|
|
540e2d8aed
|
database: fixed sqlx compile error
|
2023-03-25 12:14:11 +01:00 |
|
|
|
5b35c3b339
|
jwt: updated dependencies
|
2023-03-24 23:26:02 +01:00 |
|
|
|
51ceee9295
|
update dependencies
|
2023-03-24 23:23:14 +01:00 |
|
|
|
7f4862ff30
|
upgraded to rocket v0.5-rc3
|
2023-03-24 22:56:01 +01:00 |
|
|
|
eab918d643
|
ezidam: admin: empty settings page
|
2023-03-24 22:18:52 +01:00 |
|
|
|
efebe2fa80
|
ezidam: new menu system, with main and submenus
|
2023-03-24 22:15:07 +01:00 |
|
|
|
ddf6f25dd2
|
ezidam: empty admin dashboard, link for admins to access it
|
2023-03-23 21:31:37 +01:00 |
|
|
|
3f0b09008c
|
logo: alt text
|
2023-03-23 21:12:23 +01:00 |
|
|
|
75f9b9dca3
|
menu: 2 kind of menus: user and admin
|
2023-03-23 21:11:42 +01:00 |
|
|
|
1facd2ffbf
|
added robots.txt
|
2023-03-22 22:16:16 +01:00 |
|
|
|
228b86f5a3
|
openid: same sub for all clients
|
2023-03-22 19:11:38 +01:00 |
|
|
|
2f32818a72
|
deploy with caprover cli
|
2023-03-21 23:47:20 +01:00 |
|
|
|
8365bc5dff
|
ezidam: dont put relative path for static files, bundle them in docker image
|
2023-03-20 23:16:43 +01:00 |
|
|
|
bad54cece3
|
ezidam: redirect: dont generate jwt + refresh token if already signed in
|
2023-03-19 22:52:53 +01:00 |
|
|
|
1dec56ed14
|
ezidam: authorize: don't prompt login if already authenticated
|
2023-03-19 22:52:22 +01:00 |
|
|
|
8db0bbb874
|
if access token expired, use refresh token, and get new access + refresh tokens
|
2023-03-19 20:03:30 +01:00 |
|
|
|
9172155893
|
ezidam: header: display name, username, email
|
2023-03-19 00:48:41 +01:00 |
|
|
|
c9ef821d2b
|
ezidam: request guards: jwt admin, jwt user, verify jwt
|
2023-03-19 00:25:35 +01:00 |
|
|
|
009b8664fd
|
revoke all refresh tokens and use all authorization codes for user
|
2023-03-18 22:03:03 +01:00 |
|
|
|
5100aa1b4e
|
ezidam: added logout page, added RefreshToken guard
|
2023-03-18 21:49:08 +01:00 |
|
|
|
49b3a3d1fe
|
openid: configuration: added jwt claims
|
2023-03-18 21:47:25 +01:00 |
|
|
|
72c67a7a82
|
ezidam: store access token in cookie
|
2023-03-18 16:48:40 +01:00 |
|
|
|
1b2a9d1af7
|
ezidam: store refresh token in cookie
|
2023-03-18 16:43:33 +01:00 |
|
|
|
e99115e174
|
ezidam + jwt: get key, import private key, create jwt claims and sign them
|
2023-03-18 16:14:26 +01:00 |
|
|
|
ef8d75ecee
|
ezidam + refresh tokens: create and insert refresh token
|
2023-03-18 15:16:15 +01:00 |
|
|
|
609933d98f
|
ezidam: oauth: redirect: check if user is archived
|
2023-03-18 13:44:17 +01:00 |
|
|
|
e9200f8682
|
ezidam: oauth: redirect: redirect automatically to home page
|
2023-03-18 00:49:29 +01:00 |
|
|
|
827bba041a
|
ezidam: oauth: redirect: get and check code, get user info, mark code as used, display html template
|
2023-03-18 00:40:11 +01:00 |
|
|
|
719048e268
|
ezidam: oauth: redirect page
|
2023-03-17 23:30:33 +01:00 |
|
|
|
fd16e78fb1
|
ezidam: oauth: split in multiple mods
|
2023-03-17 23:30:12 +01:00 |
|
|
|
8c8caa905d
|
ezidam: oauth: redirect to redirect uri with code and state
|
2023-03-17 22:17:56 +01:00 |
|
|
|
ae71a6a512
|
ezidam: oauth: removed FormPost from ResponseModes
|
2023-03-17 22:17:35 +01:00 |
|
|
|
bb4ff8a9f8
|
ezidam: oauth: authorize: generate and save authorization code
|
2023-03-16 23:20:27 +01:00 |
|
|
|
471e2fc740
|
authorization_codes: crate, database, insert one
|
2023-03-16 23:15:56 +01:00 |
|
|
|
0b4aeb89cb
|
ezidam: setup: dont sign in directly, force user to go through authorize flow
|
2023-03-16 22:30:19 +01:00 |
|
|
|
0866de94b6
|
hash: secret: defaults at 64, can generate custom length
|
2023-03-16 22:29:51 +01:00 |
|
|
|
64f3db3864
|
openid: response types: remove support of implicit flow for the moment
|
2023-03-16 22:29:32 +01:00 |
|
|
|
eb93cbd7ec
|
ezidam, openid: refactor check app in method, verifying and send POST as well
|
2023-03-16 21:38:32 +01:00 |
|
|
|
8ae0c59a25
|
ezidam, openid: check scopes, check response types before getting app
|
2023-03-16 00:05:54 +01:00 |
|
|
|
396856eee5
|
ezidam: oauth: authorize for ezidam: fill ezidam app info from database, show app label on template
|
2023-03-15 22:01:53 +01:00 |
|
|
|
95173b1a09
|
ezidam: setup: create "ezidam" app in database
|
2023-03-15 22:01:01 +01:00 |
|
|
|
71b083895d
|
apps: sql + get valid one, get by id, insert, generate app id, generate secret
|
2023-03-15 22:00:04 +01:00 |
|
|
|
b5c2be6c9f
|
ezidam: renamed page auth/sign_in to oauth/authorize, started work on handling oauth requests, big WIP
|
2023-03-13 23:42:21 +01:00 |
|
|
|
d16c6760fe
|
template: renamed auth/sign_in to oauth/authorize, footer is pushed to bottom of page
|
2023-03-13 23:40:37 +01:00 |
|
|
|
a0c0c3fa8f
|
openid: configuration: split scopes and response types in own mods, to be used in ezidam later
|
2023-03-13 23:31:00 +01:00 |
|
|
|
3d065bbc22
|
ezidam: mount all routes in "/", and use functions directly when redirecting
|
2023-03-12 21:29:02 +01:00 |
|
|
|
36fb1cff52
|
ezidam: on launch: in testing environment, use premade keys, else generate them
|
2023-03-12 19:20:00 +01:00 |
|
|
|
d62cfcd1d9
|
ezidam: added jwks route in well-known
|
2023-03-12 18:46:58 +01:00 |
|
|
|
8c37fc1181
|
database: added keys migration, get/insert, insert keys at launch if none are present
|
2023-03-12 18:45:55 +01:00 |
|
|
|
7f11016a34
|
openid: fix ambiguous error
|
2023-03-12 14:21:36 +01:00 |
|
