aboutsummaryrefslogtreecommitdiff
path: root/lisp/mastodon-auth.el
Commit message (Collapse)AuthorAgeFilesLines
* audit auth.elmarty hiatt2023-05-101-25/+12
|
* refactor concat-params-to-url, replace append-query stringmarty hiatt2023-05-101-2/+2
|
* remove all ;; Package-Requires: declarations save for main filemarty hiatt2023-03-271-1/+0
| | | | main file is set in .dir-locals.el now
* sort all autoloadsmarty hiatt2023-03-191-5/+6
| | | | sort autoloads in profile.el
* make auth--get-account-name silentmarty hiatt2023-02-181-1/+3
|
* Do not pass URL directly to message.Troels Henriksen2022-12-231-1/+1
| | | | This breaks if it contains any % characters.
* message auth URL when copying to kill ringmarty hiatt2022-12-181-0/+1
|
* make a start on listsmarty hiatt2022-11-151-0/+8
|
* bump version in boilerplatemarty hiatt2022-08-271-1/+1
|
* Merge branch 'develop'mousebot2022-04-051-71/+130
|\
| * Merge pull request '2FA login support' (#255) from ↵martianh2022-03-231-71/+130
| |\ | | | | | | | | | | | | | | | Red_Starfish/mastodon-up.el:login into develop Reviewed-on: https://codeberg.org/martianh/mastodon.el/pulls/255
| | * auth: make mastodon-auth-source-file a defvarAbhiseck Paira2022-02-251-8/+4
| | | | | | | | | | | | | | | The variable `mastodon-auth-source-file' serves no purpose so change it from a defcustom to a defvar. Also update its docstring to document it.
| | * auth: define variable mastodon-auth--user-unawareAbhiseck Paira2022-02-251-0/+15
| | | | | | | | | | | | | | | | | | Hold the explanation string in the variable `mastodon-auth--user-unaware'. This explanation is provided to old mastodon.el users who are not aware of the 2FA related changes.
| | * auth: make old mastodon.el users awareAbhiseck Paira2022-02-251-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most old users of the mastodon.el wouldn't know about the introduction of new variable `mastodon-active-user'[1]. Our goal is to make them aware. Set the default value of [1] to nil. This way we can know that the user hasn't set [1] properly because user is unaware of it. In the definition of `mastodon-auth--access-token', check [1]'s value and if it's null, explain to the user about the new situation. Finally signal the error "Variables not set properly". We have considered the possibility of automating the process but since the new login mechanism depends on setting [1] *in the init file*, the only way to automate it would be to write to user's init file which we consider to be very rude and shouldn't be done by this package.
| | * auth: make the wording in mastodon-auth--explanation clearerAbhiseck Paira2022-02-251-5/+11
| | |
| | * auth: present auth code request in a nicer wayAbhiseck Paira2022-02-251-1/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of using the minibuffer prompt to present the explanation what the user needs to do to get authorization code, use Emacs buffer and Window. The minibuffer prompt should have 2-3 words. This increases the readability of the explanation. Of course delete explanation buffer and restore the window configuration as it was after reading from minibuffer.
| | * auth: change name to mastodon-auth--request-authorization-codeAbhiseck Paira2022-02-251-2/+2
| | | | | | | | | | | | | | | | | | | | | Change the name of the function `mastodon-auth--ask-authorization-code' to `mastodon-auth--request-authorization-code'. Suggested-by: Marty Hiatt <martianhiatus@riseup.net>
| | * change '-' to '--' in between function and namespace namesAbhiseck Paira2022-02-231-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | mastodon.el currently follows the convention where all function names should have two dashes (not one dash) in between function and namespace names. Update all function names to follow this convention. See issue #205 and pull request #255
| | * update copyright holder infoAbhiseck Paira2022-01-171-0/+1
| | | | | | | | | | | | | | | Update Copyright holder info for files that have undergone non trivial changes.
| | * define autoloads and defvars to silence the byte compilerAbhiseck Paira2022-01-171-0/+7
| | |
| | * refactor *-access-token and *-handle-token-responseAbhiseck Paira2022-01-131-10/+22
| | | | | | | | | | | | | | | | | | Refactor `mastodon-auth--access-token' and `mastodon-auth--handle-token-response' to work with the new authentication mechanism.
| | * remove functions no longer neededAbhiseck Paira2022-01-131-43/+0
| | | | | | | | | | | | | | | | | | Remove `mastodon-auth--generate-token-no-storing-credentials' and 'mastodon-auth--generate-token-and-store' as these two are no longer needed.
| | * re-implement user auth and token generation mechanismAbhiseck Paira2022-01-131-10/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor `mastodon-auth--generate-token' to work with new user authentication and token generation mechanism. This enables mastodon.el to work with 2FA and also not to handle password directly. In this implementation mastodon-auth--generate-token gets authorization code from the user and sends post request to mastodon server. Ask for authorization code from the user using two helper functions: * mastodon-auth--ask-authorization-code: Explain to the user what the user needs to do to get the authorization code. Store this explanation message in variable `mastodon-auth--explanation'. * mastodon-auth--get-browser-login-url: Return a appropriate query string appended to url to the caller, which is needed by the user to access the authorization code.
* | | Merge branch 'develop'mousebot2022-02-131-1/+1
|\| |
| * | update homepage and copyright boilerplatemousebot2022-02-051-1/+1
| |/
* | Merge branch 'main'mousebot2021-12-231-18/+32
|\|
| * typos and docstringsmousebot2021-12-201-1/+1
| |
| * bump version to a round numbermousebot2021-12-171-1/+1
| |
| * boilerplate maintainer contactmousebot2021-12-171-0/+1
| |
| * depend on emacs 27.1, flychecks, docstrings, etc.mousebot2021-12-171-1/+1
| | | | | | | | strictly, the 27.1 dependency is only for proper-list-p in -http.el.
| * bump version, change homepage link, readmemousebot2021-12-171-2/+2
| |
| * Do a bit if `if` and `progn` sanitizing.Holger Dürer2021-11-061-1/+0
| | | | | | | | | | | | | | - A `progn` with a single form is redundant - `when` doesn't need a `progn` body - `if` has an implicit `progn` for the consequences - I converted one cascade of `if`s into a `cond`.
| * Convert most uses of `(cdr (assoc <some-symbol> <a-list>))` to `(alist-get ↵Holger Dürer2021-11-061-5/+5
| | | | | | | | | | | | | | <some-symbol> <a-list>)` This is more readable and actually more efficient (maybe) since it uses `eq` rather than `equal` as a test.
| * Fix compilation warnings.Holger Dürer2021-11-011-3/+10
| | | | | | | | | | | | | | | | | | | | | | | | This is mostly reflowing / reworkding docstrings to keep within 80 characters limit and adding autoloads. There are two warning remaining that I don't understand: - mastodon-async.el:359:16: Warning: reference to free variable ‘url-http-end-of-headers’ - mastodon-http.el:139:8: Warning: value returned from (string-equal json-string "") is unused When adding autoloads this sorts them for better readability.
| * flycheck: docstrings, autoloads, etcmousebot2021-10-031-3/+5
| |
| * package-lint: bump to emacs 26.1, disable stream keybindingsmousebot2021-09-221-1/+1
| |
| * improve docstrings in mastodon-auth so i know what it does.mousebot2021-08-111-6/+11
| |
| * foll reqs/faves bindings global, autoloads and declarations, readmemousebot2021-06-011-0/+1
| |
| * bump masto version, bump emacs version to 25.1, dependency in readmemousebot2021-05-311-2/+2
| |
| * Rewrite `mastodon-auth--access-token` so it handles errors.Ian Eure2021-05-091-7/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, `mastodon-auth--access-token` unconditionally returns the value of the `:access_token` key from the response of `(mastodon-auth--get-token)`. This causes problems when there was an error getting the token, for example, if you enter the wrong password. If a token couldn’t be retrieved, the JSON looks like: (:error "invalid_grant" :error_description "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.") Since there is no `:access_token` key, `mastodon-auth--access-token` returns `nil`, which results in a broken header in the next request: Authorization: Bearer Which causes the whole thing to freeze Emacs until you mash `C-g`. This commit rewrites the function to handle that case; to explicitly signal an error for *any* response that isn’t expected; to use `if-let`, which allows the temporary `token` variable to be eliminated; uses `pcase` to determine what kind of response was received; and adds ERT tests for all these cases.
* | Rewrite `mastodon-auth--access-token` so it handles errors.Ian Eure2020-05-031-7/+16
|/ | | | | | | | | | | | | | | | | | | | | | | | Currently, `mastodon-auth--access-token` unconditionally returns the value of the `:access_token` key from the response of `(mastodon-auth--get-token)`. This causes problems when there was an error getting the token, for example, if you enter the wrong password. If a token couldn’t be retrieved, the JSON looks like: (:error "invalid_grant" :error_description "The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.") Since there is no `:access_token` key, `mastodon-auth--access-token` returns `nil`, which results in a broken header in the next request: Authorization: Bearer Which causes the whole thing to freeze Emacs until you mash `C-g`. This commit rewrites the function to handle that case; to explicitly signal an error for *any* response that isn’t expected; to use `if-let`, which allows the temporary `token` variable to be eliminated; uses `pcase` to determine what kind of response was received; and adds ERT tests for all these cases.
* Update copyright and bump versionJohnson Denen2019-03-041-2/+2
|
* Explitly require json.el in files where we dynamically bind its vars.Holger Dürer2019-03-041-0/+1
| | | | | | As pointed out in issue #211 the compiler actually warned the user about `json-array-type` etc. being unused lexical vars. Let's hope that this fixes the errors reported with reading json.
* Use the email address of the current user as default (#203)Jürgen Hötzel2019-03-041-1/+1
| | | | * Use the email address of the current user as default
* Bump to version 0.8.0Johnson Denen2018-08-101-1/+1
|
* Optionally use auth-source-search for fetching and saving password. (#181)H Durer2018-08-101-0/+47
| | | | | | | | | * Use auth-source-search for fetching and saving password This gives users the ability to save their password to either the gpg-encrypted ~/.authinfo.gpg or ~/.authinfo so that they don't have to provide username/password each time * Add a new custom var to decide whether to use the auth-source package or not.
* Clean up code to remove compilation warnings.Holger Durer2018-08-101-0/+2
| | | | | We used to be clean but have slipped recently. Let's clean up the code so it's easier to see real code smell warnings in the compilation.
* Retoot add accts closes #155Alexander Griffith2018-03-051-0/+18
| | | | | | | | | | | | | When responding to toots the full acct for both local and federated accounts are now added to the new toot buffer. Changes - Added a function in mastodon.el to return the current user acct - Added mastodon-toot--process-local, which takes an acct and appends the current server if it is local returns an empty string if the acct matches the current user and does only adds a prefix @ if the acct is federated - mastodon-toot--mentions will return a formatted string of mentions or an empty string - adds tests for mastodon-toot--mentions - adds a missing , in mastodon-http--post - `mastodon-toot--reply` now passes `mastodon-toot` a toot-id rather than the whole json - 'mastodon-toot--reply-to-id is now a local var in a new toot
* Bump to 0.7.2 and shorten long code lines (#172)Alexander Griffith2018-03-051-1/+1
| | | | | | * Bump version numbers to 0.7.2 * Adjusted functions to bring line length below 90.
* Keep track of to which instance secrets in plstore belong.Holger Dürer2018-03-021-10/+14
| | | | | | | | | | | While testing out issue 149 (https://github.com/jdenen/mastodon.el/issues/149) I had problems due to stale client information being cached. With this change we store various pieces of information (the client information in the plstore and the auth tokens) in alists keyed by the instance url (and the plstore key contains the instance url as well to allow us to store data per instance).