Dan Milne
|
f8543f98cc
|
Add a subdirectory for active storage
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-27 19:12:09 +11:00 |
|
Dan Milne
|
6be23c2c37
|
Add backchannel logout, per application logout.
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-27 16:38:27 +11:00 |
|
Dan Milne
|
eb2d7379bf
|
Backchannel complete - improve oidc credential display
|
2025-11-27 11:52:25 +11:00 |
|
Dan Milne
|
67d86e5835
|
Add Icons for apps
|
2025-11-25 19:11:22 +11:00 |
|
Dan Milne
|
d6029556d3
|
Add OIDC fixes, add prefered_username, add application-user claims
|
2025-11-25 16:29:40 +11:00 |
|
Dan Milne
|
7796c38c08
|
Add pairwise SID with a UUIDv4, a significatant upgrade over User.id.to_s. Complete allowing admin to enforce TOTP per user
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-23 11:16:06 +11:00 |
|
Dan Milne
|
e882a4d6d1
|
More complete oidc
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-18 20:03:03 +11:00 |
|
Dan Milne
|
ab0085e9c9
|
More complete oidc
|
2025-11-18 20:02:45 +11:00 |
|
Dan Milne
|
1ee3302319
|
Improvements derived from rodauth-oauth
|
2025-11-12 22:17:55 +11:00 |
|
Dan Milne
|
67f28faaca
|
Improve some front end views. More descriptive error condition reporting. Updates to CLINCH_HOST for better WEBAUTHN
|
2025-11-12 16:24:05 +11:00 |
|
Dan Milne
|
33ad956508
|
Add test
|
2025-11-12 15:50:04 +11:00 |
|
Dan Milne
|
11ec753c68
|
Bump up the forward auth token ttl, fix leaking of error data
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-09 12:27:53 +11:00 |
|
Dan Milne
|
4df2eee4d9
|
Bug fix for domain names with empty string instead of null. Form errors and some security fixes
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-09 12:22:41 +11:00 |
|
Dan Milne
|
d9f11abbbf
|
Fixes for OIDC and HTML
|
2025-11-09 12:04:26 +11:00 |
|
Dan Milne
|
c92e69fa4a
|
Add PCKE
|
2025-11-09 11:54:45 +11:00 |
|
Dan Milne
|
038801f34b
|
Add pkce
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-09 10:21:29 +11:00 |
|
Dan Milne
|
8e0b2c28eb
|
CSP fixes
2025.02
|
2025-11-08 20:01:07 +11:00 |
|
Dan Milne
|
f02665f690
|
Consolidate all the error messages - add some stimulus controller.
|
2025-11-07 16:58:28 +11:00 |
|
Dan Milne
|
631b2b53bb
|
Fix CSP reporting endpoitn. Fix the SER for CSP
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 23:22:15 +11:00 |
|
Dan Milne
|
6049429a41
|
Fix mobile view menu popout. Add an option SENTRY_DSN support, which uses rails event reporting
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 23:16:28 +11:00 |
|
Dan Milne
|
2b15aa2c40
|
Add sentry, set csp reporting API
|
2025-11-04 22:58:32 +11:00 |
|
Dan Milne
|
4f5974dd37
|
bah
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 21:33:52 +11:00 |
|
Dan Milne
|
5de53f1841
|
bug fix
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 21:21:00 +11:00 |
|
Dan Milne
|
73b2ae2f02
|
Add some docs
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 21:13:46 +11:00 |
|
Dan Milne
|
4c5ac344bd
|
Bug updating OIDC apps. Update readme
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 20:14:41 +11:00 |
|
Dan Milne
|
044b9239d6
|
Ok - this time add the new controllers we stripped out of inline and add back the csp
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 18:55:20 +11:00 |
|
Dan Milne
|
e9b1995e89
|
Remove unneeded stuff
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 18:47:31 +11:00 |
|
Dan Milne
|
fb14ce032f
|
Strip out more inline javascript code. Encrypt backup codes and treat the backup codes attribute as a json array
|
2025-11-04 18:46:11 +11:00 |
|
Dan Milne
|
bf104a9983
|
Fix CSP errors - migrate inline JS to stimulus controllers. Add a URL for applications so users can discover them
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 17:06:53 +11:00 |
|
Dan Milne
|
ec13dd2b60
|
Fix storing passkeys
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 16:32:50 +11:00 |
|
Dan Milne
|
57abc0b804
|
Add webauthn
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 16:20:11 +11:00 |
|
Dan Milne
|
19bfc21f11
|
Move sessions into their own view for easier management
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 15:19:39 +11:00 |
|
Dan Milne
|
ef15db77f9
|
Massive refactor. Merge forward_auth into App, remove references to unimplemented OIDC federation and SAML features. Add group and user custom claims. Groups now allocate which apps a user can use
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 13:21:55 +11:00 |
|
Dan Milne
|
4d1bc1ab66
|
Update readme
|
2025-10-29 22:39:49 +11:00 |
|
Dan Milne
|
517029247d
|
Update the .env.example file
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-29 16:35:27 +11:00 |
|
Dan Milne
|
bfcc5cdc84
|
More nuanced domain fetching for host validation
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-29 16:31:56 +11:00 |
|
Dan Milne
|
81871426e9
|
Update docs
|
2025-10-29 16:08:49 +11:00 |
|
Dan Milne
|
ddcb297c74
|
Add comprhensive csp polices and reporting endpoint. Add environment support require for protecting against rebinding attacks on ip addresses
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-29 15:37:53 +11:00 |
|
Dan Milne
|
6f7de94623
|
Rate limit the forward_auth controller
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-29 13:55:36 +11:00 |
|
Dan Milne
|
baa75a3456
|
Use the IPAddr library to detect ipv4 and ipv6 addresses
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-29 13:47:23 +11:00 |
|
Dan Milne
|
c3205abffa
|
Improve finding the requested host's domain for setting the domain cookie
|
2025-10-29 13:47:23 +11:00 |
|
Dan Milne
|
a2008d0750
|
remove incorrectly named files
|
2025-10-28 09:01:42 +11:00 |
|
Dan Milne
|
810561d74b
|
Rename thumbshots
|
2025-10-28 09:01:42 +11:00 |
|
Dan Milne
|
2ee895888d
|
Add screenshots
|
2025-10-28 09:01:42 +11:00 |
|
Dan Milne
|
6c9fc429f1
|
Increase thumb
|
2025-10-28 09:01:42 +11:00 |
|
Dan Milne
|
7d200b849e
|
Add a screenshot
|
2025-10-28 09:01:42 +11:00 |
|
Dan Milne
|
7074242907
|
Update docs. Implemented a one-time token to work around domain cookies not being immediately return by the browser. Reduce db queries on /api/verify requests.
|
2025-10-28 08:27:19 +11:00 |
|
Dan Milne
|
da6fd5b800
|
More logs
|
2025-10-28 08:27:19 +11:00 |
|
Dan Milne
|
cfab21b130
|
More tests
|
2025-10-28 08:27:19 +11:00 |
|
Dan Milne
|
c80bcafdb7
|
Bug fix
|
2025-10-28 08:27:19 +11:00 |
|