This repository has been archived on 2023-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
dex/server
Eric Chiang 1eda382789 server: add at_hash claim support
The "at_hash" claim, which provides hash verification for the
"access_token," is a required claim for implicit and hybrid flow
requests. Previously we did not include it (against spec). This
PR implements the "at_hash" logic and adds the claim to all
responses.

As a cleanup, it also moves some JOSE signing logic out of the
storage package and into the server package.

For details see:

https://openid.net/specs/openid-connect-core-1_0.html#ImplicitIDToken
2017-01-13 10:05:24 -08:00
..
internal server/internal: generate protobuf types 2017-01-11 12:07:48 -08:00
api_test.go server: modify error messages to use logrus. 2016-12-13 11:52:44 -08:00
api.go Merge pull request #740 from ericchiang/fix-comment-typos 2016-12-13 13:17:50 -08:00
doc.go initial commit 2016-07-26 15:51:24 -07:00
handlers_test.go Allow CORS on discovery endpoint 2017-01-08 19:22:39 +01:00
handlers.go server: add at_hash claim support 2017-01-13 10:05:24 -08:00
oauth2_test.go server: add at_hash claim support 2017-01-13 10:05:24 -08:00
oauth2.go server: add at_hash claim support 2017-01-13 10:05:24 -08:00
rotation_test.go initial commit 2016-07-26 15:51:24 -07:00
rotation.go server: fixes for the implicit and hybrid flow 2017-01-10 16:20:17 -08:00
server_test.go server: add at_hash claim support 2017-01-13 10:05:24 -08:00
server.go server: fixes for the implicit and hybrid flow 2017-01-10 16:20:17 -08:00
templates_test.go *: add theme based frontend configuration 2016-11-30 17:20:21 -08:00
templates.go server: add error HTML templates with error description. 2016-12-16 10:42:54 -08:00