Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

github.com/ory/fosite

Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.
https://github.com/ory/fosite

feat: upgrade github.com/ory/x to v0.0.677

dselim opened this pull request 21 days ago
chore(deps): bump golang.org/x/crypto from 0.23.0 to 0.31.0

dependabot[bot] opened this pull request 22 days ago
refactor: refresh token rotation

aeneasr opened this pull request about 1 month ago
chore: make serialization error wrappable

aeneasr opened this pull request about 1 month ago
Fix inconsistent RFC links in documentation

volfco opened this pull request about 1 month ago
revert: signature extraction in the HMAC strategy

zepatrik opened this pull request about 2 months ago
fix: remove duplicated matcher split

acynothia opened this pull request 2 months ago
v0.47.0-patch-branch

aeneasr opened this pull request 2 months ago
chore: update ory/x and ristretto

aeneasr opened this pull request 2 months ago
feat: add identity ID to password grant extra claims

hperl opened this pull request 2 months ago
chore(deps): bump github.com/dgraph-io/ristretto from v0.1.1 to v1.0.0

lithammer opened this pull request 3 months ago
Is there a plan to implement RFC 9449 (DPoP: Demonstrating Proof of Possession)

ghiyastfarisi opened this issue 3 months ago
feat: support adding new aud values

cloudcarver opened this pull request 3 months ago
chore: minor improvements to readability and updated code style

zepatrik opened this pull request 3 months ago
Implement RFC 8628

nsklikas opened this pull request 3 months ago
Building v0.47.0 fails - cannot use generic type ristretto.Cache[K z.Key, V any] without instantiation

verkaufer opened this issue 4 months ago
chore: upgrade to jose v4 library

mitar opened this pull request 4 months ago
fix: do not store stacktrace in sentinel errors

mitar opened this pull request 4 months ago
Rich authorization request (RFC 9396)

vivshankar opened this issue 4 months ago
feat: (rfc8693) Token exchange

vivshankar opened this pull request 4 months ago
Is there a plan to support custom redirect_uri matching rules.

gitsang opened this issue 4 months ago
update opentelemetry version

zzzzzztt opened this pull request 6 months ago
Vulnerability: Please upgrade dependences

digitive opened this issue 6 months ago
Support audience matching strategy in the RFC7523 handler

elainaRenee opened this issue 6 months ago
refactor: improve dependency injection capabilities

aeneasr opened this pull request 6 months ago
revert: splitting the HMAC SHA strategy (#813)

aeneasr opened this pull request 6 months ago
fix: require redirect_uri for OpenID Connect calls

aeneasr opened this pull request 6 months ago
refactor: split HMAC SHA strategy

aeneasr opened this pull request 6 months ago
chore(deps): bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7

dependabot[bot] opened this pull request 6 months ago
chore(deps-dev): bump braces from 3.0.2 to 3.0.3

dependabot[bot] opened this pull request 6 months ago
chore: remove unneeded dependency github.com/ecordell/optgen

James-REANNZ opened this pull request 7 months ago
Consider upgrading to go.opentelemetry.io/otel/[email protected]

zzzzzztt opened this issue 7 months ago
chore(deps): bump golang.org/x/net from 0.13.0 to 0.23.0

dependabot[bot] opened this pull request 9 months ago
fix: remove transient oidc session after use

aeneasr opened this pull request 9 months ago
feat: add ResourceAccessScopeStrategy

zoop-btc opened this pull request 9 months ago
Iam 734 fix

nsklikas opened this pull request 9 months ago
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0

dependabot[bot] opened this pull request 10 months ago
Why does HMACStrategy.Generate uses a lock?

mitar opened this issue 10 months ago
fix: WriteIntrospectionResponse should always issue headers

mitar opened this pull request 10 months ago
Unable to obtain expiration time of refresh tokens

mitar opened this issue 10 months ago
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.3

dependabot[bot] opened this pull request 10 months ago
fix: pass JWK for singing so that KeyID is set in JWTs

mitar opened this pull request 10 months ago
id_token_hint should not persist to storage

mitar opened this issue 10 months ago
Consider upgrading to github.com/go-jose/go-jose/v4

mitar opened this issue 10 months ago
NewDefaultSession's SetSubject should set IDTokenClaims as well

mitar opened this issue 10 months ago
fix: use stdlib to check loopback address

mitar opened this pull request 11 months ago
docs: CHANGELOG.md is not used anymore

mitar opened this pull request 11 months ago
fix: call DeleteOpenIDConnectSession during successful authcode exchange

cfryanr opened this pull request 11 months ago
private_key_jwt assetion tokens can have unbounded expiration which can fill data store

mitar opened this issue 11 months ago
fix: pass standard params to storage

aeneasr opened this pull request 11 months ago
openid session storage should be deleted when the authcode is exchanged

cfryanr opened this issue 11 months ago
Make prefix used in HMACSHAStrategy configurable

mitar opened this issue 11 months ago
Support per-client signing algorithm

mitar opened this issue 11 months ago
fix: do not list client_secret_jwt as supported

mitar opened this pull request 11 months ago
DefaultSigner should support key rotation

mitar opened this issue 11 months ago
fix: add missing ctx argument to IsRedirectURISecureStrict

mitar opened this pull request 11 months ago
OIDC callback is always HTTPS, even when entered as HTTP

Forceu opened this issue 12 months ago
fix: fix broken link in History.md

Suvink opened this pull request almost 1 year ago
chore(deps): bump golang.org/x/crypto from 0.11.0 to 0.17.0

dependabot[bot] opened this pull request about 1 year ago
fix: quick start secret config

n0izn0iz opened this pull request about 1 year ago
feat: support multiple token URLs

hperl opened this pull request about 1 year ago
Can not run the example code

liuyangc3 opened this issue about 1 year ago
Concurrent requests for token endpoint on auth-code flow with same code succeed.

tn185075 opened this issue about 1 year ago
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.1

dependabot[bot] opened this pull request about 1 year ago
feat: add support for none response_type

dtam-cybozu opened this pull request about 1 year ago
fix: remove redundant map access

dtam-cybozu opened this pull request about 1 year ago
`iat` field in access token (JWT) issued as part of `refresh_token` grant.

tn185075 opened this issue about 1 year ago
chore(deps): bump google.golang.org/grpc from 1.57.0 to 1.57.1

dependabot[bot] opened this pull request about 1 year ago
refactor: transactional interface

alnr opened this pull request about 1 year ago
chore(deps): bump golang.org/x/net from 0.13.0 to 0.17.0

dependabot[bot] opened this pull request about 1 year ago
fix: decode id_token_hint with correct signer

hijiki51 opened this pull request over 1 year ago
Failed to decode `id_token_hint` when using different signer for `id_token` and others

hijiki51 opened this issue over 1 year ago
use mattn/go-sqlite3 v2.0.3+incompatible no the new version

wuxingzhong opened this issue over 1 year ago
fix: rfc9068 must condition ignored in introspection

james-d-elliott opened this pull request over 1 year ago
feat: revoke refresh token on request only

vivshankar opened this pull request over 1 year ago
fix: isloopback returns true incorrectly

james-d-elliott opened this pull request over 1 year ago
feat: [#631] JWT Encryption support for client authentication and ID Token generation

vivshankar opened this pull request over 1 year ago
feat: move OTEL to a new 'InstrumentedFosite'

vivshankar opened this pull request over 1 year ago
fix: openid ignores missing redirect uri

james-d-elliott opened this pull request over 1 year ago
feat: basic tracing instrumentation with OpenTelemetry

alnr opened this pull request over 1 year ago
fix: basic scheme rejects special characters

james-d-elliott opened this pull request over 1 year ago
fix(pkce): session generated needlessly

james-d-elliott opened this pull request over 1 year ago
feat: add support for OIDC VC

hperl opened this pull request over 1 year ago
feat: add support for OIDC VC

hperl opened this pull request over 1 year ago
fix: [#754] Requester ID fix

vivshankar opened this pull request over 1 year ago
fix: [#754] Set the ID of the original requester early

vivshankar opened this pull request over 1 year ago
Refresh token flow handler does not set the original request ID in the handler early enough

vivshankar opened this issue over 1 year ago
clientCredentialsFromRequest should not expect Basic Authorization terms being URL Escaped

it9gamelog opened this issue over 1 year ago
chore: update dependencies

hperl opened this pull request over 1 year ago
chore(deps): bump github.com/ory/x to v0.0.559 (+ required dependencies)

kralicky opened this pull request over 1 year ago
authorize_helper.isLoopbackAddress has flaws

it9gamelog opened this issue over 1 year ago
feat: grant requested audience(s) in client_credentials flow

mgyongyosi opened this pull request over 1 year ago
Allow revoking access token without revoking refresh token

apexskier opened this issue over 1 year ago
During refresh token grant if token is invalid or expired return status code should be 400

love-bhardwaj opened this issue over 1 year ago
chore: update go-jose to v3.0.0

JustinHook opened this pull request over 1 year ago
Changelog is out of sync

mitar opened this issue over 1 year ago
redirect_uri matching does not follow RFC3986

jgresty opened this issue over 1 year ago
Failing to fetch a PKCE request session fails requests even when PKCE is not enforced

jgresty opened this issue almost 2 years ago
Auth Req omitted response_mode does not validate the default response_mode against the ResponseModeClient

james-d-elliott opened this issue almost 2 years ago
Revert "chore(deps): bump golang.org/x/net (#738)"

hperl opened this pull request almost 2 years ago