* Custom emoji editor: implement backend
This reuses the logo upload code
* Implement emoji edit admin interface
Again reuse base64 logic from the logo upload
* Allow toggling between uploaded and default emojis
* Add route that always serves uploaded emojis
This is needed for the admin emoji interface,
as otherwise the emojis will 404 if custom emojis are disabled
* Fix linter warnings
* Remove custom/uploaded emoji logic
* Reset timer after emoji deletion
* Setup: copy built-in emojis to emoji directory
* validate json responses
* update deps
* tmp disable header check
* log all the webfinger fails
refactor and filter more malformed requests
* don't set incorrect serverURL strings
* test failing through admin api
* fix server url in fedi tests
* check response.text
* validate json/xml response of all apis
test Content-Type of api response and cleanup
* improve logs
* fix rebase
* cleanup json parser in api tests
* mark the api tests performed by admin
* Separate check for reading and format of serverURL
* test /federation/user/ with wrong username in ci
**What this PR does / why we need it:**
Preallocate memory instead of enforcing an incremental growth. This will result in less work for the garbage collector.
* treat fediverse usernames as case-insensitive for auth
* add test for case insensitive, clean up duplicate import in federverse auth controller
* fix test, there was an issue with state when all the tests were run
* Able to authenticate user against IndieAuth. For #1273
* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272
* Add migration to remove access tokens from user
* Add authenticated bool to user for display purposes
* Add indieauth modal and auth flair to display names. For #1273
* Validate URLs and display errors
* Renames, cleanups
* Handle relative auth endpoint paths. Add error handling for missing redirects.
* Disallow using display names in use by registered users. Closes#1810
* Verify code verifier via code challenge on callback
* Use relative path to authorization_endpoint
* Post-rebase fixes
* Use a timestamp instead of a bool for authenticated
* Propertly handle and display error in modal
* Use auth'ed timestamp to derive authenticated flag to display in chat
* Fediverse chat auth via OTP
* Increase validity time just in case
* Add fediverse auth into auth modal
* Text, validation, cleanup updates for fedi auth
* Fix typo
* Remove unused images
* Remove unused file
* Add chat display name to auth modal text
* Able to authenticate user against IndieAuth. For #1273
* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272
* Add migration to remove access tokens from user
* Add authenticated bool to user for display purposes
* Add indieauth modal and auth flair to display names. For #1273
* Validate URLs and display errors
* Renames, cleanups
* Handle relative auth endpoint paths. Add error handling for missing redirects.
* Disallow using display names in use by registered users. Closes#1810
* Verify code verifier via code challenge on callback
* Use relative path to authorization_endpoint
* Post-rebase fixes
* Use a timestamp instead of a bool for authenticated
* Propertly handle and display error in modal
* Use auth'ed timestamp to derive authenticated flag to display in chat
* don't redirect unless a URL is present
avoids redirecting to `undefined` if there was an error
* improve error message if owncast server URL isn't set
* fix IndieAuth PKCE implementation
use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding
* return real profile data for IndieAuth response
* check the code verifier in the IndieAuth server
* Linting
* Add new chat settings modal anad split up indieauth ui
* Remove logging error
* Update the IndieAuth modal UI. For #1273
* Add IndieAuth repsonse error checking
* Disable IndieAuth client if server URL is not set.
* Add explicit error messages for specific error types
* Fix bad logic
* Return OAuth-keyed error responses for indieauth server
* Display IndieAuth error in plain text with link to return to main page
* Remove redundant check
* Add additional detail to error
* Hide IndieAuth details behind disclosure details
* Break out migration into two steps because some people have been runing dev in production
* Add auth option to user dropdown
Co-authored-by: Aaron Parecki <aaron@parecki.com>
