clinch

Author	SHA1	Message	Date
Dan Milne	e882a4d6d1	More complete oidc Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-18 20:03:03 +11:00
Dan Milne	ab0085e9c9	More complete oidc	2025-11-18 20:02:45 +11:00
Dan Milne	1ee3302319	Improvements derived from rodauth-oauth	2025-11-12 22:17:55 +11:00
Dan Milne	67f28faaca	Improve some front end views. More descriptive error condition reporting. Updates to CLINCH_HOST for better WEBAUTHN	2025-11-12 16:24:05 +11:00
Dan Milne	33ad956508	Add test	2025-11-12 15:50:04 +11:00
Dan Milne	11ec753c68	Bump up the forward auth token ttl, fix leaking of error data Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-09 12:27:53 +11:00
Dan Milne	4df2eee4d9	Bug fix for domain names with empty string instead of null. Form errors and some security fixes Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-09 12:22:41 +11:00
Dan Milne	d9f11abbbf	Fixes for OIDC and HTML	2025-11-09 12:04:26 +11:00
Dan Milne	c92e69fa4a	Add PCKE	2025-11-09 11:54:45 +11:00
Dan Milne	038801f34b	Add pkce Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-09 10:21:29 +11:00
Dan Milne	8e0b2c28eb	CSP fixes 2025.02	2025-11-08 20:01:07 +11:00
Dan Milne	f02665f690	Consolidate all the error messages - add some stimulus controller.	2025-11-07 16:58:28 +11:00
Dan Milne	631b2b53bb	Fix CSP reporting endpoitn. Fix the SER for CSP Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 23:22:15 +11:00
Dan Milne	6049429a41	Fix mobile view menu popout. Add an option SENTRY_DSN support, which uses rails event reporting Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 23:16:28 +11:00
Dan Milne	2b15aa2c40	Add sentry, set csp reporting API	2025-11-04 22:58:32 +11:00
Dan Milne	4f5974dd37	bah Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 21:33:52 +11:00
Dan Milne	5de53f1841	bug fix Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 21:21:00 +11:00
Dan Milne	73b2ae2f02	Add some docs Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 21:13:46 +11:00
Dan Milne	4c5ac344bd	Bug updating OIDC apps. Update readme Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 20:14:41 +11:00
Dan Milne	044b9239d6	Ok - this time add the new controllers we stripped out of inline and add back the csp Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 18:55:20 +11:00
Dan Milne	e9b1995e89	Remove unneeded stuff Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 18:47:31 +11:00
Dan Milne	fb14ce032f	Strip out more inline javascript code. Encrypt backup codes and treat the backup codes attribute as a json array	2025-11-04 18:46:11 +11:00
Dan Milne	bf104a9983	Fix CSP errors - migrate inline JS to stimulus controllers. Add a URL for applications so users can discover them Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 17:06:53 +11:00
Dan Milne	ec13dd2b60	Fix storing passkeys Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 16:32:50 +11:00
Dan Milne	57abc0b804	Add webauthn Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 16:20:11 +11:00
Dan Milne	19bfc21f11	Move sessions into their own view for easier management Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 15:19:39 +11:00
Dan Milne	ef15db77f9	Massive refactor. Merge forward_auth into App, remove references to unimplemented OIDC federation and SAML features. Add group and user custom claims. Groups now allocate which apps a user can use Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 13:21:55 +11:00
Dan Milne	4d1bc1ab66	Update readme	2025-10-29 22:39:49 +11:00
Dan Milne	517029247d	Update the .env.example file Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 16:35:27 +11:00
Dan Milne	bfcc5cdc84	More nuanced domain fetching for host validation Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 16:31:56 +11:00
Dan Milne	81871426e9	Update docs	2025-10-29 16:08:49 +11:00
Dan Milne	ddcb297c74	Add comprhensive csp polices and reporting endpoint. Add environment support require for protecting against rebinding attacks on ip addresses Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 15:37:53 +11:00
Dan Milne	6f7de94623	Rate limit the forward_auth controller Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 13:55:36 +11:00
Dan Milne	baa75a3456	Use the IPAddr library to detect ipv4 and ipv6 addresses Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 13:47:23 +11:00
Dan Milne	c3205abffa	Improve finding the requested host's domain for setting the domain cookie	2025-10-29 13:47:23 +11:00
Dan Milne	a2008d0750	remove incorrectly named files	2025-10-28 09:01:42 +11:00
Dan Milne	810561d74b	Rename thumbshots	2025-10-28 09:01:42 +11:00
Dan Milne	2ee895888d	Add screenshots	2025-10-28 09:01:42 +11:00
Dan Milne	6c9fc429f1	Increase thumb	2025-10-28 09:01:42 +11:00
Dan Milne	7d200b849e	Add a screenshot	2025-10-28 09:01:42 +11:00
Dan Milne	7074242907	Update docs. Implemented a one-time token to work around domain cookies not being immediately return by the browser. Reduce db queries on /api/verify requests.	2025-10-28 08:27:19 +11:00
Dan Milne	da6fd5b800	More logs	2025-10-28 08:27:19 +11:00
Dan Milne	cfab21b130	More tests	2025-10-28 08:27:19 +11:00
Dan Milne	c80bcafdb7	Bug fix	2025-10-28 08:27:19 +11:00
Dan Milne	f050541e14	Merge pull request #1 from dkam/dependabot/github_actions/actions/upload-artifact-5 Bump actions/upload-artifact from 4 to 5	2025-10-27 20:05:01 +11:00
Dan Milne	431e947a4c	Some more tests. Fix invitation link and password reset links. After creating their account and setting a password, the user is logged in Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-26 23:09:38 +11:00
Dan Milne	8dd3e60071	Add a list_sign_in_at field for users so magick links work	2025-10-26 22:40:54 +11:00
Dan Milne	e4e7a0873e	Fixes	2025-10-26 22:03:03 +11:00
Dan Milne	b5b1d94d47	Fix the CLINCH_HOST issue.	2025-10-26 21:59:27 +11:00
Dan Milne	52cfd6122c	Typo. More tests	2025-10-26 20:42:18 +11:00

1 2

94 Commits