| Age | Commit message (Expand) | Author |
|---|---|---|
| 2024-11-04 | Output KeySet retrieved from the client. | Frederick Muriuki Muriithi |
| 2024-10-09 | Add a client to the JWTBearerToken objects. | Frederick Muriuki Muriithi |
| 2024-07-31 | Fetch a client's JWKs from a URI | Frederick Muriuki Muriithi |
| 2024-05-29 | Remove unused import. | Frederick Muriuki Muriithi |
| 2024-05-29 | Revert "jwt: add user roles to the jwt token."...This reverts commit 0582565fa7db4b95e86fb0dde8d83e3170e566a7. Adding the user roles to the token makes the token ridiculously large. Rather than doing that, we'll use an endpoint on the auth server to get the user roles and privileges instead. | Frederick Muriuki Muriithi |
| 2024-05-24 | Linting: reorganise imports. | Frederick Muriuki Muriithi |
| 2024-05-23 | jwt: add user roles to the jwt token. | Frederick Muriuki Muriithi |
| 2024-05-13 | Fix myriad of linting error...These linting errors can't be rebased into the newer commits. | Frederick Muriuki Muriithi |
| 2024-05-13 | Use None as default for expires_in | Frederick Muriuki Muriithi |
| 2024-05-06 | Add `jti` claim...Have each JWT token have a `jti` claim (JWT ID) to help with tracking refreshes, and therefore validity of the JWTs. If a refresh token is used more than once, then that refresh token, and all its progeny/descendants are considered invalid, since that token could have been stolen. | Frederick Muriuki Muriithi |
| 2024-05-02 | Include refresh tokens with generated JWT...This shim enables us to have a refresh token with the JWT. This might not be the way to refresh JWTs - this is because the `authlib.oauth2.rfc7523.token.JWTBearerTokenGenerator.__call__(…)` method has a comment that states: # there is absolutely no refresh token in JWT format Searching on the internet, however, seems to indicate that JWTs can be used in conjunction with refresh tokens... We need to verify this and fix this if necessary. | Frederick Muriuki Muriithi |
| 2024-04-23 | pylint: Fix linting errors. | Frederick Muriuki Muriithi |
| 2024-04-22 | Resolve the key using the "kid" field. | Frederick Muriuki Muriithi |
| 2024-04-20 | Separate authentication from token generation...Authenticate with the usual authentication code flow. Do not inherit AuthenticationCodeGrant in JWTBearerGrant, instead, use the JWTBearerGrant to generate the token after the user has already been successfully authenticated. | Frederick Muriuki Muriithi |
| 2024-04-20 | Remove unused import | Frederick Muriuki Muriithi |
| 2024-04-20 | Define and register grant for JWT tokens. | Frederick Muriuki Muriithi |
 |
index : gn-auth | |
| GN authentication and authorization service |
| aboutsummaryrefslogtreecommitdiff |