djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b21f0035d7
ContainerImage.Pinniped/internal/oidc
History
Andrew Keesler b21f0035d7 callback_handler.go: Get upstream name from state instead of path 
Also use ConstantTimeCompare() to compare CSRF tokens to prevent
leaking any information in how quickly we reject bad tokens.

Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-20 13:33:08 -08:00
..
auth Use /callback (without IDP name) path for callback endpoint (part 1) 2020-11-20 16:14:45 -05:00
callback callback_handler.go: Get upstream name from state instead of path 2020-11-20 13:33:08 -08:00
csrftoken WIP for saving authorize endpoint state into upstream state param 2020-11-10 17:58:00 -08:00
discovery Implement per-issuer OIDC JWKS endpoint 2020-10-16 17:51:40 -07:00
jwks Implement per-issuer OIDC JWKS endpoint 2020-10-16 17:51:40 -07:00
oidctestutil Use /callback (without IDP name) path for callback endpoint (part 1) 2020-11-20 16:14:45 -05:00
provider callback_handler.go: simplify stored ID token claims 2020-11-20 15:36:51 -05:00
nullstorage_test.go Add NullStorage for the authorize endpoint to use 2020-11-11 14:49:24 -08:00
nullstorage.go Add NullStorage for the authorize endpoint to use 2020-11-11 14:49:24 -08:00
oidc.go Use /callback (without IDP name) path for callback endpoint (part 1) 2020-11-20 16:14:45 -05:00