pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
748 Commits 1 Branch 0 Tags
d47b32ee00e7df0011e8da672e88d2bfee3b3c62
Commit Graph

43 Commits

Author SHA1 Message Date
Pierre HUBERT
c9d41f2517 Add CORS on token endpoint
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 15:51:33 +01:00
Pierre HUBERT
1a1a41d5dc Disable client secret check when no secret is specified
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 14:58:13 +01:00
Pierre HUBERT
d01311abf1 Can initiate code authentication without client secret
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 14:49:45 +01:00
Pierre HUBERT
a73ad4bf41 Add CORS headers on OpenID configuration endpoint
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-02-21 11:59:32 +01:00
Pierre HUBERT
0e5e2f55c5 Fix HTTPS detection
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-07-05 22:08:12 +02:00
Pierre HUBERT
91ef6c25d5 Can define additional claims on per-client basis
All checks were successful
continuous-integration/drone/push Build is passing
Details
2024-03-31 18:37:08 +02:00
Pierre HUBERT
0a5649fcb9 Add implicit authentication flow (#255)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Reviewed-on: #255
Co-authored-by: Pierre HUBERT <pierre.git@communiquons.org>
Co-committed-by: Pierre HUBERT <pierre.git@communiquons.org>
 2024-03-28 21:13:25 +00:00
Pierre HUBERT
cf0e7e1e68 Can enforce 2FA for specific clients 2024-03-27 20:59:29 +01:00
Pierre Hubert
6cc9f4c54c Refactor dependencies to reduce code base size (#111)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Use crates to reduce code base size :

* `actix-remote-ip` to safely determine user IP location
* `light-openid` for the OpenID primitives & as client to handle federation

Reviewed-on: #111
 2023-04-29 11:11:24 +00:00
Pierre Hubert
f262e6f183 First issue with Owncloud OIDC client (#110)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
OwnCloud 10.12.1 authentication fails with message "Authentication method unknown!"

Reviewed-on: #110
 2023-04-28 09:39:52 +00:00
Pierre Hubert
9b18b787a9 Add authentication from upstream providers (#107)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Let BasicOIDC delegate authentication to upstream providers (Google, GitHub, GitLab, Keycloak...)

Reviewed-on: #107
 2023-04-27 10:10:28 +00:00
Pierre Hubert
4f7c56a4b8 Loads clients list only once (#106)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
Currently, the list of client is loaded separately for each Actix HTTP handler threads.

In prevision of future improvements, it is worthwhile to load this list only once.

Reviewed-on: #106
 2023-04-17 16:49:19 +00:00
Pierre Hubert
6d2e52d632 Add default clients (#105)
All checks were successful
continuous-integration/drone/push Build is passing
Details 
* Add the possibility to create client enabled by default when creating new accounts
* Can mark clients are granted for all users, regardless of users accounts grants

Reviewed-on: #105
 2023-04-15 10:19:15 +00:00
Pierre Hubert
f2e4826b14 Update to code to Rust 1.67
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-02-02 10:22:15 +01:00
Pierre Hubert
e35f890241 Update crate base64
All checks were successful
continuous-integration/drone/push Build is passing
Details
2023-01-23 16:38:21 +01:00
Pierre Hubert
d06c0352fc Log all user actions on stdout
All checks were successful
continuous-integration/drone/push Build is passing
Details
2022-11-19 13:38:24 +01:00
Pierre Hubert
bfe65b0216 Add IP location service
All checks were successful
continuous-integration/drone/push Build is passing
Details
2022-11-12 17:02:34 +01:00
Pierre Hubert
af383720b7 Merge factors type for authentication 2022-11-11 12:26:02 +01:00
Pierre Hubert
07542abf8b Update actix_identity
All checks were successful
continuous-integration/drone/push Build is passing
Details
2022-07-22 12:21:38 +02:00
Pierre Hubert
48112dfed7 Make usage of FatalErrorPage more convenient 2022-04-23 20:31:09 +02:00
Pierre Hubert
0e02b63d93 Refuse to deliver token if code_verifier is present without code challenge 2022-04-20 09:52:00 +02:00
Pierre Hubert
94aeefe450 Replace type UserID with a structure 2022-04-19 19:40:36 +02:00
Pierre Hubert
fad92c5930 Deprecate dangerous feature 2022-04-18 17:05:26 +02:00
Pierre Hubert
bce601c550 Adapt OpenID discovery route to cluster configuration 2022-04-16 09:06:59 +02:00
Pierre Hubert
937343c5f9 Add email to id_token 2022-04-15 20:34:07 +02:00
Pierre Hubert
03a4bbb580 Cargo clippy 2022-04-15 20:18:36 +02:00
Pierre Hubert
94c601119a Use JWT token for access token 2022-04-15 20:08:31 +02:00
Pierre Hubert
69bb2816b9 Can disable code_challenge for specific clients 2022-04-15 19:26:17 +02:00
Pierre Hubert
cac461e03d Can bypass code verifier for specific clients 2022-04-15 18:28:53 +02:00
Pierre Hubert
1d21b30b68 Fix bad issuer 2022-04-15 17:30:43 +02:00
Pierre Hubert
e0016b8305 More permissive redirect uris 2022-04-15 17:27:53 +02:00
Pierre Hubert
819210ae86 Userinfo endpoint is working 2022-04-15 17:04:23 +02:00
Pierre Hubert
b867016a71 Start to build userinfo endpoint 2022-04-14 18:39:18 +02:00
Pierre Hubert
45f125a331 Add code challenge support 2022-04-14 18:04:01 +02:00
Pierre Hubert
0b64c88fc6 Normalize error responses 2022-04-14 17:13:07 +02:00
Pierre Hubert
078a913f6a Can request refresh tokens 2022-04-14 17:02:47 +02:00
Pierre Hubert
53a540139c Emit id_token 2022-04-13 19:07:58 +02:00
Pierre Hubert
d69b44528e Add /openid/token route 2022-04-12 20:40:44 +02:00
Pierre Hubert
88e34902c0 cargo clippy 2022-04-09 12:25:56 +02:00
Pierre Hubert
5633aae029 Check if user is authorized to access an application before authenticating him 2022-04-09 12:24:03 +02:00
Pierre Hubert
b10215ae9c Save open id session 2022-04-09 12:18:59 +02:00
Pierre Hubert
c4bc559b4d Check OpenID request parameters 2022-04-09 11:30:23 +02:00
Pierre Hubert
7978706803 Add openid-connecter discovery route 2022-04-08 18:53:57 +02:00