summaryrefslogtreecommitdiff
path: root/lib/apiauth.php
AgeCommit message (Collapse)Author
2010-03-26Return an http auth error, when a client sends in an invalid auth user, even ↵Zach Copley
when http auth is not required.
2010-03-17Workaround for HTTP authentication in the API when running PHP as ↵Brion Vibber
CGI/FastCGI. Example rewrite lines added as comments in htaccess.sample, API tweaked to accept alternate environment var form.
2010-03-10A blank username should never be allowed.Zach Copley
2010-03-08make API realm configurableEvan Prodromou
2010-02-25Remove unnecessary requiresZach Copley
2010-02-02Always check for an OAuth request. This allows OAuth clients to set anZach Copley
auth user, similar to how they can set one via http basic auth, even if one is not required. I think I finally got this right.
2010-01-29Adjust API authentication to also check for OAuth protocol params in theZach Copley
HTTP Authorization header, as defined in OAuth HTTP Authorization Scheme.
2010-01-28Remove debugging statementZach Copley
2010-01-28Some adjustments to the way API auth works after merging testing and 0.9.xZach Copley
2010-01-27HTTP auth provided is evaluated even if it's not requiredMichele
2010-01-27- Check for read-only vs. read-write access to protected API resources (OAuth)Zach Copley
- Some cleanup
2010-01-25- Had to remove checking read vs. read-write in OAuth authenticated methodsZach Copley
- Will now pick up source attr from OAuth app
2010-01-24Add Start/EndSetApiUser events when setting API user via OAuthZach Copley
2010-01-24Check for read vs. read-write access on OAuth authenticated API mehtods.Zach Copley
2010-01-24OAuth 1.0 working nowZach Copley
2010-01-24Make API auth handle OAuth requests w/access tokensZach Copley
2009-12-14Fix issue with favorited/following always being set to falseZach Copley
2009-11-18Added Authorization pluginCraig Andrews
Added LDAPAuthorization plugin
2009-11-09Revert "Remove more contractions"Brion Vibber
This reverts commit 5ab709b73977131813884558bf56d97172a7aa26. Missed this one yesterday...
2009-11-08Remove more contractionsSiebrand Mazeland
* doesn't * won't * isn't * don't
2009-10-12Added in credits.Zach Copley
2009-10-12Use site's name for basic auth realmZach Copley
2009-10-09Remove more redundant $formatsZach Copley
2009-10-09Move all basic auth output and processing to base classesZach Copley
2009-10-09Delete action/api.php and rename lib/twitterapi.php to lib/api.phpZach Copley
2009-09-30New actions for /statuses/friends and /statuses/followers + social graph methodsZach Copley
2009-09-27phpcs on apifriendstimeline.php, apiauth.php and apibareauth.phpZach Copley
2009-09-25Moved basic auth stuff into its own classesZach Copley