Commit graph

12 commits

Author SHA1 Message Date
Jens L 509b502d3c
providers/oauth2: offline access (#8026)
* improve scope check (log when application requests non-configured scopes)

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add offline_access special scope

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ensure scope is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update tests for refresh tokens

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* special handling of scopes for github compat

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix spec

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* attempt to fix oidc tests

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* remove hardcoded slug

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* check scope from authorization code instead of request

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix injection for consent stage checking incorrectly

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2024-01-04 19:57:11 +01:00
Jens L c68a42f63b
website/docs: improve docs for OAuth2 device code flow (#5570)
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-05-10 20:58:31 +02:00
Jens L 8ed2f7fe9e
providers/oauth2: add device flow (#3334)
* start device flow

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* web: fix inconsistent app filtering

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tenant device code flow

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add throttling to device code view

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* somewhat unrelated changes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add initial device code entry flow

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add finish stage

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* it works

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add support for verification_uri_complete

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add some tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-11 12:42:10 +02:00
Jens Langhammer 1c64616ebd sources/ldap: add configuration for LDAP Source ciphers
closes #3110

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:53:49 +02:00
Jens Langhammer 23273f53cc providers/oauth2: if no scopes are sent in authorize request, select all configured scopes
closes #3112

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-07-01 19:45:26 +02:00
Jens L 8dbb0bd2c6
providers/oauth2: token revoke (#3077) 2022-06-11 18:49:16 +02:00
Jens Langhammer 4c39e08dd4 website/docs: fix incorrect oauth end-session URL
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-06-06 12:48:06 +02:00
Jens L b4e75218f5
sources/oauth: OIDC well-known and JWKS (#2936)
* add initial

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add provider

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* include source and jwk key id in event

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add more docs

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add tests for source

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix web formatting

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add provider tests

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* fix lint error

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-24 21:02:50 +02:00
Jens L f9469e3f99
website: format docs with prettier (#2833)
* run prettier

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

* add scim to comparison

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-05-09 21:22:41 +02:00
Jens Langhammer 4be238018b providers/oauth2: pass scope and other parameters to access policy request context
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>

#2641
2022-04-01 21:39:05 +02:00
Jens Langhammer 8689444954 providers/oauth2: add password grant support (treated as client_credentials)
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-03-31 18:02:17 +02:00
Jens L bb8af2f19b
providers/oauth2: add client_assertion_type jwt bearer support (#2618) 2022-03-31 00:30:55 +02:00