github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-11 10:56:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,053 Commits 2 Branches 0 Tags
0ad616a23189f6ead30a4cd7c410e395bb4d61ba
Commit Graph

4 Commits

Author SHA1 Message Date
Sindre Rødseth Hansen
2feb6a3b77 feat: Add option for propagating id_token to upstream app 
Fixes #315

Co-authored-by: tronghn <trong.huu.nguyen@nav.no>
 2025-01-20 13:07:54 +01:00
Trong Huu Nguyen
10e71a7bb5 feat(handler/reverseproxy): remove x-wonderwall headers 
The use of these headers in upstreams may be risky, espeically
if Wonderwall is accidentally misconfigured or disabled, or requests
are performed directly to the upstream circumventing Wonderwall.

We should prefer using a signed token or similar that can be verified by
the upstreams.
 2024-01-16 08:57:07 +01:00
Trong Huu Nguyen
c3904433f2 feat: log and propagate session metadata 
- stop using jti, use sid instead
- store amr and auth_time from id_token in session
- log more metadata on login callback
- log session id where possible
- propagate acr, amr, auth_time, sid to upstreams in headers
- log authenticated reverseproxy requests
 2023-12-19 08:46:02 +01:00
Trong Huu Nguyen
a9e9644764 refactor: move context utils to middleware 2022-08-17 11:39:40 +02:00