This website requires JavaScript.
Explore
Help
Sign In
dkam
/
clinch
Watch
1
Star
0
Fork
0
You've already forked clinch
Code
Issues
4
Pull Requests
Actions
Packages
Projects
Releases
Wiki
Activity
Files
d036e25fef6c273c42d3b80444bc93234a6b6505
clinch
/
app
History
Dan Milne
d036e25fef
Add auth_time, acr and azp support for OIDC claims
2025-12-31 17:07:54 +11:00
..
assets
First commit
2025-10-23 16:19:56 +11:00
channels
/application_cable
First crack
2025-10-23 16:45:00 +11:00
controllers
Add auth_time, acr and azp support for OIDC claims
2025-12-31 17:07:54 +11:00
helpers
Add OIDC fixes, add prefered_username, add application-user claims
2025-11-25 16:29:40 +11:00
javascript
PKCE is now default enabled. You can now create public / no-secret apps OIDC apps
2025-12-31 09:22:18 +11:00
jobs
Backchannel complete - improve oidc credential display
2025-11-27 11:52:25 +11:00
mailers
Improve some front end views. More descriptive error condition reporting. Updates to CLINCH_HOST for better WEBAUTHN
2025-11-12 16:24:05 +11:00
models
Switch Access / Refresh tokens / Auth Code from bcrypt ( and plain ) to hmac. BCrypt is for low entropy passwords and prevents dictionary attacks - HMAC is suitable for 256-bit random data.
2025-12-31 15:48:32 +11:00
services
Add auth_time, acr and azp support for OIDC claims
2025-12-31 17:07:54 +11:00
views
Add rails encryption for totp - allow configuration of encryption secrets from env, or derive them from SECRET_KEY_BASE. Don't leak email address via web_authn, rate limit web_authn, escape oidc state value, require password for changing email address, allow settings the hmac secret for token prefix generation
2025-12-31 10:33:56 +11:00
