* add shellcheck to ci
* test ci
* install bash for shellcheck
* set globstar for bash
* cleanup shell scripts
* do not ignore automated hls tests
* rm legacy build script
* update shell scripts
* cleanup ci
* Fix misspell
* cleanup ci
* fail on curl error in ci
* validate json responses
* update deps
* tmp disable header check
* log all the webfinger fails
refactor and filter more malformed requests
* don't set incorrect serverURL strings
* test failing through admin api
* fix server url in fedi tests
* check response.text
* validate json/xml response of all apis
test Content-Type of api response and cleanup
* improve logs
* fix rebase
* cleanup json parser in api tests
* mark the api tests performed by admin
* Separate check for reading and format of serverURL
* test /federation/user/ with wrong username in ci
* block and unblock ipv6 explicitly
* refactor admin api tests
* use sendAdminPayload() for chatuser tests
* fix sendAdminRequests
* add getAdminResponse() to api test lib/admin.js
* some admin apis don't have response body
* cleanup test/automated/api/chatusers.test.js
* cleanup test/automated/api/chatusers.test.js
use getAdminResponse() to access admin apis
* webfinger query with no resource should get 400
* check valid webfinger query
* test webfinger query
... without acct: or with wrong server
* add test for invalid user query from webfinger
* reorder the tests to decouple from state
cleanup
* rm stable: 'false' from actions/setup-go@v3
* adapt tests from #2369
* set undefined as defaultStreamKey
pass adminpass to sendConfigChangeRequest()
* mv getAdminConfig to api/lib/config.js
* npm install --quiet for automated tests
* refactor tests
separate default values from new ones
* test adminpass change
fix defaultStreamKeys test
* fix defaultStreamKeys
* use getAdminStatus
* mv test/automated/lib/config.js to admin.js
* check default hideViewerCount
cleanup
* test more default options in api
erverName
SServerSummary
yp.instanceUrl
FederationConfig.username
* more testing of default config params
* update reference values for api test
* First pass at basic browser tests for #1926
* Run tests against dev web server not go server
* Bundle the web code into the server before running tests
* Move cypress UI tests into its own npm project + add tests
* Add additional tests + wire up with cypress dashboard
* Limit concurrency of workflow jobs
* Temporarily comment out some tests that do not pass in mobile. Will fix later.
* Able to authenticate user against IndieAuth. For #1273
* WIP server indieauth endpoint. For https://github.com/owncast/owncast/issues/1272
* Add migration to remove access tokens from user
* Add authenticated bool to user for display purposes
* Add indieauth modal and auth flair to display names. For #1273
* Validate URLs and display errors
* Renames, cleanups
* Handle relative auth endpoint paths. Add error handling for missing redirects.
* Disallow using display names in use by registered users. Closes#1810
* Verify code verifier via code challenge on callback
* Use relative path to authorization_endpoint
* Post-rebase fixes
* Use a timestamp instead of a bool for authenticated
* Propertly handle and display error in modal
* Use auth'ed timestamp to derive authenticated flag to display in chat
* don't redirect unless a URL is present
avoids redirecting to `undefined` if there was an error
* improve error message if owncast server URL isn't set
* fix IndieAuth PKCE implementation
use SHA256 instead of SHA1, generates a longer code verifier (must be 43-128 chars long), fixes URL-safe SHA256 encoding
* return real profile data for IndieAuth response
* check the code verifier in the IndieAuth server
* Linting
* Add new chat settings modal anad split up indieauth ui
* Remove logging error
* Update the IndieAuth modal UI. For #1273
* Add IndieAuth repsonse error checking
* Disable IndieAuth client if server URL is not set.
* Add explicit error messages for specific error types
* Fix bad logic
* Return OAuth-keyed error responses for indieauth server
* Display IndieAuth error in plain text with link to return to main page
* Remove redundant check
* Add additional detail to error
* Hide IndieAuth details behind disclosure details
* Break out migration into two steps because some people have been runing dev in production
* Add auth option to user dropdown
Co-authored-by: Aaron Parecki <aaron@parecki.com>