- 21 Aug, 2017 3 commits
-
-
Robert Knight authored
Deprecate openLoginForm setting and make a no-op when using OAuth
-
Robert Knight authored
Reload tokens and profile when stored tokens are changed by another client instance
-
Robert Knight authored
Remove logic to refresh access token before it expires.
-
- 09 Aug, 2017 3 commits
-
-
Robert Knight authored
When using OAuth clicking "Log In" triggers a pop-up window which requires user interaction in most browsers. Therefore the "openLoginForm" option cannot be respected when using OAuth and would be annoying anyway. Fixes #515
-
Robert Knight authored
-
Robert Knight authored
-
- 07 Aug, 2017 4 commits
-
-
Robert Knight authored
Auth codes can only be used once, so clear the code just before performing token exchange to ensure that it is not reused later.
-
Robert Knight authored
With this change, logins are automatically synced across different tabs in the same browser session.
-
Robert Knight authored
Listen for "storage" events that are emitted when another client refreshes access/refresh tokens and reload them when that occurs.
-
Robert Knight authored
Refresh tokens now have a much longer lifetime [1] than access tokens, therefore it is no longer necessary to refresh them before the access token expires. Instead the token is refreshed on-demand when an API request is made if the access token has expired at that point. [1] https://github.com/hypothesis/h/pull/4623
-
- 03 Aug, 2017 10 commits
-
-
Robert Knight authored
Implement logout when using OAuth
-
Robert Knight authored
-
Robert Knight authored
-
Robert Knight authored
-
Robert Knight authored
Use the service's OAuth token revocation endpoint [1] to revoke access and refresh tokens when the user logs out. [1] https://github.com/hypothesis/h/pull/4620
-
Robert Knight authored
When using cookie-based auth, login / logout happens via HTTP requests made by the "session" service and the auth service has to be explicitly notified afterwards via `auth.clearCache()`. When using OAuth-based auth on the other hand, login / logout happens through the auth service itself, so there is no need to ask the auth service to clear cached credentials afterwards.
-
Robert Knight authored
Implement logging out in the OAuth authorization service when using a first-party account. This currently just causes any credentials cached in memory or local storage to be forgotten and the user's profile to be reloaded. Once a token revocation endpoint is available, the "Log out" button could also trigger that as well.
-
Robert Knight authored
Use correct request params when exchanging auth code for tokens
-
Robert Knight authored
-
Robert Knight authored
HTML5 Audio elements
-
- 02 Aug, 2017 5 commits
-
-
Steel Wagstaff authored
Made changes suggested in code review: https://github.com/hypothesis/client/pull/508#pullrequestreview-53812970 .
-
Steel Wagstaff authored
Tiny fix to the test to account for URLs that may have had uppercase letters (the audio embed converts to lowercase to account for links to .MP3 files rather than .mp3)
-
Steel Wagstaff authored
Fixed tests for audio elements.
-
Steel Wagstaff authored
-
Robert Knight authored
Some API URLs are created by resolving relative URLs against the API root. For this to work properly, the root URL has to include a trailing slash. The omission of this in the documentation caused confusion for eLife devs.
-
- 01 Aug, 2017 6 commits
-
-
Robert Knight authored
-
Robert Knight authored
The two most recent client releases failed to publish automatically because the latest tags had not been fetched prior to running `git describe` to check whether the git ref was a tag. I'm not sure exactly what changed and why this used to work before, but add an explicit `git fetch --tags` step. eg. See https://jenkins.hypothes.is/job/client/job/master/483/
-
Robert Knight authored
-
Robert Knight authored
-
Robert Knight authored
Remove the view switcher component
-
Robert Knight authored
Since the h service now supports authorization codes rather than faking them with JWT grant tokens, use the appropriate request parameters in the call to exchange the auth code for tokens.
-
- 31 Jul, 2017 2 commits
-
-
Sean Hammond authored
Remove the (feature-flagged) view switcher component. We missed the chance to strike while the iron was hot on this one - neither Dawa or I have time anymore to work on further design iterations. I don't want to have dead code living behind a feature flag so I'm removing it. The code will still be in git if we ever want to revive it. Perhaps these tabs can be re-designed as part of a larger re-design of the sidebar in the future. I'll leave the GitHub issue about the usability issues with the existing selection tabs open: https://github.com/hypothesis/product-backlog/issues/327 For the record the main remaining issues with this were: 1. An undesirable visual popping happens when the view switcher loads on pages that have a lot of annotations. This also happens with the existing selection tabs but is arguably more visible with the view switcher. 2. When there are only two tabs (no orphans) the visual design of the tabs doesn't make it as immediately obvious which is the currently selected tab. The other tab may be mistaken for the selected one. The TODO list was here: https://github.com/hypothesis/product-backlog/issues/327#issuecomment-311073581 The pull requests for this view switcher were: https://github.com/hypothesis/client/pull/429 https://github.com/hypothesis/client/pull/481 https://github.com/hypothesis/client/pull/482 https://github.com/hypothesis/product-backlog/issues/327
-
Robert Knight authored
Adding ADR for ePub support
-
- 28 Jul, 2017 1 commit
-
-
Sean Roberts authored
-
- 27 Jul, 2017 2 commits
-
-
Sean Roberts authored
Adding onLayoutChange documentation
-
Sean Roberts authored
-
- 26 Jul, 2017 2 commits
-
-
Steel Wagstaff authored
More cleaning up of the media-embedder tests
-
Steel Wagstaff authored
Cleaned up media-embedder tests
-
- 25 Jul, 2017 2 commits
-
-
Steel Wagstaff authored
Added media-embedder tests for .mp3, .ogg, .wav files
-
Steel Wagstaff authored
Turns links to web-published .mp3, .ogg, and .wav files into HTML5 audio elements
-