wonderwall

mirror of https://github.com/nais/wonderwall.git synced 2026-05-08 09:27:12 +00:00

Author	SHA1	Message	Date
Trong Huu Nguyen	f73b4605a1	refactor: use encrypted cookie as session fallback Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-10-04 13:17:04 +02:00
Trong Huu Nguyen	03eec9d2b8	refactor: robustify logout routes Co-authored-by: Morten Lied Johansen <morten.lied.johansen@nav.no> Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-10-01 09:35:28 +02:00
Trong Huu Nguyen	cc8ba980ca	refactor: deduplicate crypto operations for sessions	2021-09-30 18:27:53 +02:00
Trong Huu Nguyen	2ec1b7ace9	feat: encrypt session data Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-09-30 13:47:29 +02:00
Morten Lied Johansen	f551386113	Add Redis latency metrics Co-authored-by: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>	2021-09-29 10:50:27 +02:00
Trong Huu Nguyen	5da34f0139	fix: include id_token_hint on self-initiated logout This is required when including the post_logout_redirect_uri parameter.	2021-08-25 11:55:36 +02:00
Trong Huu Nguyen	e83542b046	fix: prefix local session keys to prevent collisions `sid` is a key that refers to the user's unique SSO session at the Identity Provider, and the same key is present in all tokens acquired by any Relying Party (such as Wonderwall) during that session. Thus, we cannot assume that the value of `sid` to uniquely identify the pair of (user, application session) if using a shared session store.	2021-08-25 11:26:24 +02:00
Kim Tore Jensen	55f26fb54c	incorporate new session storage code	2021-08-24 12:58:16 +02:00
Kim Tore Jensen	15a7c14324	redis and in-memory session store	2021-08-24 12:49:23 +02:00

9 Commits