c9d41f2517
Add CORS on token endpoint
continuous-integration/drone/push Build is passing
2025-02-21 15:51:33 +01:00
1a1a41d5dc
Disable client secret check when no secret is specified
continuous-integration/drone/push Build is passing
2025-02-21 14:58:13 +01:00
d01311abf1
Can initiate code authentication without client secret
continuous-integration/drone/push Build is passing
2025-02-21 14:49:45 +01:00
a73ad4bf41
Add CORS headers on OpenID configuration endpoint
continuous-integration/drone/push Build is passing
2025-02-21 11:59:32 +01:00
0e5e2f55c5
Fix HTTPS detection
continuous-integration/drone/push Build is passing
2024-07-05 22:08:12 +02:00
91ef6c25d5
Can define additional claims on per-client basis
continuous-integration/drone/push Build is passing
2024-03-31 18:37:08 +02:00
0a5649fcb9
Add implicit authentication flow ( #255 )
...
continuous-integration/drone/push Build is passing
Reviewed-on: #255
Co-authored-by: Pierre HUBERT <pierre.git@communiquons.org >
Co-committed-by: Pierre HUBERT <pierre.git@communiquons.org >
2024-03-28 21:13:25 +00:00
cf0e7e1e68
Can enforce 2FA for specific clients
2024-03-27 20:59:29 +01:00
6cc9f4c54c
Refactor dependencies to reduce code base size ( #111 )
...
continuous-integration/drone/push Build is passing
Use crates to reduce code base size :
* `actix-remote-ip` to safely determine user IP location
* `light-openid` for the OpenID primitives & as client to handle federation
Reviewed-on: #111
2023-04-29 11:11:24 +00:00
f262e6f183
First issue with Owncloud OIDC client ( #110 )
...
continuous-integration/drone/push Build is passing
OwnCloud 10.12.1 authentication fails with message "Authentication method unknown!"
Reviewed-on: #110
2023-04-28 09:39:52 +00:00
9b18b787a9
Add authentication from upstream providers ( #107 )
...
continuous-integration/drone/push Build is passing
Let BasicOIDC delegate authentication to upstream providers (Google, GitHub, GitLab, Keycloak...)
Reviewed-on: #107
2023-04-27 10:10:28 +00:00
4f7c56a4b8
Loads clients list only once ( #106 )
...
continuous-integration/drone/push Build is passing
Currently, the list of client is loaded separately for each Actix HTTP handler threads.
In prevision of future improvements, it is worthwhile to load this list only once.
Reviewed-on: #106
2023-04-17 16:49:19 +00:00
6d2e52d632
Add default clients ( #105 )
...
continuous-integration/drone/push Build is passing
* Add the possibility to create client enabled by default when creating new accounts
* Can mark clients are granted for all users, regardless of users accounts grants
Reviewed-on: #105
2023-04-15 10:19:15 +00:00
f2e4826b14
Update to code to Rust 1.67
continuous-integration/drone/push Build is passing
2023-02-02 10:22:15 +01:00
e35f890241
Update crate base64
continuous-integration/drone/push Build is passing
2023-01-23 16:38:21 +01:00
d06c0352fc
Log all user actions on stdout
continuous-integration/drone/push Build is passing
2022-11-19 13:38:24 +01:00
bfe65b0216
Add IP location service
continuous-integration/drone/push Build is passing
2022-11-12 17:02:34 +01:00
af383720b7
Merge factors type for authentication
2022-11-11 12:26:02 +01:00
07542abf8b
Update actix_identity
continuous-integration/drone/push Build is passing
2022-07-22 12:21:38 +02:00
48112dfed7
Make usage of FatalErrorPage
more convenient
2022-04-23 20:31:09 +02:00
0e02b63d93
Refuse to deliver token if code_verifier
is present without code challenge
2022-04-20 09:52:00 +02:00
94aeefe450
Replace type UserID
with a structure
2022-04-19 19:40:36 +02:00
fad92c5930
Deprecate dangerous feature
2022-04-18 17:05:26 +02:00
bce601c550
Adapt OpenID discovery route to cluster configuration
2022-04-16 09:06:59 +02:00
937343c5f9
Add email to id_token
2022-04-15 20:34:07 +02:00
03a4bbb580
Cargo clippy
2022-04-15 20:18:36 +02:00
94c601119a
Use JWT token for access token
2022-04-15 20:08:31 +02:00
69bb2816b9
Can disable code_challenge for specific clients
2022-04-15 19:26:17 +02:00
cac461e03d
Can bypass code verifier for specific clients
2022-04-15 18:28:53 +02:00
1d21b30b68
Fix bad issuer
2022-04-15 17:30:43 +02:00
e0016b8305
More permissive redirect uris
2022-04-15 17:27:53 +02:00
819210ae86
Userinfo endpoint is working
2022-04-15 17:04:23 +02:00
b867016a71
Start to build userinfo endpoint
2022-04-14 18:39:18 +02:00
45f125a331
Add code challenge support
2022-04-14 18:04:01 +02:00
0b64c88fc6
Normalize error responses
2022-04-14 17:13:07 +02:00
078a913f6a
Can request refresh tokens
2022-04-14 17:02:47 +02:00
53a540139c
Emit id_token
2022-04-13 19:07:58 +02:00
d69b44528e
Add /openid/token
route
2022-04-12 20:40:44 +02:00
88e34902c0
cargo clippy
2022-04-09 12:25:56 +02:00
5633aae029
Check if user is authorized to access an application before authenticating him
2022-04-09 12:24:03 +02:00
b10215ae9c
Save open id session
2022-04-09 12:18:59 +02:00
c4bc559b4d
Check OpenID request parameters
2022-04-09 11:30:23 +02:00
7978706803
Add openid-connecter discovery route
2022-04-08 18:53:57 +02:00