k-space/dex
Archived
9
0
Fork 0
Code Issues Pull Requests Packages Projects Activity
2,170 Commits 1 Branch 0 Tags 18 MiB
367487d7c5
Commit Graph

14 Commits

Author SHA1 Message Date
Márk Sági-Kazár
1cc26fab2f
Merge pull request #2468 from flant/cwe-79-device-code 
fix: prevent cross-site scripting for the device flow
 2022-06-30 22:52:33 +03:00
Shivansh Vij
cbf158bcc0
Fixes https://github.com/dexidp/dex/issues/2537 
Signed-off-by: Shivansh Vij <shivanshvij@outlook.com>
 2022-05-26 15:49:49 -04:00
m.nabokikh
3d5a3befb4 fix: prevent cross-site scripting for the device flow 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2022-05-20 18:26:49 +04:00
m.nabokikh
dea1d3383c Deprecation warning log message 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-05-24 19:40:28 +04:00
m.nabokikh
3bd0e91a68 Make /device/token deprecation warning more concise 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-02-25 11:53:25 +04:00
m.nabokikh
9ed5cc00cf Add deprecation warning for /device/token endpoint 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-02-24 17:14:28 +04:00
m.nabokikh
1211a86d58 fix: use /token endpoint to get tokens with device flow 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-02-24 16:03:25 +04:00
Márk Sági-Kazár
1c551fd86b
Merge pull request #1946 from flant/prealloc-unparam-sqlclosecheck 
Enable unparam, prealloc, sqlclosecheck linters
 2021-02-10 13:24:47 +01:00
m.nabokikh
a7978890c7 Add Cache-control headers to token responses 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-01-18 11:13:28 +04:00
m.nabokikh
b2e9f67edc Enable unparam, prealloc, sqlclosecheck linters 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2021-01-15 19:29:13 +04:00
m.nabokikh
1d83e4749d Add gocritic 
Signed-off-by: m.nabokikh <maksim.nabokikh@flant.com>
 2020-10-18 01:54:27 +04:00
justin-slowik
9a7926c19b Cleaned up Device Flow test log levels 
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>

Remove extraneous "=" from conformance.go

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

Additional test for TestHandleDeviceCode

Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
 2020-07-21 16:01:08 -04:00
justin-slowik
9882ea453f better support for /device/callback redirect uris with public clients. 
Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
 2020-07-08 16:25:06 -04:00
Justin Slowik
9c699b1028 Server integration test for Device Flow (#3) 
Extracted test cases from OAuth2Code flow tests to reuse in device flow

deviceHandler unit tests to test specific device endpoints

Include client secret as an optional parameter for standards compliance

Signed-off-by: justin-slowik <justin.slowik@thermofisher.com>
 2020-07-08 16:25:05 -04:00