wonderwall

mirror of https://github.com/nais/wonderwall.git synced 2026-05-16 13:26:56 +00:00

Author	SHA1	Message	Date
Trong Huu Nguyen	debf97efda	feat(session): store metadata	2022-07-04 15:18:36 +02:00
Trong Huu Nguyen	497cf9fba7	feat: store refresh tokens in session	2022-07-04 15:18:34 +02:00
Trong Huu Nguyen	18fffcc755	deps: migrate from lestrrat-go/jwx to lestrrat-go/jwx/v2	2022-05-05 11:09:03 +02:00
Trong Huu Nguyen	b449ab2191	refactor: token -> jwt for accuracy	2022-02-03 11:41:43 +01:00
Trong Huu Nguyen	eeccebc5dd	feat: log jwt IDs for tracability	2022-02-03 11:41:42 +01:00
Trong Huu Nguyen	3a35584a21	refactor: restructure and group related packages into subpackages	2021-10-20 09:03:14 +02:00
Trong Huu Nguyen	8711f6e0d3	style: clean up imports	2021-10-16 10:25:47 +02:00
Trong Huu Nguyen	f73b4605a1	refactor: use encrypted cookie as session fallback Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-10-04 13:17:04 +02:00
Trong Huu Nguyen	cc8ba980ca	refactor: deduplicate crypto operations for sessions	2021-09-30 18:27:53 +02:00
Trong Huu Nguyen	2ec1b7ace9	feat: encrypt session data Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-09-30 13:47:29 +02:00
Trong Huu Nguyen	5da34f0139	fix: include id_token_hint on self-initiated logout This is required when including the post_logout_redirect_uri parameter.	2021-08-25 11:55:36 +02:00
Trong Huu Nguyen	e83542b046	fix: prefix local session keys to prevent collisions `sid` is a key that refers to the user's unique SSO session at the Identity Provider, and the same key is present in all tokens acquired by any Relying Party (such as Wonderwall) during that session. Thus, we cannot assume that the value of `sid` to uniquely identify the pair of (user, application session) if using a shared session store.	2021-08-25 11:26:24 +02:00
Kim Tore Jensen	15a7c14324	redis and in-memory session store	2021-08-24 12:49:23 +02:00

13 Commits