From 0f8268c93e6210d368f9dcd1900274871a9eacdf Mon Sep 17 00:00:00 2001
From: Thomas Citharel <tcit@tcit.fr>
Date: Sun, 30 Apr 2017 09:16:55 +0200
Subject: Add client_credentials as grant_type

Therefore, username and password are no longer needed

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Allow to have global clients, auth through direct token or auth code and bring scopes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

fix review

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

remove redirect uri requirement on specific clients

add back password and depreciate it

enforce state

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

Allow apps to register themselves

A handful of changes

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

change timeout values

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

set access_token lifetime to 1 year and double for refresh_token

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
---
 app/config/security.yml | 1 +
 1 file changed, 1 insertion(+)

(limited to 'app/config/security.yml')

diff --git a/app/config/security.yml b/app/config/security.yml
index ffb1d356..0ce37661 100644
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -57,6 +57,7 @@ security:
         - { path: ^/api/doc, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/version, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/api/user, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/api/apps, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
         - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
-- 
cgit v1.2.3