Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/ory/fosite
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
https://github.com/ory/fosite
all: Rearrange commits with goreturns
Signed-off-by: aeneasr <[email protected]>
211b43b4c04c732adc5fbfa7cab339f44fbea7d7 authored about 6 years ago
handler/openid: Populate at_hash in explicit/refresh flows (#315)
Signed-off-by: Wenhao Ni <[email protected]>
189589c400467460029424226398da709eb9ec48 authored about 6 years ago
docs: Updates issue and pull request templates (#316)
Signed-off-by: aeneasr <[email protected]>
64299bb72fe0f9f7886bdd061519cc7e9c9081da authored over 6 years ago
docs: Updates issue and pull request templates (#314)
Signed-off-by: aeneasr <[email protected]>
73ae6238fc6db4737d5b529ceeb08b26dbab88ea authored over 6 years ago
docs: Updates issue and pull request templates (#313)
Signed-off-by: aeneasr <[email protected]>
53c7b55dba903cdb8071417f39ebc01e00921cd4 authored over 6 years ago
Fix typo in README.md (#312)
Signed-off-by: Stephen Afam-Osemene <[email protected]>
dcb83ae59f984edeb1dfda19d0c0851e2e1574ae authored over 6 years ago
Fix broken go modules tests (#311)
Signed-off-by: arekkas <[email protected]>
02ea4b186a6384bfe2a36741842f49f7370e0991 authored over 6 years ago
Switch from dep to go modules (#310)
Signed-off-by: arekkas <[email protected]>
ac46a67863cb0842d48c83413789a9d6bf595f8a authored over 6 years ago
Propagate context in jwt strategies (#308)
Closes #307
Signed-off-by: Prateek Malhotra <[email protected]>
e1e18d6b22697abeceff6e22d4741c3bf04174f8 authored over 6 years ago
Use test tables for Hasher unit tests (#306)
Signed-off-by: Amir Aslaminejad <[email protected]>
499af11c14eb4f09f630ce84e971389ab668e94a authored over 6 years ago
bcrypt: update BCrypt to adhere to new Hasher interface
Signed-off-by: Amir Aslaminejad <[email protected]>
938e50a32024693670d1a8180b33c5c4a0df470b authored over 6 years ago
Add breaking change to the Hasher interface to the change log
Signed-off-by: Amir Aslaminejad <[email protected]>
805e0e9a36aa254b18e853b8a9c7881738deb010 authored over 6 years ago
hash: update Hasher to take in context
Signed-off-by: Amir Aslaminejad <[email protected]>
02f19fa3a9db72c54c2be6a904f8a2d35792974e authored over 6 years ago
jwt: update JWTStrategy to take in context (#302)
Signed-off-by: Amir Aslaminejad <[email protected]>
514fdbd20393c2175c66f3a69eb7bb849b3d5dfa authored over 6 years ago
Update PR template
Signed-off-by: aeneasr <[email protected]>
3920be20e78ed304ee3752ffcb997ade12862734 authored over 6 years ago
Add github issue and PR templates
Signed-off-by: aeneasr <[email protected]>
b630f54bbd5f01891b2f3cce462819e13136d94c authored over 6 years ago
openid: Allow JWT from id_token_hint to be expired (#299)
Signed-off-by: arekkas <[email protected]>
1ad9cd36069f61b2ace0fec097fe4bdc92e9f6c6 authored over 6 years ago
token/hmac: Add ability to rotate HMAC keys (#298)
Signed-off-by: arekkas <[email protected]>
213465099b72b6e5afd0e69a7916a95f65e17481 authored over 6 years ago
compose: Pass ID Token configuration to strategy (#297)
Resolves an issue where expiry and issuer where not properly configurable in the strategy.
Se...
a07ce27c814538c7d0e6228ae814482be2e96e7e authored over 6 years ago
openid: Validate id_token_hint only via ID claims (#296)
Signed-off-by: arekkas <[email protected]>
0fcbfea741d0f0bb2a96d5fa08a2797a109a4a33 authored over 6 years ago
Improve token_endpoint_auth_method error message (#294)
Signed-off-by: arekkas <[email protected]>
7820fb2e380ca737277095876c7f91b5ebee1467 authored over 6 years ago
all: gofmt (#290)
Run standard gofmt command on project root.
- go version go1.10.3 darwin/amd64
Signed-off-...
f02884ba0b236d81e338fd3bcd3e8ebc6d65538f authored over 6 years ago
Makes error messages easier to debug for end-users
5688a1c5acbafad5eabe649ce56e06e922c36a60 authored over 6 years ago
5688a1c5acbafad5eabe649ce56e06e922c36a60 authored over 6 years ago
core: Adds private_key_jwt authentication method
baa4cf15e1f30da0a52c9314730279302a15a7a4 authored over 6 years ago
baa4cf15e1f30da0a52c9314730279302a15a7a4 authored over 6 years ago
openid: Adds errors for request and registration parameters
920ed71a538f7fa5e7531660d76e076b655bf48b authored over 6 years ago
920ed71a538f7fa5e7531660d76e076b655bf48b authored over 6 years ago
oidc: Adds OIDC request/request_uri support
c7abcca923175f85833473508684c209b1151f5a authored over 6 years ago
c7abcca923175f85833473508684c209b1151f5a authored over 6 years ago
oidc: Adds proper error responses to request object
f4832621071290773fca25e8992fc283d76f390b authored over 6 years ago
f4832621071290773fca25e8992fc283d76f390b authored over 6 years ago
oidc: Uses JWTStrategy interface in openid.DefaultStrategy
Closes #252
517fdc5002ccef00a5a105b1a19bcba4c5e6839f authored over 6 years ago
core: Implements oidc compliant response_type validation
f950b9ea63f10b7ecfe0fa47ec3716b543450dc5 authored over 6 years ago
f950b9ea63f10b7ecfe0fa47ec3716b543450dc5 authored over 6 years ago
core: Disallow empty response_type in request
cf2eb85ed17c8d51d1c2e90c3349d4f51662a8f0 authored over 6 years ago
cf2eb85ed17c8d51d1c2e90c3349d4f51662a8f0 authored over 6 years ago
core: Return unsupported_response_type in validator
a24708e8044268b324b1aec443a09940ae998c2f authored over 6 years ago
a24708e8044268b324b1aec443a09940ae998c2f authored over 6 years ago
oauth2: Uses JWTStrategy in oauth2.DefaultStrategy
e2d2e7511931d17fd92e627c65eaabd9598b185d authored over 6 years ago
e2d2e7511931d17fd92e627c65eaabd9598b185d authored over 6 years ago
openid: Do not require id_token response type for auth_code (#288)
Before this patch, the `id_token` response type was required whenever an ID Token was requested....
edc491045155abbdbc54409889d7ccc7c3999019 authored over 6 years ago
docs: Fixes header image in README
4907d60537202e3aa04e81d87efe2c5e17c2e492 authored over 6 years ago
4907d60537202e3aa04e81d87efe2c5e17c2e492 authored over 6 years ago
Allows multipart content type as alternative to x-www-form-urlencoded (#285)
2edf8f828b99cbabefa7f00066b49e081fab4920 authored over 6 years ago
2edf8f828b99cbabefa7f00066b49e081fab4920 authored over 6 years ago
openid: Merge duplicate aud claim values (#283)
93618d66a99d2756e0a4c638727b728afc62520f authored over 6 years ago
93618d66a99d2756e0a4c638727b728afc62520f authored over 6 years ago
Uses query instead of fragment when handling unsupported response type (#282)
57b14710c9aa845f2fa87322e0a3f3fa1e3e09c9 authored over 6 years ago
57b14710c9aa845f2fa87322e0a3f3fa1e3e09c9 authored over 6 years ago
Updates upgrade guide
a958ab8218d13c4b0533eb38d07203f2da7ac114 authored over 6 years ago
a958ab8218d13c4b0533eb38d07203f2da7ac114 authored over 6 years ago
oauth2: Resolves several issues related to revokation (#281)
This patch resolves several issues related to token revokation as well as duplicate authorize co...
72bff7f33ee8c3a4a8806cc266ca7299ff1785d4 authored over 6 years ago
jwt: Sets audience to a string array (#279)
Closes #215
2d58a585d6b53831b17bcd3ed31e67d5b2637d4a authored over 6 years ago
authorize: Fixes implicit detection in error writer (#277)
608bf5fff7f5f7fc0dde0b3aecd03534974ba982 authored over 6 years ago
608bf5fff7f5f7fc0dde0b3aecd03534974ba982 authored over 6 years ago
openid: Use claims.RequestedAt for a reference of "now" (#276)
Previously, time.Now() was used to get a reference of "now". However, this caused short max_age ...
91e7a4c236caccbea211c7790ad8194b7bd5f8a2 authored over 6 years ago
openid: Issue ID Token on implicit code flow as well
180c74965cb128059d63e894ba2dd04184458a33 authored over 6 years ago
180c74965cb128059d63e894ba2dd04184458a33 authored over 6 years ago
openid: Enforce nonce on implicit/hybrid flows
3b44eb3538d4faff5fc05a74c8b9fa88ddb48202 authored over 6 years ago
3b44eb3538d4faff5fc05a74c8b9fa88ddb48202 authored over 6 years ago
jwt: Add JTI to counter missing nonce
28822d7b686c3a48ca9afec5291699b758c5f6cf authored over 6 years ago
28822d7b686c3a48ca9afec5291699b758c5f6cf authored over 6 years ago
core: Checks scopes before dispatching handlers (#272)
0f18305e742c17db1eee6784ce3451837b5fd09a authored over 6 years ago
0f18305e742c17db1eee6784ce3451837b5fd09a authored over 6 years ago
openid: Resolves timing issues in JWT strategy (#271)
aaec9940e2c3fc5a696b3d174d517a6ff1490a6f authored over 6 years ago
aaec9940e2c3fc5a696b3d174d517a6ff1490a6f authored over 6 years ago
openid: Resolves timing issues by setting now to the future (#270)
e9339d73eb39b15ffdb4b9a62ddc1ff1ba512530 authored over 6 years ago
e9339d73eb39b15ffdb4b9a62ddc1ff1ba512530 authored over 6 years ago
openid: Improves validation errors and uses UTC everywhere (#269)
eee3dad91e571a5b09217cc00caf485165f5a7d7 authored over 6 years ago
eee3dad91e571a5b09217cc00caf485165f5a7d7 authored over 6 years ago
openid: Improves prompt, max_age and id_token_hint validation (#268)
This patch improves the OIDC prompt, max_age, and id_token_hint
validation.
openid: Adds a validator used to validate OIDC parameters (#266)
The validator, for now, validates the prompt parameter of OIDC requests.
91c9d194a88e6b395668211df60cb512eab08541 authored over 6 years ago
oauth2: Introspection should return token type (#265)
Closes #264
This patch allows the introspection handler to return the token type (e.g. `acces...
2bf9b6c4177be3050ff9ba3b82c6474e4c324c39 authored over 6 years ago
core: Regression fix for request ID in refresh token flow (#262)
Signed-off-by: Beorn Facchini <[email protected]>
99029e0e1bc4b1d6dfa1ca8b85a46d79cffad6e8 authored over 6 years ago
handler/oauth2: Returns request unauthorized error on invalid password credentials (#261)
Signed-off-by: Beorn Facchini <[email protected]>
cca6af4161818682edb98936cae9249db814db27 authored over 6 years ago
core: Adds ExactScopeStrategy (#260)
The ExactScopeStrategy performs a simple string match (case sensitive)
of scopes.
core: Sanitizes request body before sending it to the storage adapter (#258)
This release resolves a security issue (reported by [platform.sh](https://www.platform.sh)) rela...
018b5c12b71b0da443255f4a5cf0ac9543bbf9f7 authored almost 7 years ago
docs: Fixes eaxmple errors in README (#257)
b138f5997d535151b3541a15b8c4f7a304cea4eb authored almost 7 years ago
b138f5997d535151b3541a15b8c4f7a304cea4eb authored almost 7 years ago
docs: Updates banner in readme (#253)
07ac5b89878e07fd54edf267f23ebc7059c8bb48 authored almost 7 years ago
07ac5b89878e07fd54edf267f23ebc7059c8bb48 authored almost 7 years ago
introspection: Improves debug messages (#254)
338399becb5114f84e6dc7166a95f6d036a6b748 authored almost 7 years ago
338399becb5114f84e6dc7166a95f6d036a6b748 authored almost 7 years ago
docs: Updates chat badge to discord
b6380be3365fc9703135f6ef3ee747d60d835915 authored almost 7 years ago
b6380be3365fc9703135f6ef3ee747d60d835915 authored almost 7 years ago
all: Updates years in license headers
77df218b30566ab7cd513b723a7e44f9f6afbe7e authored almost 7 years ago
77df218b30566ab7cd513b723a7e44f9f6afbe7e authored almost 7 years ago
all: Updates years in license headers
d8458abe997f70c743a7e2fa3cc27c2cb1d38c9e authored almost 7 years ago
d8458abe997f70c743a7e2fa3cc27c2cb1d38c9e authored almost 7 years ago
all: Adds email to license notice
77fa262093d783bc3f0e302ebddd1a2da3f2581d authored almost 7 years ago
77fa262093d783bc3f0e302ebddd1a2da3f2581d authored almost 7 years ago
all: Updates license notice
917401cdf0b891afa9a3aa65edb2539ff0f0a5ba authored almost 7 years ago
917401cdf0b891afa9a3aa65edb2539ff0f0a5ba authored almost 7 years ago
all: Updates license header
85bdbcb4c34c646c7eae56c0a1dc41dc1f75b470 authored almost 7 years ago
85bdbcb4c34c646c7eae56c0a1dc41dc1f75b470 authored almost 7 years ago
docs: Resolves minor spelling mistakes (#250)
7fbd2468dfb83cf7288643958db9890af5ffd3d1 authored almost 7 years ago
7fbd2468dfb83cf7288643958db9890af5ffd3d1 authored almost 7 years ago
docs : Fixes typo in README (#249)
d05fadfa7c4fa88ec58175fef146c7cc9c6c120c authored almost 7 years ago
d05fadfa7c4fa88ec58175fef146c7cc9c6c120c authored almost 7 years ago
docs: Resolves minor code documentation misspellings (#248)
c580d79aaa54f2aec179df400a3365ca711ead66 authored almost 7 years ago
c580d79aaa54f2aec179df400a3365ca711ead66 authored almost 7 years ago
handler: Adds PKCE implementation for none and S256 (#246)
This patch adds support for PKCE (https://tools.ietf.org/html/rfc7636) which is used by native a...
45128532dc4bbb40a56bf6250a58f9c5d57a9c7a authored almost 7 years ago
introspection: Adds missing http header to response writer (#247)
The introspection response writer was missing `application/json`
in header `Content-Type`. This...
introspection: Decodes of Basic Authorization username/password (#245)
Signed-off-by: Dmitry Dolbik <[email protected]>
b94312e25f011b54894da69256416271c23b5d14 authored almost 7 years ago
compose: Makes SendDebugMessages first class citizen (#243)
1ef3041c4da40d27ea25d56710e59d5f9352df5f authored about 7 years ago
1ef3041c4da40d27ea25d56710e59d5f9352df5f authored about 7 years ago
Adds ability to forward hints and debug messages to clients (#242)
7216c4f2711c79cf3d8a2c75ad7da4f54103988f authored about 7 years ago
7216c4f2711c79cf3d8a2c75ad7da4f54103988f authored about 7 years ago
handler/oauth2: Adds offline_access alias for refresh flow
2aa8e70bb88aa6bafde8d4ea949c5d514c6f568e authored about 7 years ago
2aa8e70bb88aa6bafde8d4ea949c5d514c6f568e authored about 7 years ago
Returns the correct error on duplicate auth code use
95d5f580c939eea0e6e93cdb4bae4cdbf5082869 authored about 7 years ago
95d5f580c939eea0e6e93cdb4bae4cdbf5082869 authored about 7 years ago
Improves http error codes
6831f7543000b3704879e52d8c9a4555653b4bd5 authored about 7 years ago
6831f7543000b3704879e52d8c9a4555653b4bd5 authored about 7 years ago
Resolves overriding auth_time with wrong value
c85b32d355a183dac3e46e50aac8b2c344cbd2d7 authored about 7 years ago
c85b32d355a183dac3e46e50aac8b2c344cbd2d7 authored about 7 years ago
Adds ability to catch non-conform OIDC authorizations
Fosite is now capable of detecting authorization flows that
are not conformant with the OpenID C...
Forces use of UTC time zone everywhere
4c7e4e5512061e9add22cc246882c78d2b06599c authored about 7 years ago
4c7e4e5512061e9add22cc246882c78d2b06599c authored about 7 years ago
token/jwt: Adds ability to specify acr value natively in id token payload
b87ca49b9418b99f492077f8ba78bf00e6c29180 authored about 7 years ago
b87ca49b9418b99f492077f8ba78bf00e6c29180 authored about 7 years ago
Upgrades history.md
87c37c3d6929b1edd2ab52a28d51ed1890628f51 authored about 7 years ago
87c37c3d6929b1edd2ab52a28d51ed1890628f51 authored about 7 years ago
oauth2: Allows client credentials in POST body and solves public client auth
Closes #231
Closes #217
handler/oauth2: Adds token revokation on authorize code reuse
2341dec8febeda9da535dc898c7d19aa3ecc8c00 authored about 7 years ago
2341dec8febeda9da535dc898c7d19aa3ecc8c00 authored about 7 years ago
handler/oauth2: Improves authorization code error handling
d6e0fbd9bdde624fa2e9feada3dec5b4266c4b9e authored about 7 years ago
d6e0fbd9bdde624fa2e9feada3dec5b4266c4b9e authored about 7 years ago
Improves error debug messages across the project
7ec8d19815d10913ef8cfd8ced9b9794f578dbf4 authored about 7 years ago
7ec8d19815d10913ef8cfd8ced9b9794f578dbf4 authored about 7 years ago
Resolves test issues and reverts auth code revokation patch
59fc47bbeb8093ab3652149ef6789a4e1564e1d8 authored about 7 years ago
59fc47bbeb8093ab3652149ef6789a4e1564e1d8 authored about 7 years ago
docs: Updates history.md
9fc25a86c4d8609aafa382e5eab32d3d087ec9d8 authored about 7 years ago
9fc25a86c4d8609aafa382e5eab32d3d087ec9d8 authored about 7 years ago
Improves test coverage report by removing internal package from it
831f56a9e6774b1e80c13cd301583edea6378245 authored about 7 years ago
831f56a9e6774b1e80c13cd301583edea6378245 authored about 7 years ago
internal: Updates mocks and mock generation
1f9d07d15e8f70986ed12cfb3ac9fac4a6e7e278 authored about 7 years ago
1f9d07d15e8f70986ed12cfb3ac9fac4a6e7e278 authored about 7 years ago
Makes use of rfcerr in access error endpoint writer explicit
701d85072d1ea5c35c7d05acf19bccdef626ba3c authored about 7 years ago
701d85072d1ea5c35c7d05acf19bccdef626ba3c authored about 7 years ago
Exports ErrorToRFC6749Error again (#228)
8d35b668079db8642ede3b1d345d74692926515f authored about 7 years ago
8d35b668079db8642ede3b1d345d74692926515f authored about 7 years ago
Simplifies error contexts (#227)
Simplifies how errors are instantiated. Errors now contain all necessary information without rel...
8961d861814862f9432f0608bcd14dfbcd4ec979 authored about 7 years ago
handler/oauth2: Client IDs in revokation requests must match now (#226)
Closes #225
83136a3ed5ed99b3a525f0ad87d693eadf273e8a authored about 7 years ago
travis: update go version (#220)
ff751ee3691f79886ccfc6afa3936c2c3b506a9e authored about 7 years ago
ff751ee3691f79886ccfc6afa3936c2c3b506a9e authored about 7 years ago
Add license header to all source files (#222)
Closes #221
Signed-off-by: aeneasr <[email protected]>
dd9398ea0553b07d63022af50ee2090d1616c5a9 authored about 7 years ago
vendor: replace glide with dep
ec43e3a05da49d45ebe8a98b28b14f8817c507f4 authored about 7 years ago
ec43e3a05da49d45ebe8a98b28b14f8817c507f4 authored about 7 years ago
travis: update to go 1.9
c17222c854198a7a388a2656a710bf13a5c3c3b9 authored about 7 years ago
c17222c854198a7a388a2656a710bf13a5c3c3b9 authored about 7 years ago
history: add 0.12.0 to TOC
a2e3a474b2439e4ad68a641152639f7921e610a6 authored about 7 years ago
a2e3a474b2439e4ad68a641152639f7921e610a6 authored about 7 years ago
travis: use go-acc and test format
47fd477814c7826a9e9e89a02c248cfbad6b5a7a authored about 7 years ago
47fd477814c7826a9e9e89a02c248cfbad6b5a7a authored about 7 years ago
all: format files with goimports
c87defe18676b36d880fa834c10e2cbd5464e061 authored about 7 years ago
c87defe18676b36d880fa834c10e2cbd5464e061 authored about 7 years ago