| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Therefore, username and password are no longer needed
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Allow to have global clients, auth through direct token or auth code and bring scopes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
fix review
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
remove redirect uri requirement on specific clients
add back password and depreciate it
enforce state
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
Allow apps to register themselves
A handful of changes
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
change timeout values
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
set access_token lifetime to 1 year and double for refresh_token
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
|
|
|
|
|
|
|
|
| |
Use `property_path` form option to map underscored form fields
to object properties
@see https://github.com/symfony/symfony/issues/9162#issuecomment-25431148
Fix #3067
|
|
When we remove the client, we should ensure that access_token are also removed.
To ensure that, I created a test that generated an access_token. So when we remove the client, this association should be cascaded and shouldn’t generate an error.
Also I moved some Api related stuff to the ApiBundle (like the developer controler and ClientType form)
|