mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-02-20 12:39:12 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
b7990875c124d7f8914162f7aaa3003dc05ef095
opencloud/ocis-pkg
History
Ralf Haferkamp b7990875c1 oidc: Remove "aud" claim validation of logout tokens (#6156) 
The "aud" claim of the logout token is supposed to contain the client-id
of the client for which the token was issued. Our current implementation of
validating that claim is somewhat broken. We only allow to configure a single
value for the allowed client id. But we have different client-ids
accessing oCIS.

This completely removes the current validation of the `aud` claim until
we come up with a working solution. As we currently require a session id
to be present in the logout token the risk not validating the `aud`
claim is pretty low.

Related: #6149
2023-04-27 10:34:09 +02:00
..
account
Bump major version to v2
2022-05-04 14:49:59 +02:00
assetsfs
add logo reset endpoint
2023-02-13 13:48:44 +01:00
broker
Introduce "noop" go-micro broker
2022-09-14 12:22:23 +02:00
clihelper
Bump major version to v2
2022-05-04 14:49:59 +02:00
config
[docs-only] Improve special envvar description
2023-04-19 13:44:58 +02:00
conversions
pre allocate slices
2021-02-22 19:41:48 +01:00
cors
Bump major version to v2
2022-05-04 14:49:59 +02:00
crypto
Add method for creating in-memory certificates
2022-11-03 11:58:53 +01:00
flags
rename extensions to services (leftover occurences)
2022-08-17 15:36:52 +02:00
generators
add fixes from review
2022-04-29 16:10:21 +02:00
handlers
move debughandlers to their own package
2023-03-22 13:59:54 +01:00
keycloak
Make getUserByParams private.
2023-04-19 10:46:50 +02:00
ldap
graph: Fix problem with unescaped semicolon and such causing problems.
2023-03-14 15:21:58 +01:00
log
Set line info logging to info log level and lower.
2023-01-31 10:27:34 +01:00
markdown
simplify markdown pkg
2023-03-24 09:24:42 +01:00
middleware
Fix nil pointer exception in webfinger
2023-04-21 16:16:26 +02:00
oidc
oidc: Remove "aud" claim validation of logout tokens (#6156)
2023-04-27 10:34:09 +02:00
registry
Fix condition for registry cache
2022-10-12 09:28:05 +02:00
roles
[full-ci] Refactor stores (#6019)
2023-04-24 15:13:35 +02:00
service
graph: Move token middleware and return proper JSON response on error.
2023-03-06 10:24:44 +01:00
shared
[full-ci] Refactor stores (#6019)
2023-04-24 15:13:35 +02:00
structs
reduce duplication in configuration code
2023-03-06 16:52:44 +01:00
sync
Add formatting results
2022-05-19 10:36:23 +02:00
tools
add tests for crypto.GenCert
2021-06-08 10:37:26 +02:00
tracing
update reva to v2.5.2-0.20220616180355-84264e82e451
2022-06-16 18:05:10 +00:00
version
prepare changelog, bump version
2023-04-24 15:39:36 +02:00
.gitignore
change default paths for oCIS services
2021-10-19 14:37:20 +02:00
Makefile
use command -v instead of which
2022-05-13 11:16:40 +00:00