Commits · proof

e48a8b3

rename spec file.

2018-11-20 21:14:02

e95b9fa

fix i18n key.

2018-11-20 21:13:43

ddb78a1

simplify the bin/server script.

2018-11-20 21:00:15

1889b9d

generate api documentation using test server.

2018-11-05 17:56:38

0ac0275

export NODE_ENV

2018-11-03 03:26:40

9e5bd6d

merge with up/master

2018-11-03 03:24:34

32f5e5e

update client and return any errors.

2018-10-29 23:07:14

578b22a

update the client data.

2018-10-29 22:44:21

95faccd

start to build the client update endpoint.

2018-10-29 22:35:24

d48110d

ensure an authorization header is presented

2018-10-29 21:55:38

4ea3377

RFC-7592 Section 2.1 - revoke client token

2018-10-29 21:38:58

d55ebee

start to implement RFC-7592

2018-10-29 21:07:47

818df67

load key pairs from env variables.

2018-10-29 17:37:55

05442ae

load JWT private key from env var.

2018-10-29 15:08:00

24e3714

document scim resource types.

2018-10-29 01:31:16

3265df8

send the appropriate content-type in the scim request.

2018-10-29 01:24:47

ec716c7

allow public access to scim schemas

2018-10-29 01:20:25

0e9ad22

add scim schemas docs

2018-10-29 01:12:59

b62b39e

do not lint spec/documentation.rb

2018-10-29 00:36:20

2254669

use ActionController::API

2018-10-29 00:34:39

21eadfe

do not issue session cookies from oauth api endpoints

2018-10-29 00:11:20

2b5ff8e

document the scim service provider config

2018-10-28 23:12:20

5840ff6

document token introspection

2018-10-28 22:56:00

9950c3d

document the proof key code exchange

2018-10-28 22:10:34

c65abd8

add page to describe the dynamic client management API

2018-10-28 22:01:22

299bd2e

document dynamic client registration

2018-10-28 21:56:41

abfa1e4

saml assertion grant exchange

2018-10-28 21:32:40

e5ec447

refresh token documentation

2018-10-28 21:28:39

1d6b449

document the client credentials grant

2018-10-28 21:16:09

00709f0

document the password grant

2018-10-28 21:13:25

8d68697

add example of authorization code grant flow.

2018-10-28 21:06:33

fd94f12

do not send session cookie

2018-10-28 19:16:07

6a683fe

delete the rack runtime middleware.

2018-10-28 19:10:51

673a3c3

add blurb to the authorization server metadata post.

2018-10-28 19:08:55

7db0104

update jekyll config

2018-10-28 19:06:37

757b147

add post on oauth authorization server.

2018-10-28 19:02:40

0664daf

generate api example partials for documentation

2018-10-28 18:27:33

471b40d

package the security.txt file

2018-10-28 18:04:41

e2b99e3

add user info url to oauth metadata.

2018-10-28 18:01:01

0923253

delegate to Token.revoked?(jti)

2018-10-28 17:57:18

3b1b50a

create the user info endpoint.

2018-10-28 17:50:55

eb3794d

RFC-8414 - Provide Authorization Server Metadata

2018-10-28 17:06:21

122f2da

RFC-7009 - revoked associated grant and tokens.

2018-10-27 17:07:19

1ebe73f

RFC-7009 - check audience of token before revoking

2018-10-27 16:59:27

ad1e662

return forbidden when attempting to read another clients credentials

2018-10-22 02:07:19

096040b

assert the correct content-type is returned

2018-10-22 02:02:18

d39f4d9

extract a partial

2018-10-22 01:59:57

6ece23f

Start to implement RFC7592

2018-10-22 01:57:56

ebc2c25

address remaining brakeman warnings

2018-10-22 01:44:26

d3d5860

remove 2 brakeman warnings

2018-10-22 01:34:10

a10c094

use the redirect uri sent by the client

2018-10-21 23:14:21

bd1fc74

fix lint errors

2018-10-21 22:45:51

0892b7e

move oauth code to oauth namespace.

2018-10-21 22:41:46

73ac04f

exclude doc gems

2018-10-21 02:59:36

2c9cbe3

exclude bin files

2018-10-21 02:54:05

63bd152

exclude dev/test dependencies

2018-10-21 02:47:26

bcbf2d1

shrink the image by about 100MB

2018-10-21 02:25:35

69597f5

allow creation of client with multiple redirect uris

2018-10-20 20:03:47

ca9e8a8

fix broken test

2018-10-20 19:47:25

5b86f45

add Brewfile

2018-10-20 19:44:00

a8610ec

remaining linter errors

2018-10-20 19:00:16

a087f14

fix some linter errors

2018-10-20 18:45:49

ab0b8c7

fix some linter errors

2018-10-20 18:36:55

0e821c0

to primary key instead of uuid column

2018-10-20 18:33:24

cf9f1dd

fix failing tests

2018-10-20 17:30:21

fa81122

fix broken tests

2018-10-20 17:26:51

4896fc7

update client validations to support dynamic client registrations params

2018-10-20 17:20:44

5128a88

validate redirect_uri

2018-10-20 17:01:55

eb546bd

save values to new columns via dynamic registration

2018-10-20 16:56:38

93a8ebb

drop sqlite support and move to pg

2018-10-20 16:47:22

cb239d2

start to implement RFC7591 dynamic client registration

2018-10-20 16:13:33

957d320

add placeholder for jwt-bearer grant type

2018-10-20 15:16:05

e3a7b93

shrink docker image

2018-10-20 02:34:44

177e128

remove uglifier gem

2018-10-20 02:29:21

8fb3ca1

fix failing spec

2018-10-19 04:32:52

c3bd83d

update to ruby 2.5.3

2018-10-19 04:31:11

c3738de

try rubocop-rspec

2018-10-19 01:00:55

03b2b0a

implement token revokation endpoint RFC-7009

2018-10-19 00:12:12

26b479c

fix linter errors.

2018-10-15 17:37:38

b17a228

support PKCE extension on tokens endpoint

2018-10-15 17:29:05

60498a0

record code_challenge and code_challenge_method

2018-10-15 17:12:55

18b403b

start to add support for PKCE

2018-10-15 16:46:43

0c6e3b2

respond to client with error when state appears malicious

2018-10-13 17:44:29

56c2101

validate redirect url

2018-10-13 17:40:37

66e4468

extract constant for URI regex

2018-10-13 17:28:20

97df325

store client secrets as a bcrypt hash

2018-10-13 17:24:55

eb1636f

add client validations

2018-10-13 17:03:24

ae05433

whitelist parameters

2018-10-13 16:41:25

089e5ec

move validation methods to client

2018-10-13 16:37:25

cd2ba52

allow client to generate authorization instead of controller

2018-10-13 16:29:49

47f31b4

return bad request instead of not found

2018-10-13 16:19:04

6878181

open redirect_uri_path for extension

2018-10-13 16:14:08

074f391

collapse redirect method

2018-10-13 16:01:51

8edcfa6

return error if response type is not known

2018-10-13 15:54:17

82b0b91

refactor how redirect uri is generated

2018-10-13 15:51:10

c769cbb

fix some linter errors

2018-10-13 15:25:24

f46d053

allow token type choice

2018-10-12 15:16:35

72758be

validate the redirect_uri

2018-10-12 00:55:59

9e3ccd8

notify client of unsupported response types

2018-10-12 00:52:51

608b44f

add spec for invalid request

2018-10-12 00:44:33

« First ← Newer Page 3 of 7 Older → Last »