Elias Schneider
|
9714296efb
|
fix: block link-local addresses in SSRF protection
|
2026-07-13 11:05:24 +02:00 |
|
dependabot[bot]
|
ef9ed8de32
|
chore(deps): Bump the "all-dependencies" group with 3 updates across multiple ecosystems (#1578)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Elias Schneider <login@eliasschneider.com>
|
2026-07-13 09:58:41 +02:00 |
|
Elias Schneider
|
187cd8ddcd
|
feat: add support for CIDR and IP address lists in TRUST_PROXY
|
2026-07-13 09:32:05 +02:00 |
|
Elias Schneider
|
d9ead47d19
|
fix: allow insecure callback URLs by default until next major release
|
2026-07-13 09:21:53 +02:00 |
|
Alessandro (Ale) Segala
|
cfda5f693b
|
refactor: manage instance ID in the KV table (#1579)
|
2026-07-11 16:16:05 +02:00 |
|
Marco Scabbiolo
|
ff8e34cccf
|
fix: postgres migration 20250822 remove public schema references (#1582)
Co-authored-by: Marco <marco.scabbiolo@redb.ee>
|
2026-07-11 16:11:07 +02:00 |
|
Elias Schneider
|
f62d476c56
|
chore: upgrade go version
|
2026-07-10 16:58:27 +02:00 |
|
Elias Schneider
|
da3677f33d
|
docs: fix wrong OpenAPI documentation
|
2026-07-10 15:44:28 +02:00 |
|
Alessandro (Ale) Segala
|
b2711ced99
|
fix: /authorize endpoint crashes when list of scopes is empty (#1575)
|
2026-07-08 17:48:32 -07:00 |
|
Sean McKenzie
|
6734585712
|
feat: add description field to oidc clients (#1547)
Co-authored-by: Elias Schneider <login@eliasschneider.com>
|
2026-07-08 13:41:51 +02:00 |
|
Elias Schneider
|
c85a4e63da
|
fix: disable one time access token exchange for disabled users
|
2026-07-08 12:04:16 +02:00 |
|
Elias Schneider
|
ce7d3a7e1d
|
tests(unit): fix wrong migration name
|
2026-07-08 11:51:43 +02:00 |
|
Elias Schneider
|
190914fd72
|
refactor: remove duplicate fosite config properties
|
2026-07-08 11:01:50 +02:00 |
|
Elias Schneider
|
25dcad757a
|
feat: add support for unencrypted OIDC request parameter
|
2026-07-08 10:42:05 +02:00 |
|
Elias Schneider
|
c72da58eaf
|
refactor: rename migrations
|
2026-07-07 17:16:10 +02:00 |
|
Elias Schneider
|
f3b6ceb876
|
fix: add missing burst to rate limit
|
2026-07-07 14:01:26 +02:00 |
|
Elias Schneider
|
fa2d08cb6d
|
refactor: remove redundant dtos
|
2026-07-07 11:51:37 +02:00 |
|
Elias Schneider
|
2f55b7cbc3
|
fix: device authorization resolve resource creating device_code
|
2026-07-07 11:51:02 +02:00 |
|
Elias Schneider
|
8035a4c8d5
|
perf: include permissions in api list response
|
2026-07-07 11:38:59 +02:00 |
|
Elias Schneider
|
7667377c98
|
refactor: pass transaction to resolveResource
|
2026-07-07 11:14:19 +02:00 |
|
Elias Schneider
|
5e2cc6f40e
|
fix: merge requested scopes instead of replacing them
|
2026-07-07 11:03:06 +02:00 |
|
Elias Schneider
|
e8cb0c831c
|
fix: re-check api permissions on access token refresh
|
2026-07-07 10:58:39 +02:00 |
|
Elias Schneider
|
337fc6fd1e
|
chore: update Fosite version
|
2026-07-06 23:43:09 +02:00 |
|
Elias Schneider
|
9a94aa0694
|
refactor: move Pocket ID specific logic from Fosite into Pocket ID repo
|
2026-07-06 23:34:33 +02:00 |
|
Elias Schneider
|
34e9a6d198
|
fix: restore behavior that unknown scopes get ignored
|
2026-07-06 22:42:38 +02:00 |
|
Elias Schneider
|
09d196f7c5
|
feat: add OAuth APIs with scoped permissions (#1542)
Co-authored-by: Alessandro (Ale) Segala <43508+ItalyPaleAle@users.noreply.github.com>
|
2026-07-06 12:25:02 -07:00 |
|
github-actions[bot]
|
0b2706a488
|
chore: update AAGUIDs (#1567)
Co-authored-by: stonith404 <58886915+stonith404@users.noreply.github.com>
|
2026-07-06 08:58:44 +02:00 |
|
Alessandro (Ale) Segala
|
eefd51cc4d
|
fix: various bugs in observability / OTel (#1564)
|
2026-07-05 14:14:39 -07:00 |
|
Alessandro (Ale) Segala
|
f68ad42618
|
chore: use go-kit for sending emails (#1565)
|
2026-07-05 13:10:11 -07:00 |
|
dependabot[bot]
|
0d2624db9c
|
chore(deps): Bump the "all-dependencies" group with 3 updates across multiple ecosystems (#1563)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Kyle Mendell <ksm@ofkm.us>
|
2026-07-05 22:06:07 +02:00 |
|
Alessandro (Ale) Segala
|
9607495ab4
|
refactor: integrate Francis actor framework for background jobs, cron scheduling, and rate limiting (#1556)
Co-authored-by: Elias Schneider <login@eliasschneider.com>
Co-authored-by: Claude <noreply@anthropic.com>
|
2026-07-03 08:36:45 +02:00 |
|
Elias Schneider
|
931a6c2adb
|
feat: drop TOFU support for callback URL
|
2026-07-02 14:05:37 +02:00 |
|
Elias Schneider
|
ecad31cae2
|
refactor: migrate signup functionality to single usersignup module
|
2026-06-30 20:53:31 +02:00 |
|
Elias Schneider
|
58fcf7cbe6
|
refactor: migrate Webauthn functionality to single webauthn module
|
2026-06-29 14:05:07 +02:00 |
|
Elias Schneider
|
9fce987106
|
refactor: migrate API key functionality to single apikey module
|
2026-06-29 12:11:18 +02:00 |
|
James18232
|
97bd466f38
|
feat: prompt admin with PKCE client support hint (#1499)
Co-authored-by: james <james@goldfish.net>
Co-authored-by: Alessandro (Ale) Segala <43508+ItalyPaleAle@users.noreply.github.com>
Co-authored-by: Elias Schneider <login@eliasschneider.com>
Co-authored-by: Kyle Mendell <kmendell@ofkm.us>
|
2026-06-28 11:10:30 -07:00 |
|
Elias Schneider
|
d467855870
|
feat: add ability to skip consent for client
|
2026-06-26 23:35:26 +02:00 |
|
Elias Schneider
|
16b5c16a66
|
fix: CSP error with response_mode=form_post
|
2026-06-26 14:51:56 +02:00 |
|
Elias Schneider
|
2ed703540d
|
fix: don't reject offline_accessscope
|
2026-06-26 14:43:22 +02:00 |
|
Elias Schneider
|
e538ea0bf1
|
chore(deps): update vulnerable dependencies
|
2026-06-22 22:37:51 +02:00 |
|
Elias Schneider
|
8689ddd72b
|
feat: improve error handling on authorize page
|
2026-06-22 22:12:14 +02:00 |
|
Elias Schneider
|
519cda0eef
|
refactor: remove dead code
|
2026-06-22 21:58:55 +02:00 |
|
Elias Schneider
|
cf9a31986f
|
chore: wrap last two migrations into transaction
|
2026-06-22 18:44:48 +02:00 |
|
Elias Schneider
|
8158452b37
|
refactor: use fosite for OAuth 2.0 logic (#1520)
|
2026-06-22 18:42:02 +02:00 |
|
James18232
|
2e77d57282
|
fix: login code null submission and login code length check (#1512)
Co-authored-by: james <james@goldfish.net>
Co-authored-by: Kyle Mendell <kmendell@ofkm.us>
|
2026-06-20 20:42:50 +02:00 |
|
dependabot[bot]
|
f673a91a67
|
chore(deps): Bump the "all-dependencies" group with 2 updates across multiple ecosystems (#1528)
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-06-20 09:58:24 -05:00 |
|
dependabot[bot]
|
24c85029b4
|
chore(deps): Bump the "all-dependencies" group with 4 updates across multiple ecosystems (#1523)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2026-06-16 10:17:14 +00:00 |
|
Elias Schneider
|
8a75774971
|
fix: callback URL validation not validated if prompt=none
|
2026-06-16 12:02:57 +02:00 |
|
Elias Schneider
|
3d9d4de619
|
fix: PAR parameters not respected by authorize page
|
2026-06-16 09:29:34 +02:00 |
|
github-actions[bot]
|
212c574a68
|
chore: update AAGUIDs (#1511)
Co-authored-by: stonith404 <58886915+stonith404@users.noreply.github.com>
|
2026-06-08 09:22:50 +02:00 |
|