Andreas Svanberg

ansv7779 deleted branch aot-training from DMC/oauth2-authorization-server

2025-04-28 12:08:42 +02:00

ansv7779 deleted branch user-consent from DMC/oauth2-authorization-server

2025-04-28 12:08:07 +02:00

ansv7779 pushed to main at DMC/oauth2-authorization-server

2025-04-25 10:57:02 +02:00

360119ad6a Generate a client secret when a public client goes private

ansv7779 merged pull request DMC/oauth2-authorization-server#4

2025-04-25 10:22:44 +02:00

Implement support for user consent

ansv7779 pushed to main at DMC/oauth2-authorization-server

2025-04-25 10:21:47 +02:00

18945e22bf Support for user consent (#4)

ansv7779 created pull request DMC/oauth2-authorization-server#4

2025-04-24 16:37:36 +02:00

Implement support for user consent

ansv7779 pushed to user-consent at DMC/oauth2-authorization-server

2025-04-24 16:35:36 +02:00

c48eee489b Allow everyone to register clients

29924e6d42 Show exactly what personal information is being asked for during consent

31cd05b12e Handle denying consent

Compare 3 commits »

ansv7779 pushed to user-consent at DMC/oauth2-authorization-server

2025-04-23 23:47:52 +02:00

e79387bc2e Persist granted user consent

ansv7779 pushed to user-consent at DMC/oauth2-authorization-server

2025-04-23 17:12:32 +02:00

2ebf8c649d Handle consent token coming back during custom authorization flow

f1fbd306e2 Skip consent for developers in staging

119e27f5da Do not ask for consent for "openid" scope

efcfddaa70 Expand on what each scope means during user consent

Compare 4 commits »

ansv7779 pushed to user-consent at DMC/oauth2-authorization-server

2025-04-22 16:06:29 +02:00

e826ce523d Add proper tests for the consent page

ansv7779 created branch user-consent in DMC/oauth2-authorization-server

2025-04-22 00:37:06 +02:00

ansv7779 pushed to user-consent at DMC/oauth2-authorization-server

2025-04-22 00:37:06 +02:00

0c55c25abf Add consent page (GUI)

c8f28d8283 Add consent page

1b08cdaf44 Test for authorization code flow with consent

ea5c3a1c00 Support for configuring end user consent requirement for clients

Compare 4 commits »

ansv7779 pushed to main at DMC/oauth2-authorization-server

2025-04-15 14:51:25 +02:00

8307bc4906 Verify public clients are not issued refresh tokens

3822f1229c Change the OAuth 2 / OIDC endpoint URLs.

09f2fe9430 Change the default JTE templates to be pre-compiled and switch to development mode only in the "dev" profile.

Compare 3 commits »

ansv7779 deleted branch x-forwarded-headers from DMC/oauth2-authorization-server

2025-04-10 10:31:23 +02:00

ansv7779 pushed to main at DMC/oauth2-authorization-server

2025-04-08 22:50:08 +02:00

14f7ca66cb Utilize X-Forwarded-* headers in embedded Docker container

ansv7779 pushed to x-forwarded-headers at DMC/oauth2-authorization-server

2025-04-08 16:49:49 +02:00

709dc23250 Take into account X-Forwarded-* headers in embedded mode.

1a2a84f674 Immediately show authorization request errors before showing the custom authorization form

857d59d391 Better error handling, especially during developer authorization

c421125eb4 Fix Shibboleth/Tomcat providing a principal with a blank name in the unauthenticated case

71862afb55 Introduce a training run in the Docker build to speed it up

Compare 5 commits »

ansv7779 created branch x-forwarded-headers in DMC/oauth2-authorization-server

2025-04-08 16:48:54 +02:00

ansv7779 pushed to x-forwarded-headers at DMC/oauth2-authorization-server

2025-04-08 16:48:54 +02:00

1d81e3887a Take into account X-Forwarded-* headers in embedded mode.

ansv7779 pushed to main at DMC/oauth2-authorization-server

2025-04-02 00:39:40 +02:00

1a2a84f674 Immediately show authorization request errors before showing the custom authorization form

857d59d391 Better error handling, especially during developer authorization

Compare 2 commits »

ansv7779 pushed to main at DMC/oauth2-authorization-server

2025-04-01 20:12:57 +02:00

c421125eb4 Fix Shibboleth/Tomcat providing a principal with a blank name in the unauthenticated case