discourse
/
discourse-openid-connect
mirror of https://github.com/discourse/discourse-openid-connect.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
148 Commits 2 Branches 0 Tags 951 KiB
Commit Graph

25 Commits

Author SHA1 Message Date
Loïc Guitaut d3725f4646 DEV: Fix new Rubocop offenses 2024-05-24 16:48:30 +02:00
Jarek Radosz e9981c8906
DEV: Update linting (#71) 2024-01-16 18:01:20 +01:00
Natalie Tay 2b6397b6cb
DEV: Case insensitive check on email_verified field (#70) 2023-12-01 01:19:11 +08:00
Jarek Radosz c7e89b268e
DEV: Update ruby linting (#69) 
* DEV: Update ruby linting

* Use named subjects in specs

---------

Co-authored-by: Loïc Guitaut <loic@discourse.org>
 2023-11-30 17:13:16 +00:00
David Taylor 030f82f880
DEV: Introduce syntax_tree for ruby formatting (#51) 2022-12-29 13:33:26 +01:00
David Taylor 07c57fd31a
FEATURE: Allow match_by_email to be configured by a site setting (#46) 
The default behavior is unchanged
 2022-11-07 12:06:40 +00:00
David Taylor d3b347388d
FIX: Correctly handle sub mismatch between idtoken and userinfo (#42) 2022-08-24 12:19:52 +01:00
Jarek Radosz e897702139
DEV: General cleanup (#34) 2022-04-06 12:19:39 +02:00
David Taylor ac6d5d1a36
FIX: Only send `claims` parameter if it has been set (#23) 
Follow-up to 25454d6707
 2021-10-14 16:58:42 +01:00
Lucas Leadbetter 25454d6707
FEATURE: token endpoint `client_secret_post` authentication, and explicit `claims` (#19) 
The `client_secret_post` authentication method will be used when the discovery document defines `token_endpoint_auth_methods_supported`, includes `client_secret_post`, and does not include the default `client_secret_basic`.

A new (optional) site setting is introduced which allows `claims` to be explicitly requested.

Co-authored-by: David Taylor <david@taylorhq.com>
 2021-10-04 17:25:42 +01:00
David Taylor 4aa0e1b4ab
FIX: Ensure nonce mismatch causes auth to fail correctly (#15) 2021-08-09 13:25:10 +01:00
David Taylor a9dd528aea FIX: RP-initiated logout should pass id_token, not access_token 2020-11-12 17:16:11 +00:00
David Taylor 85abe67701
FIX: Gracefully handle errors while fetching the discovery document (#4) 
Previously an error loading the discovery document would raise an exception. Now, it will display an error to the user, and log the error for site admins to view at `/logs`. Specs are updated and improved accordingly.

This moves the discovery document fetching out of OmniAuth and into Discourse. This makes it available for the upcoming rp-initiated-logout support.
 2020-11-11 18:46:11 +00:00
David Taylor 109f910fd5
DEV: Fix plugin when installed alongside discourse-jwt (#3) 
Replace `JWT` with `::JWT` so that it doesn't get resolved to `Omniauth::Strategies::JWT`
 2020-11-11 15:27:23 +00:00
David Taylor 9ada9528e8
FIX: Accept strings for the email_verified token 
This is technically a spec violation, but many providers do this so we should check for the string 'true'
 2020-07-10 16:49:32 +01:00
David Taylor 67a5595e98 FEATURE: Respect the email_verified boolean when supplied by IDP 2020-01-08 13:54:37 +00:00
David Taylor 84085413d5 REFACTOR: user_associated_account and managed_authenticator moved to core 2018-11-30 11:20:28 +00:00
David Taylor 250bf84faa DEV: Improve specs for managed authenticator 2018-11-27 17:05:00 +00:00
David Taylor a41be68dfe DEV: Initial specs for managed authenticator 2018-11-26 18:03:23 +00:00
David Taylor 79d377cb12 DEV: Use mocha instead of rspec-mocks for omniauth spec 2018-11-26 18:03:08 +00:00
David Taylor b3124f90d2 DEV: Spec for error redirect handler 2018-11-26 12:04:01 +00:00
David Taylor 8558d65e67 DEV: Additional tests, and improved JWT error handling 2018-11-22 12:44:38 +00:00
David Taylor ba3685f2ef DEV: Test token_params 2018-11-22 11:24:31 +00:00
David Taylor 17f12b05ce DEV: Specs for authorize_params 2018-11-21 16:57:03 +00:00
David Taylor 78a792b5b6 FIX: Improved 'discovery' error handling, with tests 2018-11-21 15:28:01 +00:00