Trong Huu Nguyen 5e113f4284 refactor: use common cookie name across all instances ...

This will attempt to mitigate cases where many instances
of Wonderwall on the same domain set cookies which will
exceed the header size for Cookies.

Generally, this should result in decryption failures when
transitioning from one app to another, which should omit the
Authorization header and have a new session triggered by the
downstream application.

Co-Authored-By: Sindre Rødseth Hansen <sindre.rodseth.hansen@nav.no>

2021-10-04 13:17:12 +02:00

..

auth

refactor: separate login param generation

2021-09-30 12:13:38 +02:00

config

fix: set jwt ID for client assertion to prevent token replay

2021-09-30 15:38:23 +02:00

cryptutil

refactor: use keygen from liberator

2021-08-25 10:15:45 +02:00

logging

implement config and logging

2021-08-17 14:30:34 +02:00

metrics

Register the metrics we collect

2021-09-29 22:01:00 +02:00

middleware

More, correct, metrics

2021-10-01 10:28:44 +02:00

router

refactor: use common cookie name across all instances

2021-10-04 13:17:12 +02:00

session

refactor: use encrypted cookie as session fallback

2021-10-04 13:17:04 +02:00

token

refactor: update jwx; now infers alg from keys where missing

2021-10-01 12:22:49 +02:00