clinch

Author	SHA1	Message	Date
Dan Milne	444ae6291c	Add missing files, fix formatting Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-05 23:34:11 +11:00
Dan Milne	cc6d4fcc65	Add test files, update checklist Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-05 23:28:55 +11:00
Dan Milne	25e1043312	Add skip-consent, correctly use 303, rather than 302, actually rename per app 'logout' to 'require re-auth'. Add helper methods for token lifetime - allowing 10d for 10days for example.	2026-01-05 12:03:01 +11:00
Dan Milne	0bb84f08d6	OpenID conformance test: we get a warning for not having a value for every claim. But we can explictly list support claims. Nothing we can do about a warning in the complience. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 16:35:12 +11:00
Dan Milne	182682024d	OpenID Conformance: Include all required scopes when profile is requested, even if they're empty Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 15:47:40 +11:00
Dan Milne	b517ebe809	OpenID conformance test: Allow posting the access token in the body for userinfo endpoint Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 15:41:07 +11:00
Dan Milne	f67a73821c	OpenID Conformance: user info endpoint should support get and post requets, not just get Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 15:26:39 +11:00
Dan Milne	b09ddf6db5	OpenID Conformance: We need to return to the redirect_uri in the case of errors. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 15:12:55 +11:00
Dan Milne	93a0edb0a2	StandardRB fixes Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 13:29:44 +11:00
Dan Milne	fcdd2b6de7	Continue adding auth_time - need it in the refresh token too, so we can accurately create new access tokens.	2025-12-31 16:57:28 +11:00
Dan Milne	3939ea773f	We already have a login_time stored - the time stamp of the Session instance creation ( created after successful login ).	2025-12-31 16:45:45 +11:00
Dan Milne	4b4afe277e	Include auth_time in ID token. Switch from upsert -> find_and_create_by so we actually get sid values for consent on the creation of the record	2025-12-31 16:36:32 +11:00
Dan Milne	cc7beba9de	PKCE is now default enabled. You can now create public / no-secret apps OIDC apps	2025-12-31 09:22:18 +11:00
Dan Milne	00eca6d8b2	Default deny forward_auth requests	2025-12-30 16:04:01 +11:00
Dan Milne	0761c424c1	Fix tests. Remove tests which test rails functionality Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-30 00:18:19 +11:00
Dan Milne	2a32d75895	Fix tests - don't test standard rails features	2025-12-29 19:45:01 +11:00
Dan Milne	acab15ce30	Fix more tests	2025-12-29 18:48:41 +11:00
Dan Milne	0361bfe470	Fix forward_auth bugs - including disabled apps still working. Fix forward_auth tests Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-29 15:37:12 +11:00
Dan Milne	5b9d15584a	Add more rate limiting, and more restrictive headers	2025-12-29 13:29:14 +11:00
Dan Milne	d6029556d3	Add OIDC fixes, add prefered_username, add application-user claims	2025-11-25 16:29:40 +11:00
Dan Milne	ab0085e9c9	More complete oidc	2025-11-18 20:02:45 +11:00
Dan Milne	1ee3302319	Improvements derived from rodauth-oauth	2025-11-12 22:17:55 +11:00
Dan Milne	33ad956508	Add test	2025-11-12 15:50:04 +11:00
Dan Milne	baa75a3456	Use the IPAddr library to detect ipv4 and ipv6 addresses Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 13:47:23 +11:00
Dan Milne	cfab21b130	More tests	2025-10-28 08:27:19 +11:00
Dan Milne	d98f777e7d	Refactor email delivery and background jobs system - Switch from SolidQueue to async job processor for simpler background job handling - Remove SolidQueue gem and related configuration files - Add letter_opener gem for development email preview - Fix invitation email template issues (invitation_login_token method and route helper) - Configure SMTP settings via environment variables in application.rb - Add email delivery configuration banner on admin users page - Improve admin users page with inline action buttons and SMTP configuration warnings - Update development and production environments to use async processor - Add helper methods to detect SMTP configuration and filter out localhost settings 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-26 16:30:02 +11:00
Dan Milne	56f7dd7b3c	First crack Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-23 16:45:00 +11:00
Dan Milne	1ff0a95392	First commit Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-23 16:19:56 +11:00

28 Commits