailo
eecc272e4a Bump every single package version number due to a change in compilation 2014-09-29 23:44:50 -07:00
Paolo Scanferla
c62e3c20c1 Export same-origin check and end_of_redirect_response template. 
Export some properties to allow developers to override them to
support logging in using the OAuth redirect flow from cross origin
domain.
 2014-09-29 18:10:06 -07:00
Emily Stark
78d5969985 Make end-of-redirect response a blank page. 
We think this is better than putting un-customizable, un-formattable
text. See #2625.
 2014-09-23 14:38:22 -07:00
Emily Stark
833c6f5b4f Bump package versions for 0.9.2 2014-09-15 11:36:57 -07:00
Slava Kim
52d66644e9 Bump packages 2014-09-10 19:01:53 -07:00
Emily Stark
26eb9f0736 Only put credentials in hash fragment on Cordova. 
I don't understand why, but setting `document.location.hash` in IE8
breaks Facebook login (and only Facebook login).
 2014-09-10 11:22:12 -07:00
Emily Stark
f4e100dc14 Allow end-of-OAuth redirect URLs to be 127.0.0.1. 
We were being too restrictive about validating our redirect at the end
of the OAuth redirect flow: 127.0.0.1 is okay even if ROOT_URL is
localhost.
 2014-09-09 21:28:08 -07:00
Emily Stark
3f680f76a4 Bump package versions for 0.9.2-rc3 2014-09-09 11:11:38 -07:00
Emily Stark
8a8df1f89d Factor out 'base64' into its own package and use from 'oauth'. 
'oauth' was using 'btoa', but it's not supported in IE8-9. We already
had a base64 implementation in 'ejson', so I factored it out into its
own package used by 'ejson' and 'oauth'.
 2014-09-09 10:37:07 -07:00
Slava Kim
3decef135a Bump package versions 2014-09-05 17:55:37 -07:00
Emily Stark
e9f7f5a267 Fix sometimes-broken OAuth popup on iOS. 
If you log in and out repeatedly, the popup would fail to close every few
times. My guess is that we can't close the OAuth popup while the last
navigation is still in progress.

Also clean up event listeners on popup exit.
 2014-09-05 15:55:32 -07:00
Emily Stark
5faa9b4a90 Maintain back-compat for oauth redirect flow. 
Older clients (such as the meteor tool) should be able to login with
OAuth at newer app servers.
 2014-09-05 10:28:35 -07:00
Slava Kim
fc56f795d6 Bump versions of packages for the 0.9.2-rc0 2014-09-02 14:57:33 -07:00
Slava Kim
a6c4ed6e6e Merge branch 'release-0.9.1' into release-0.9.2 
Conflicts:
	packages/autoupdate/package.js
	packages/meteor-tool/package.js
	packages/meteor/package.js
	scripts/admin/meteor-release-experimental.json
 2014-09-02 13:49:21 -07:00
Avital Oliver
808c90e3db Bump rc versions on packages 2014-09-01 00:16:00 -07:00
Sashko Stubailo
82d1db5107 Rename Meteor.Collection to Mongo.Collection again 2014-08-29 12:28:32 -07:00
Sashko Stubailo
6b3d31ff5b Revert "Rename Meteor.Collection -> Mongo.Collection" 
This reverts commit 96952dda2b.

Conflicts:
	packages/ddp/livedata_tests.js
	packages/minimongo/minimongo.js
	packages/mongo/collection.js
	packages/mongo/mongo_driver.js
	packages/mongo/mongo_livedata_tests.js
	packages/mongo/oplog_tests.js
	packages/reactive-dict/reactive-dict.js
	packages/session/session_tests.js
	tools/auth.js
 2014-08-29 12:26:28 -07:00
Emily Stark
345d49f15a Merge branch 'cordova-hcp-oauth' into cordova-hcp 
Conflicts:
	packages/oauth/package.js
	packages/standard-app-packages/package.js
 2014-08-29 11:50:00 -07:00
Emily Stark
2de255f992 Code review comments from arbesfeld 2014-08-29 11:41:02 -07:00
Sashko Stubailo
96952dda2b Rename Meteor.Collection -> Mongo.Collection 2014-08-29 10:11:21 -07:00
Emily Stark
9ba7a6f117 Clean up OAuth redirect and Cordova flows. 
* Be less XSS-able by HTML-encoding 'config' in the end-of-login
  responses and reading it out of the DOM.
* Thread 'isCordova' through to end-of-login responses. Trying to do a
  'window.close' in Cordova, even in a try/catch, breaks the in-app
  browser.
* Remove some stray 'console.log's.
 2014-08-28 21:37:52 -07:00
Matthew Arbesfeld
ef25e736d5 wip towards oauth 2014-08-28 17:25:13 -07:00
Andrew Wilcox
2fd00e58ba Implements the "redirect" login flow, for cases such as using a mobile 
UIWebView which aren't able to use the preferred "popup" login flow.

See the specs for details:
  https://meteor.hackpad.com/OAuth-redirect-flow-spec-PeziTcaNPDP
  https://meteor.hackpad.com/OAuth-redirect-flow-part-II-vswwUKP4vXe

I extracted code to construct a URL from the `http` package into a new
`url` utility package.  The new package has no public API, it simply
has the original URL construction functions that were in `http` and
makes them available to oauth.

Fixes the Meetup account login, as Meetup now requires using
"https://api.meetup.com/2/members" instead of
"https://secure.meetup.com/2/members".

The `?close` parameter for the redirect URI is now not needed or used.
For backwards compatibility the `?close` parameter is included if the
login service configuration doesn't include the `loginStyle` field
(indicating it was created using old code).
 2014-08-28 17:25:13 -07:00
Sashko Stubailo
d3d7f0478f Replace references to mongo-livedata with mongo 2014-08-28 11:32:24 -07:00
David Glasser
26006d53dc Merge branch 'devel' into packaging 
Conflicts:
	tools/utils.js
 2014-07-30 17:40:44 -07:00
Emily Stark
1b866b729d Try window.opener first in OAuth popup, then localStorage. 
We've occasionally seen weird configurations of IE where localStorage
isn't shared between same-origin windows, so trying window.opener first
is safer.
 2014-07-25 17:24:32 -07:00
Emily Stark
c715613e48 Add sketchy fallback for flaky window.close() in OAuth popup. 
Using an onerror event handler looks like the only semi-reliable way to
be able to close the popup in iOS Chrome, even though it's almost
certainly a bug that this works. We'll replace it soon with
redirect-based OAuth.
 2014-07-25 14:11:39 -07:00
David Glasser
996d347139 Merge branch 'devel' into packaging 
Conflicts:
	docs/client/api.html
	docs/client/concepts.html
	docs/client/introduction.html
	meteor
	packages/html-tools/package.js
	packages/spacebars-common/package.js
	packages/webapp/webapp_server.js
	tools/bundler.js
 2014-07-21 16:18:25 -07:00
Emily Stark
d3eae5a2e8 Make a trivial change to oauth to force new package version. 
Linux build of rc0's oauth package seems to have disappeared from s3, so
forcing a new oauth version to be published.
 2014-07-20 21:16:33 -07:00
Emily Stark
8236854736 Use window.opener in OAuth flow only when localStorage doesn't work. 
Move OAuth._endOfLoginResponse HTML/JS into asset instead of piecing it
together inline.

Fixes #2302.
 2014-07-14 14:58:07 -07:00