github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-08 17:37:01 +00:00
Code Issues Packages Projects Releases Wiki Activity
267 Commits 2 Branches 0 Tags
66cf08e60229571b4306e8ca6a5aa2e2cdd67e12
Commit Graph

24 Commits

Author SHA1 Message Date
Trong Huu Nguyen
1f5635239a refactor: split out openid client, config and provider 
There's a bunch of changes here, but in essence:

- split out openid configuration
- separate openid configuration between client/rp and provider
- consolidate client and provider related code in separate packages

These changes allow for simplification of the Handler, as well as a
bunch of test/mock code as the configuration is now instantiated
seperately from the client/provider code.
 2022-07-05 13:09:00 +02:00
Trong Huu Nguyen
a19cbe375c refactor(router/session): extract cookie store 2022-07-04 15:18:40 +02:00
Trong Huu Nguyen
a752978f8f refactor(session): move data to own file 2022-07-04 15:18:37 +02:00
Trong Huu Nguyen
d73a5f24bb refactor(session): move session id generator to relevant pkg 2022-07-04 15:18:36 +02:00
Trong Huu Nguyen
debf97efda feat(session): store metadata 2022-07-04 15:18:36 +02:00
Trong Huu Nguyen
497cf9fba7 feat: store refresh tokens in session 2022-07-04 15:18:34 +02:00
Trong Huu Nguyen
18fffcc755 deps: migrate from lestrrat-go/jwx to lestrrat-go/jwx/v2 2022-05-05 11:09:03 +02:00
Trong Huu Nguyen
f95e618585 refactor(jwt): azure ad sets uti claim instead of jti 2022-02-03 11:41:44 +01:00
Trong Huu Nguyen
3828437dc5 refactor(jwt): clean up and deduplicate 2022-02-03 11:41:43 +01:00
Trong Huu Nguyen
b449ab2191 refactor: token -> jwt for accuracy 2022-02-03 11:41:43 +01:00
Trong Huu Nguyen
eeccebc5dd feat: log jwt IDs for tracability 2022-02-03 11:41:42 +01:00
Trong Huu Nguyen
c70037bd4c refactor: clean up main 2021-11-01 11:04:54 +01:00
Trong Huu Nguyen
e3439e27ab test: use miniredis for testing redis session store 2021-11-01 10:56:59 +01:00
Trong Huu Nguyen
3a35584a21 refactor: restructure and group related packages into subpackages 2021-10-20 09:03:14 +02:00
Trong Huu Nguyen
8711f6e0d3 style: clean up imports 2021-10-16 10:25:47 +02:00
Trong Huu Nguyen
f73b4605a1 refactor: use encrypted cookie as session fallback 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-04 13:17:04 +02:00
Trong Huu Nguyen
03eec9d2b8 refactor: robustify logout routes 
Co-authored-by: Morten Lied Johansen <morten.lied.johansen@nav.no>
Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-10-01 09:35:28 +02:00
Trong Huu Nguyen
cc8ba980ca refactor: deduplicate crypto operations for sessions 2021-09-30 18:27:53 +02:00
Trong Huu Nguyen
2ec1b7ace9 feat: encrypt session data 
Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-09-30 13:47:29 +02:00
Morten Lied Johansen
f551386113 Add Redis latency metrics 
Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>
 2021-09-29 10:50:27 +02:00
Trong Huu Nguyen
5da34f0139 fix: include id_token_hint on self-initiated logout 
This is required when including the post_logout_redirect_uri
parameter.
 2021-08-25 11:55:36 +02:00
Trong Huu Nguyen
e83542b046 fix: prefix local session keys to prevent collisions 
`sid` is a key that refers to the user's unique SSO session at the
Identity Provider, and the same key is present in all tokens
acquired by any Relying Party (such as Wonderwall) during that session.
Thus, we cannot assume that the value of `sid` to uniquely identify the
pair of (user, application session) if using a shared session store.
 2021-08-25 11:26:24 +02:00
Kim Tore Jensen
55f26fb54c incorporate new session storage code 2021-08-24 12:58:16 +02:00
Kim Tore Jensen
15a7c14324 redis and in-memory session store 2021-08-24 12:49:23 +02:00