nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
20279 commits 4 branches 0 tags 121 MiB
Commit graph

41 commits

Author SHA1 Message Date
Jonne Haß
0935451cd8 Return a default token_endpoint_auth_method when the client gives none in its OpenID Connect registration request 
Since we announce it in the supported metadata, some clients expect to be told what to use and don't fallback to the spec standard of
client_secret_basic on their own.
 2020-01-24 11:02:02 +01:00
Jonne Haß
3abf6b6f41 return required client_secret_expires_at in openid connect dynamic registration response 2020-01-21 23:35:01 +01:00
cmrd Senya
c348a763cf API: add profile:read_private scope 2020-01-21 23:34:43 +01:00
Jonne Haß
d08b31f2ed OpenID: remove private profile data claims that are not returned anyway and fix return values for profile and picture 2020-01-21 23:34:43 +01:00
Hank Grabowski
a8d69c48dc OpenID Scopes and Security updates 2018-12-26 14:13:13 -05:00
Benjamin Neff
e82690963d
Add # frozen_string_literal: true to all files 2017-09-17 19:29:15 +02:00
Benjamin Neff
d0b634852b
Fix belongs_to, it is now required by default 2017-08-12 15:39:20 +02:00
Benjamin Neff
eb19c327e2
Add ApplicationRecord 2017-08-12 15:39:20 +02:00
cmrd Senya
9546fddb9e
[API] don't store ID tokens in DB 
fix #6857
 2016-08-13 20:09:43 +03:00
theworldbright
bb3849e4b1 Fix API privilege scope escalation 2016-03-11 17:18:21 -08:00
theworldbright
38439277d6 Add licenses where appropriate 2016-01-04 17:22:44 +09:00
theworldbright
58aef5658b Fix remaining remarks 2016-01-04 17:01:40 +09:00
theworldbright
9f85a90f55 Update code_used to false after issues new code 2016-01-04 16:49:58 +09:00
theworldbright
773a5a67d9 Add default kid to ID token 2016-01-04 16:49:58 +09:00
theworldbright
f1b394de0f Fix remaining remarks 2016-01-04 16:49:57 +09:00
augier
d028b5672e Fix remarks 2016-01-04 16:49:57 +09:00
theworldbright
0fbcb71255 Add support for request_uri and claims 2016-01-04 16:49:56 +09:00
theworldbright
9c9880d880 Move JWKs files to database 2016-01-04 16:49:56 +09:00
theworldbright
da766d8e8b Revoke previously issued tokens on duplicate request 2016-01-04 16:49:55 +09:00
theworldbright
fd467cd42b Add private_key_jwt support 
See

- http://openid.net/specs/openid-connect-core-1_0.html#ClientAuthentication
- https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
 2016-01-04 16:49:55 +09:00
theworldbright
1dcefdb998 Validate sector identifier uri and redirect uri 2016-01-04 16:49:55 +09:00
theworldbright
5f19d8ffe6 Add acr value 2016-01-04 16:49:55 +09:00
theworldbright
a76f51a6a5 Use redirect_uri if no sector identifier for ppid 
As according to http://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg:

"If the Client has not provided a value for
sector_identifier_uri in Dynamic Client Registration
[OpenID.Registration], the Sector Identifier used
for pairwise identifier calculation is the host
component of the registered redirect_uri."
 2016-01-04 16:49:55 +09:00
theworldbright
4be9f4d558 Make client name optional 2016-01-04 16:49:54 +09:00
theworldbright
9439a16d98 Fix failing auth code test and styles 2016-01-04 16:49:54 +09:00
augier
8c2af74447 Fixing last remarks 2016-01-04 16:49:54 +09:00
augier
c33cce0953 Styling user consent form 2016-01-04 16:49:54 +09:00
theworldbright
1a7f2edc01 Perform major refactoring 
- Add foreign_keys
- Remove unused classes/methods
- Fix pronto errors
- Add method to retrieve client id from name
- Remove TODO comments
- Fix unnecessary private key generation
 2016-01-04 16:49:54 +09:00
theworldbright
e55a0b0d0b Replace scopes with constants in Authorization 2016-01-04 16:49:54 +09:00
theworldbright
858e8c2503 Prevent duplicate scopes in authorization 2016-01-04 16:49:54 +09:00
theworldbright
724f32604b Add nonce to auth code flow 2016-01-04 16:49:53 +09:00
theworldbright
bb8fe6aa83 Adjust id token config to save private key to file 2016-01-04 16:49:53 +09:00
augier
07c12ba057 Using Camo for the application logo 2016-01-04 16:49:53 +09:00
augier
3fb2d262b8 Using entypo icon as default application image 2016-01-04 16:49:52 +09:00
theworldbright
3734e074a6 Fix pronto errors 2016-01-04 16:49:52 +09:00
theworldbright
98fd18077a Add test for expired access token 2016-01-04 16:49:52 +09:00
augier
308170f691 Add applications information page 2016-01-04 16:49:52 +09:00
theworldbright
65c40f236e Load scopes from seeds 
Signed-off-by: theworldbright <kent@kentshikama.com>
 2016-01-04 16:49:51 +09:00
theworldbright
99d6d7b3e7 Add pairwise pseudonymous identifier support 
Squashed commits:

[a182de7] Fix pronto/travis errors
 2016-01-04 16:49:51 +09:00
theworldbright
e5932968fd Add support for authorization code flow 2016-01-04 16:49:51 +09:00
theworldbright
bc5e5c7420 Fix pronto errors 2016-01-04 16:49:51 +09:00