Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/ory/fosite

Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
https://github.com/ory/fosite

tests: replace nil checks with Error/NoError

7fe1f946af7b4921da008f245da84b85ea3f26d0 authored about 7 years ago by arekkas <[email protected]>
token/hmac: replace custom logic with copypasta

b4b9be5640c9d814b35f54b2c8621137364209ca authored about 7 years ago by arekkas <[email protected]>
scripts: add format helper scripts

92c73aee93b5d1fe2acf3395b495caf912453368 authored about 7 years ago by arekkas <[email protected]>
scripts: fix goimports import path

65743b40c69ccc76f07fd3eb4c45837d3b4a1505 authored about 7 years ago by arekkas <[email protected]>
travis: add goimports to install section

4f5df700e3c220f3aa5f7eb79a4b4f19d2f4576e authored about 7 years ago by arekkas <[email protected]>
handler/oauth2: set expiration time before the access token is generated (#216)

Signed-off-by: Nikita Vorobey <[email protected]>

0911eb0d643d77105e0126bf2303bdfd7190ccd3 authored about 7 years ago by Nikita Vorobey <[email protected]>
docs: update banner

d6cf027401e828c8e608b042615f982acdf6d915 authored over 7 years ago by Aeneas <[email protected]>
oauth2/ropc: Set expires at for password credentials flow (#210)

Signed-off-by: Beorn Facchini <[email protected]>

461b38fd07e47dad709667f024e98a71bfd3792b authored over 7 years ago by Beorn Facchini <[email protected]>
oauth2/introspection: configure core validator with access only option (#208)

Signed-off-by: Beorn Facchini <[email protected]>

80cae74590bfdf7d3f9439073a4a5aac21d7fd45 authored over 7 years ago by Beorn Facchini <[email protected]>
docs: fixes documentation oauth2 variable and updates old method (#205)

It seems that the documentation was declaring as OAuth2Provider the variable `oauth2Provider` wh...

fa50c80d36bbc8dda2633b59617689d8ef21042c authored over 7 years ago by akuma06 <[email protected]>
docs: update docs on scope strategy

68119ca5e282c356284a6dc7a2edb2b632d57a47 authored over 7 years ago by arekkas <[email protected]>
scope: add more test cases

c45a37d3bb9e3e79d16323f42d76ef96b624dbd0 authored over 7 years ago by arekkas <[email protected]>
scope: resolve haystack needle mixup - closes #201

2c7cdff9d2e677f5f892d6107a3c0b8b9ce61632 authored over 7 years ago by arekkas <[email protected]>
token/jwt: add claims tests

c55d67903fdc5b2f4b200b663d4f1a0cb1d21dca authored over 7 years ago by arekkas <[email protected]>
handler/openid: only refresh id token with id_token response type

Closes #199

dd2463a1a262600096f040867dcabe2a28e1a56c authored over 7 years ago by arekkas <[email protected]>
session: add tests for nil sessions

d67d52df200dfc72c9eb79e38ae6e91a1fb701f4 authored over 7 years ago by arekkas <[email protected]>
handler/oauth2: set requested at date in auth code test

edd4084b43ed88135fb60a4581283d8abaf92384 authored over 7 years ago by arekkas <[email protected]>
handler/oauth2: resolve travis time mismatch

ec6534cfebf24d716aba28dee43e6ec268c0918b authored over 7 years ago by arekkas <[email protected]>
handler/oauth2: simplify storage interface

Closes #194

361b3683552bcadf62d1d1c42baf6d5cc1ca1409 authored over 7 years ago by arekkas <[email protected]>
fmt: run goimports

35941c2f3ed0436019429d9657d9dab59cae93e1 authored over 7 years ago by arekkas <[email protected]>
handler/oauth2: first retrieve, then validate

ab72cba1799accc7b50990908139fa762eb2efc1 authored over 7 years ago by arekkas <[email protected]>
handler/oauth2: update docs

63f329b104c36dcbe2ee2f2a5562c6422f36224b authored over 7 years ago by arekkas <[email protected]>
handler/oauth2: remove code validity check from test

664d1a6c0177abfb4d8f780f28ecd69cb2d44d87 authored over 7 years ago by aeneasr <[email protected]>
handler/oauth2: use hmac strategy for jwt refresh tokens (#190)

Closes #180

56c88c04d4819aec08cb068a5fb7697dbaeb3288 authored over 7 years ago by Aeneas <[email protected]>
handler/openid: refresh token handler for oidc (#193)

closes #181

04888c5448382612a55fb0c57ccf2c0e3d841c2c authored over 7 years ago by Aeneas <[email protected]>
core: use deepcopy not gob encoding - closes #191

823db5b65cd7c0c356b211c920ca06ec10cfa8b6 authored over 7 years ago by arekkas <[email protected]>
storage: revoke access tokens when refreshing

Closes #167

bb74955ead77dbadf2f7b99ec3bff9b27f2a4388 authored over 7 years ago by arekkas <[email protected]>
fmt: gofmt

7a998fece7ea2fd63ad7943266e67954ab81aaf6 authored over 7 years ago by arekkas <[email protected]>
scope: implement new wildcard strategy - closes #188

e03e99e653454ab7cc997aacd162374bdbf38c75 authored over 7 years ago by arekkas <[email protected]>
oauth2/introspector: remove auth code, refresh scopes (#187)

Removes authorize code introspection in the HMAC-based strategy and now checks scopes of refresh...

ef8f1757f0c26317fd7dbb46f66fde7516a3b4bb authored over 7 years ago by Aeneas <[email protected]>
vendor: separate test dependencies (#186)

* vendor: Move testify to testImport
* test: Move Assert/Require helpers to _test pkg

Signed...

71451f05fa2b572c4467a9bca26ec3d018a74cd3 authored over 7 years ago by David Ackroyd <[email protected]>
handler/openid: remove forced nonce (#185)

Signed-off-by: Wyatt Anderson <[email protected]>

6c91a21b540c534c9a2330922e357e24c7d5fda9 authored over 7 years ago by Wyatt Anderson <[email protected]>
oauth2: basic auth should decode client id and secret

closes #182

92b75d93070fdb96f0ec9975dc24b69243d8f894 authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
docs: update test command in README and CONTRIBUTING (#183)

Signed-off-by: Wyatt Anderson <[email protected]>

c1ab029745520914fae525f150e91dfe7ae76142 authored over 7 years ago by Wyatt Anderson <[email protected]>
handler/oauth2: grant scopes before the access token is generated (#177)

Signed-off-by: Nikita Vorobey <[email protected]>

349726028d42f3c60aeefc67aef06f9f907ccf94 authored over 7 years ago by Nikita Vorobey <[email protected]>
introspection: return with active set false on token error (#176)

82944aaa42ddc9c718ee072d5a11635ec982394d authored over 7 years ago by Aeneas <[email protected]>
vendor: remove unnecessary go-jose import (#175)

d26aa4a76fda898677f333c38242a9049e448e1a authored over 7 years ago by Aeneas <[email protected]>
Resolve issues with error handling (#174)

* errors: do not convert errors compliant with rfcerrors

* handler/oauth2: improve redirect m...

9abdfd04261f472f34c9d6a545ccaa2d491c4f06 authored over 7 years ago by Aeneas <[email protected]>
vendor: clean up dependencies (#173)

* vendor: remove stray github.com/Sirupsen/logrus
* vendor: remove common lib

524d3b6fb51e81330608f727c63dbf41980de7ae authored over 7 years ago by Aeneas <[email protected]>
docs: add 0.9.0 release note

852cf82344c2d78863508eaa0fca32f468cd7fab authored over 7 years ago by Aeneas <[email protected]>
compose: enable fosite composing with custom hashers. (#170)

Signed-off-by: Matthew Hartstonge <[email protected]>

d70d882d0b125e386e52cd1aee3712d48538fd66 authored over 7 years ago by Matt Hartstonge <[email protected]>
oauth2: removed implicit storage as its never used - closes #165 (#171)

Signed-off-by: Michael Boke <[email protected]>

fe74027ee70292a72fe453095603cca060ff6290 authored over 7 years ago by Michael Boke <[email protected]>
docs: add notes for breaking changes that come with 0.8.0

d5fafb87b04ddf2ced6b58a063eac71892bcd5c9 authored over 7 years ago by aeneasr <[email protected]>
all: removed *http.Request from interfaces that access request objects

* removed the requirement to *http.Request for endpoints and response object, they are resolvabl...

786b971ca1d36a8f0bd0a5c0bfa798802d5c0c26 authored over 7 years ago by Michael Boke <[email protected]>
core: added context to GetClient storage interface (#162)

Closes #161

Signed-off-by: Michael Boke <[email protected]>

974585d4f809f96c8bf9ee3f0f1540bf9478b8a9 authored over 7 years ago by Michael Boke <[email protected]>
oauth2: set authorize code expire time before persist (#166)

Signed-off-by: Michael Boke <[email protected]>

305a74fe20649bde7150509ec072a43b958e0ee9 authored over 7 years ago by Michael Boke <[email protected]>
oauth2: set expiry date on implicit access tokens (#164)

Signed-off-by: Michael Boke <[email protected]>

0785b072dba9a9cf65bc8b7304af4e7691f96a96 authored over 7 years ago by Michael Boke <[email protected]>
all: replace golang.org/x/net/context with context

6b1d93124be24d4b2949060a4c3428c220667738 authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
all: goimports

1cb7e26e164c1f11b7cb6ab64191d680d19e7ca0 authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
docs: add breaking changes note

7d726e13800667a32372bb7f97a7f652c7eb9f3e authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
ci: remove go 1.5 and 1.6 from build list

8cc3ac8e4ecfbeec82835db716ab50acf76537c9 authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
all: move to new org

bd1308540c519a09d4228048d3d9a028d363a7bd authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
vendor: glide update

575dd791f9f11cd8e5471178b1ec3a7638653cae authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
access: revert regression issue introduced by #150

6f13d58533573ec847dca6e5cfa1d4338aef95b1 authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
access: revert regression issue introduced by #150

6bb4135523c4e2fcf7b3a0630e233ccb7a806fc8 authored over 7 years ago by Aeneas Rekkas (arekkas) <[email protected]>
oauth2: basic auth should www-url-decode client id and secret - closes #150

ad395bf323137e30ce12d40646a9229a42695863 authored over 7 years ago by aeneasr <[email protected]>
oauth2: get the token from the access_token query parameter (#156)

Signed-off-by: Jan Olszak <[email protected]>

9edac0441f4f9c8400e0cbd9cd637e9d2bfcae05 authored over 7 years ago by Jan Olszak <[email protected]>
handler/oauth2: removes RevokeHandler from JWT introspector (#155)

* Removes RevokeHandler from JWT Introspector

RevokeHandler has been removed because it confl...

344dbeff15cfce9990c0ccfd687a0c44f6a81569 authored over 7 years ago by wezzle <[email protected]>
authorize: allow localhost subdomains such as blog.localhost:1234

Signed-off-by: Matteo Suppo <[email protected]>

5e1c890fd144ce1ec12ee26d7ebfe02862af067e authored almost 8 years ago by Matteo Suppo <[email protected]>
readme: update badges to ory

9b33931ee14ae0768ea46a423d569330a85b482e authored almost 8 years ago by aeneasr <[email protected]>
core: redirect uris should ignore cases during matching - closes #144

4b887746fde977a0f5cf8fbbe06c90577f416fca authored almost 8 years ago by aeneasr <[email protected]>
ci: force package org ory-am

5e0a4a06a3cbcfca88125c7891eea87bc0de809b authored almost 8 years ago by aeneasr <[email protected]>
revert unintentional change

14a18a714c419b31d4bf1341e1017159bc17540f authored almost 8 years ago by Christopher Brown <[email protected]>
dont client id for aud

Signed-off-by: Christopher Brown <[email protected]>

a39200b3eb08b77d0181586454e5d7348d519aa5 authored almost 8 years ago by Christopher Brown <[email protected]>
handler/oauth2: allow stateless introspection of jwt access tokens

Signed-off-by: Christopher Brown <[email protected]>

c2d2ac258ecb1378493c0d60add2967e510fbc6b authored almost 8 years ago by Christopher Brown <[email protected]>
make stateless validator return an error on revocation

f8f797869eaa1895791ed1bba3b0f3c3a06a03ca authored almost 8 years ago by Christopher Brown <[email protected]>
errors: fixed typo in acccess_error

08b2242b66a8d430084c6aada57018f8c2dabea6 authored almost 8 years ago by Aeneas <[email protected]>
allow public clients to revoke tokens with just an ID

This functionality is described in the OAuth2 spec here: https://tools.ietf.org/html/rfc7009#sec...

7b94f470bede7cf5e94d11e05aa3364d0db75fe2 authored almost 8 years ago by kujenga <[email protected]>
RFC6749Error: conform to RFC 6749

Section 5.2 specifies the parameters for access error responses;
the "error" and "error_descript...

c4045541ae19c88634d79818a0060d71c9ef07ec authored almost 8 years ago by Peter Schultz <[email protected]>
request: fix SetRequestedScopes (#139)

Signed-off-by: Peter Schultz <[email protected]>

d02c427a76d5d8ef2f099bae79b7af69be3f643a authored almost 8 years ago by Peter Schultz <[email protected]>
authorize: allow custom redirect url schemas

c740b703399e7a1479dac9f261baec4b341f6cff authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
all: properly wrap errors

e054b6e04a9253e3d1d333064998045b3ab649fe authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
openid: c_hash / at_hash should use url-safe base64 encoding

33d44146ef17f9c176a2a74e7ee77eaae98ee5c1 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
openid: c_hash / at_hash should be string not byte slice

b489cc95b87d74785c5e9b8ea5eb48e975559f63 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
oauth2/implicit: fix redirect url on error

Signed-off-by: Nikita Vorobey <[email protected]>

435288ccdee2aed2447a5a0babf885dbfeae6b55 authored about 8 years ago by Nikita Vorobey <[email protected]>
docs: fix missing protocol in link in readme (#132)

Signed-off-by: Ibrahim AshShohail <[email protected]>

37ef374aec940d6b9fdcc33800c09ba08b830f39 authored about 8 years ago by Ibrahim AshShohail <[email protected]>
openid: add id_token + code flow

3f347e35b603fdde805a8b7a4fdaeff6bcddaa02 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
lint: gofmt -w -s .

95caa96835a1254ba3f8f4a21e635fe6da34f0fe authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
doc: fix typos (#130)

e6b410d519a0944cd52ffde656f7b21c4682b5a6 authored about 8 years ago by Peter Schultz <[email protected]>
access: response expires in should be int, not string

a2080a30c04abf6a9b3f7dee63026cb5816f8bbd authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
errors: add inactive token error

0151f1e17dda1c81185d00b388c83b25b7c5f72c authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
introspection: resolve broken test

51ab7bb960640bcd8722e2731af72c6c26e3bacd authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
introspection: add content type to error response

75aad53be3dfda8a02a47bd8f574dc23914b4b65 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
introspection: always return the error

366b4c1a06369b2cecaf6f71b720273e686d520d authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
token/jwt: Allow single element string arrays to be treated as strings

This commit allows `aud` to be passed in as a single element array
during consent validation on ...

5388e107ac994650eb1623efb6c88d14d045e325 authored about 8 years ago by Son Dinh <[email protected]>
oauth2/introspection: endpoint responds to invalid requests appropriately (#126)

9360f6473249324e2c2c2f6e94b3f123bdb929fa authored about 8 years ago by Aaron Taylor <[email protected]>
core: resolve issues with token introspection and sessions

895d16935bd97831eecff66b1d775af9b91a2506 authored about 8 years ago by aeneasr <[email protected]>
core: resolve session referencing issue (#125)

81a3229706c38e29c7745acf930272f4711547f4 authored about 8 years ago by Aeneas <[email protected]>
github: comply with Go license terms - closes #123

4c4507f865e0968e0a06c961aef9176bd8e7b7e3 authored about 8 years ago by Aeneas <[email protected]>
handler/oauth2: set JWT ExpiresAt claim per TokenType from the session (#121)

Signed-off-by: Cristian Graziano <[email protected]>

66170ae25a3ac26abcd2ab27d687434d4e2a60a7 authored about 8 years ago by cristiangraz <[email protected]>
oauth2/introspection: do not include the session in the response

daad27179358c71aeb89dc8d7d6fdd2c04a15871 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
0.5.0 (#119)

* all: resolve regression issues introduced by 0.4.0 - closes #118
* oauth2: introspection hand...

eb9077f6608d776ae50eb2ad4205705bad6ee0eb authored about 8 years ago by Aeneas <[email protected]>
vendor: reduce third party dependencies - closes #116

5ec5cff534008820671e56f6b062dc2aa1e364e6 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
oauth2: allow public clients to access token endpoint - closes #78

cbe433e1985d782217cb973261a3b1677af1f664 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
docs: add danilobuerger and jrossiter to hall of fame

f864e26f6b22726ad592742e8654b099729a4b46 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
all: clean up, resolve broken tests

1041e67f395480fd334446bd8b13f09dfbeeb658 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
docs: document reasoning for interface{} in compose package - closes #94

f1930124e072153f9d5ec8dc4f14733f9bdc20a1 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
all: flatten package hierarchy and merge files - closes #93

9b7ba808064d33a5251cb6cd3d30d2d4b8f3ff25 authored about 8 years ago by Aeneas Rekkas (arekkas) <[email protected]>
example: split library and example - closes #92

6d76d35018159d830a9b050f99c15b099a6975e2 authored about 8 years ago by Jason <[email protected]>
docs: add offline note to readme

60a767221625d0f6541f203e41a7ef20a1782eb0 authored about 8 years ago by Aeneas <[email protected]>