diff options
| author | rinpatch <rinpatch@sdf.org> | 2020-04-16 21:58:57 +0000 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2020-04-16 21:58:57 +0000 |
| commit | badd888ccbeed88228c0de66c068812a49139ce3 (patch) | |
| tree | 8af60de490fcd43a60f35afe54820d96f86f41b4 /lib/pleroma/web/oauth | |
| parent | 28bcde5d982ee0cd7bfac68585311661f19de2c4 (diff) | |
| parent | bde1189c349dc114aca2e9310dda840a1007825f (diff) | |
| download | pleroma-badd888ccbeed88228c0de66c068812a49139ce3.tar.gz | |
Merge branch 'authenticated-api-oauth-check-enforcement' into 'develop'
Enforcement of OAuth scopes check for authenticated API endpoints
See merge request pleroma/pleroma!2349
Diffstat (limited to 'lib/pleroma/web/oauth')
| -rw-r--r-- | lib/pleroma/web/oauth/oauth_controller.ex | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 46688db7e..0121cd661 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -27,6 +27,8 @@ defmodule Pleroma.Web.OAuth.OAuthController do plug(:fetch_flash) plug(RateLimiter, [name: :authentication] when action == :create_authorization) + plug(:skip_plug, Pleroma.Plugs.OAuthScopesPlug) + action_fallback(Pleroma.Web.OAuth.FallbackController) @oob_token_redirect_uri "urn:ietf:wg:oauth:2.0:oob" |