github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-22 16:22:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
124 Commits 3 Branches 0 Tags
657d7df9886848bb5608750c2e0cf67bbd2a288a
Commit Graph

9 Commits

Author SHA1 Message Date
Trong Huu Nguyen
2e10801d0e refactor: move client assertion generation, replace go-jose with jwx 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-11 11:46:11 +02:00
Trong Huu Nguyen
80c7abd70a refactor: update jwx; now infers alg from keys where missing 2021-10-01 12:22:49 +02:00
Trong Huu Nguyen
8f9cb671c6 fix: set jwt ID for client assertion to prevent token replay 2021-09-30 15:38:23 +02:00
Trong Huu Nguyen
55002e3cfe refactor: separate parsing and validation of id_token 2021-09-07 21:30:38 +02:00
Trong Huu Nguyen
09bbc35df7 fix: ensure acr claim exists if security level is enabled 2021-09-06 11:35:55 +02:00
Trong Huu Nguyen
e83542b046 fix: prefix local session keys to prevent collisions 
`sid` is a key that refers to the user's unique SSO session at the
Identity Provider, and the same key is present in all tokens
acquired by any Relying Party (such as Wonderwall) during that session.
Thus, we cannot assume that the value of `sid` to uniquely identify the
pair of (user, application session) if using a shared session store.
 2021-08-25 11:26:24 +02:00
Trong Huu Nguyen
700b6732d7 fix: add acceptable skew for id_token validation 2021-08-25 09:31:21 +02:00
Trong Huu Nguyen
03a14eb2bd refactor: clean up id_token validation 2021-08-25 08:22:34 +02:00
Kim Tore Jensen
1d36b8e6a3 code restructuring 2021-08-23 11:17:30 +02:00