1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-23 05:50:55 +01:00
phorge-phorge/resources/sql/patches
Bob Trahan af295e0b26 OAuth Server enhancements -- more complete access token response and groundwork
for scope

Summary:
this patch makes the access token response "complete" relative to spec by
returning when it expires AND that the token_type is in fact 'Bearer'.

This patch also lays the groundwork for scope by fixing the underlying data
model and adding the first scope checks for "offline_access" relative to expires
and the "whoami" method.   Further, conduit is augmented to open up individual
methods for access via OAuth generally to enable "whoami" access.   There's also
a tidy little scope class to keep track of all the various scopes we plan to
have as well as strings for display (T849 - work undone)

Somewhat of a hack but Conduit methods by default have SCOPE_NOT_ACCESSIBLE.  We
then don't even bother with the OAuth stuff within conduit if we're not supposed
to be accessing the method via Conduit.   Felt relatively clean to me in terms
of additional code complexity, etc.

Next up ends up being T848 (scope in OAuth) and T849 (let user's authorize
clients for specific scopes which kinds of needs T850).  There's also a bunch of
work that needs to be done to return the appropriate, well-formatted error
codes.  All in due time...!

Test Plan:
verified that an access_token with no scope doesn't let me see
anything anymore.  :(  verified that access_tokens made awhile ago expire.  :(

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Maniphest Tasks: T888, T848

Differential Revision: https://secure.phabricator.com/D1657
2012-02-21 16:33:06 -08:00
..
000.project.sql Task -> Project assocation, file uploads 2011-02-20 20:08:53 -08:00
001.maniphest_projects.sql Fully-qualify this SQL patchfile. 2011-02-20 20:10:07 -08:00
002.oauth.sql Github OAuth 2011-02-21 00:23:24 -08:00
003.more_oauth.sql Store OAuth tokens and more OAuth account info. 2011-02-22 10:27:27 -08:00
004.daemonrepos.sql Rough cut of repository tracking 2011-03-06 22:29:22 -08:00
005.workers.sql Rough cut of Workers 2011-03-10 13:48:29 -08:00
006.repository.sql durf durf sql 2011-03-15 20:51:53 +00:00
007.daemonlog.sql Diffusion/phd/console improvements. 2011-03-15 13:38:14 -07:00
008.repoopt.sql Fix various parsing bugs in Differential. 2011-03-19 14:42:17 -07:00
009.repo_summary.sql Sorta need this file. 2011-03-20 17:55:31 -07:00
010.herald.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
011.badcommit.sql Derp derp, apparentl neglected to save this file. 2011-03-26 23:59:29 -07:00
012.dropphidtype.sql Removed "PHID Types" storage object and interface components 2011-03-31 14:01:13 -07:00
013.commitdetail.sql More Diffusion junk. 2011-03-30 22:08:41 -07:00
014.shortcuts.sql Restore "Shortcuts" feature to Diffusion. 2011-03-31 00:33:44 -07:00
015.preferences.sql User preferences ported from tools 2011-03-31 13:44:20 -07:00
016.userrealnameindex.sql Add basic detail-parser functionality. 2011-04-01 17:11:55 -07:00
017.sessionkeys.sql Optimize session query for nontrivial number of user accounts. 2011-04-02 16:39:40 -07:00
018.owners.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
019.arcprojects.sql Sync up UUIDs and create project configs. 2011-04-05 21:55:04 -07:00
020.pathcapital.sql Fix field capitalization. 2011-04-05 22:30:10 -07:00
021.xhpastview.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
022.differentialcommit.sql Close the loop on Diffusion commits posting back to Differential. 2011-04-07 21:59:42 -07:00
023.dxkeys.sql Turns out MySQL tables need keys. Who knew?! 2011-04-09 22:19:10 -07:00
024.mlistkeys.sql Properly support mailing lists, with actual testing! 2011-04-10 10:16:14 -07:00
025.commentopt.sql Lint and unit star support. 2011-04-10 17:19:01 -07:00
026.diffpropkey.sql Missing key for large datasizes. 2011-04-10 17:25:24 -07:00
027.metamtakeys.sql Add some metamta keys. 2011-04-12 18:19:24 -07:00
028.systemagent.sql Very basic system agent support. 2011-04-12 18:19:25 -07:00
029.cursors.sql Avoid Timeline race condition 2011-04-14 10:12:10 -07:00
030.imagemacro.sql Image macros for Phabricator! 2011-04-13 20:08:13 -07:00
031.workerrace.sql Prevent a race in Phabricator workers 2011-04-14 12:09:56 -07:00
032.viewtime.sql Differential Updates View 2011-04-28 14:40:41 -07:00
033.privtest.sql Improve schema upgrade workflow for unprivileged users 2011-04-30 00:50:48 -07:00
034.savedheader.sql Make X-Herald-Rules header sticky 2011-05-03 06:06:57 -07:00
035.proxyimage.sql Restore image proxying to Remarkup 2011-05-03 18:49:06 -07:00
036.mailkey.sql Support email replies in Phabricator 2011-05-05 14:58:57 -07:00
037.setuptest.sql Add a "setup" mode which guides new users through application configuration 2011-05-10 15:12:30 -07:00
038.admin.sql Admin and disabled flags for users 2011-05-12 11:17:50 -07:00
039.userlog.sql Provide an activity log for login and administrative actions 2011-05-20 19:08:26 -07:00
040.transform.sql Basic image thumbnailing 2011-05-27 09:33:33 -07:00
041.heraldrepetition.sql herald: add the ability to execute a rule the first time only 2011-06-09 10:35:37 -07:00
042.commentmetadata.sql Store metadata with Differential and Maniphest comments, and store added 2011-06-09 10:43:25 -07:00
043.pastebin.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
044.countdown.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
045.timezone.sql Provide a default non-NULL timezone in the PhabricatorUser class 2011-06-20 13:13:51 -07:00
046.conduittoken.sql Fix syntax clowning in patch 046. 2011-06-20 05:59:42 -07:00
047.projectstatus.sql Project list and profile view modifications 2011-06-20 16:13:44 -03:00
048.relationshipkeys.sql Properly scope some SQL. 2011-06-21 14:46:59 -07:00
049.projectowner.sql Allow affiliations to carry project ownership information; transform profile 2011-06-28 06:40:41 -07:00
050.taskdenormal.sql Allow Maniphest to scale to a massive size 2011-06-28 06:41:05 -07:00
051.projectfilter.sql Allow Maniphest tasks to be filtered by Project 2011-06-29 21:56:47 -07:00
052.pastelanguage.sql Add a syntax highlight dropdown, if pygments is enabled. 2011-07-04 12:23:43 -04:00
053.feed.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
054.subscribers.sql Added subscriber view to Maniphest. 2011-07-07 14:08:52 -07:00
055.add_author_to_files.sql Drag-drop file upload. 2011-07-08 15:20:57 -04:00
056.slowvote.sql Allow databases to be created outside upgrade_schema scrpt. 2011-10-17 13:59:56 -07:00
057.parsecache.sql Add Differential parse cache to the GC daemon 2011-07-08 17:31:25 -07:00
058.missingkeys.sql Add missing keys to some tables 2011-07-09 10:55:15 -07:00
059.engines.php Script to selectively convert MyISAM tables to InnoDB 2011-07-11 11:42:28 -07:00
060.phriction.sql Minor, reduce slug column size to 128, see D1391. 2012-01-13 17:16:37 -08:00
061.phrictioncontent.sql Basic edit/create workflow for Phriction 2011-07-11 14:47:33 -07:00
062.phrictionmenu.sql Add Phriction to the main nav menu 2011-07-12 09:26:51 -07:00
063.pasteforks.sql Store parents of forked pastes, and list child pastes if there are any. 2011-07-15 18:42:08 -04:00
064.subprojects.sql Allow users to associate SSH Public Keys with their accounts 2011-07-23 09:15:20 -07:00
065.sshkeys.sql Allow users to associate SSH Public Keys with their accounts 2011-07-23 09:15:20 -07:00
066.phrictioncontent.sql Add a 'description' field to Phriction 2011-07-23 21:11:42 -07:00
067.preferences.sql Move "Preferences" to "Settings" 2011-07-24 12:25:43 -07:00
068.maniphestauxiliarystorage.sql Key Value Store for ManiphestTask 2011-07-25 19:11:55 -07:00
069.heraldxscript.sql Improve GC performance for Herald Transcripts 2011-07-28 18:50:54 -07:00
070.differentialaux.sql Add basic auxiliary field storage for Differential 2011-08-14 10:04:21 -07:00
071.contentsource.sql Track content sources (email, web, conduit, mobile) for replies 2011-08-30 11:08:27 -07:00
072.blamerevert.sql Remove blameRevision and revertPlan from the DifferentialRevision schema 2011-09-04 16:19:12 -07:00
073.reposymbols.sql Add storage for repository symbol tracking 2011-09-13 08:49:44 -07:00
074.affectedpath.sql Build an "affected path" index when attaching diffs to revisions 2011-09-15 07:45:14 -07:00
075.revisionhash.sql Add a relation table for Revisions to local commit hashes 2011-09-26 15:02:37 -07:00
076.indexedlanguages.sql Tie all the pieces for symbol cross-references together 2011-10-09 17:58:17 -07:00
077.originalemail.sql Allow bugs@ addresses to blanket-accept tasks 2011-10-20 14:26:19 -07:00
078.nametoken.sql Add a name token table so on-demand typeaheads can match last names 2011-10-23 14:25:26 -07:00
079.nametokenindex.php Add a name token table so on-demand typeaheads can match last names 2011-10-23 14:25:26 -07:00
080.filekeys.sql Use a proper entropy source to generate file keys 2011-10-23 14:42:23 -07:00
081.filekeys.php Use a proper entropy source to generate file keys 2011-10-23 14:42:23 -07:00
082.xactionkey.sql Add a missing key to the ManiphestTransaction table 2011-10-23 14:43:03 -07:00
083.dxviewtime.sql Remove "Updated" view from Differential 2011-12-07 06:55:03 -08:00
084.pasteauthorkey.sql Paste - upgrade scheme to support queries by authorPHID 2011-12-14 19:48:47 -08:00
085.packagecommitrelationship.sql Add Related Commits for Owners 2011-12-14 22:48:57 -08:00
086.formeraffil.sql Remove "Former" project members 2011-12-16 17:46:02 -08:00
087.phrictiondelete.sql Allow Phriction documents to be deleted 2011-12-17 11:45:25 -08:00
088.audit.sql Issue CREATE DATABASE before ALTER TABLE in patch 88 2011-12-27 17:50:23 -08:00
089.projectwiki.sql Provide wiki pages for projects 2011-12-20 14:03:12 -08:00
090.forceuniqueprojectnames.php Provide wiki pages for projects 2011-12-20 14:03:12 -08:00
091.uniqueslugkey.sql Provide wiki pages for projects 2011-12-20 14:03:12 -08:00
092.dropgithubnotification.sql Remove support for GitHub post-receive notifications 2011-12-24 09:00:08 -08:00
093.gitremotes.php Make tracked git repositories use an implicit 'origin' remote 2011-12-29 08:35:32 -08:00
094.phrictioncolumn.sql Minor, reduce slug column size to 128, see D1391. 2012-01-13 17:16:37 -08:00
095.directory.sql Delete /xhprof/ from directory, mark /mail/ as Admin Only 2012-01-15 20:27:55 -08:00
096.filename.sql Change fileName to filename 2012-01-17 10:50:14 -08:00
097.heraldruletypes.sql Created personal vs. global herald rule distingtion 2012-01-19 11:21:49 -08:00
098.heraldruletypemigration.php Created personal vs. global herald rule distingtion 2012-01-19 11:21:49 -08:00
099.drydock.sql Drydock Rough Cut 2012-01-19 21:12:57 -08:00
100.projectxaction.sql Add transaction-oriented editing to projects 2012-01-24 09:44:35 -08:00
101.heraldruleapplied.sql Remove massive "rule applied" query 2012-01-24 19:29:54 -08:00
102.heraldcleanup.php Write fewer "applied" rows and clean up excess historical rows 2012-01-25 11:53:39 -08:00
103.heraldedithistory.sql Add basic edit history to herald rules 2012-01-30 11:52:44 -08:00
104.searchkey.sql Add a safeguard against multiple patches with the same version 2012-02-14 16:24:02 -08:00
105.mimetype.sql Trim "\n" from mimeType field in phabricator_file.file 2012-02-16 07:25:56 -08:00
106.chatlog.sql OAuth - Phabricator OAuth server and Phabricator client for new Phabricator OAuth Server 2012-02-19 14:00:13 -08:00
107.oauthserver.sql OAuth - Phabricator OAuth server and Phabricator client for new Phabricator OAuth Server 2012-02-19 14:00:13 -08:00
108.oauthscope.sql OAuth Server enhancements -- more complete access token response and groundwork 2012-02-21 16:33:06 -08:00