aboutsummaryrefslogtreecommitdiff
path: root/gn_auth/auth/authentication/oauth2/grants
AgeCommit message (Expand)Author
2024-10-09Add a client to the JWTBearerToken objects.Frederick Muriuki Muriithi
2024-07-31Fetch a client's JWKs from a URIFrederick Muriuki Muriithi
2024-06-03Move user creation from db resultset into static method...Creation of a User object from the database resultset will mostly be the same. This commit moves the repetitive code into a static method that can be called wherever we need it. This improves maintainability, since we only ever need to do an update in one place now. Frederick Muriuki Muriithi
2024-05-29Remove unused import.Frederick Muriuki Muriithi
2024-05-29Revert "jwt: add user roles to the jwt token."...This reverts commit 0582565fa7db4b95e86fb0dde8d83e3170e566a7. Adding the user roles to the token makes the token ridiculously large. Rather than doing that, we'll use an endpoint on the auth server to get the user roles and privileges instead. Frederick Muriuki Muriithi
2024-05-24Linting: reorganise imports.Frederick Muriuki Muriithi
2024-05-23jwt: add user roles to the jwt token.Frederick Muriuki Muriithi
2024-05-13Fix myriad of linting error...These linting errors can't be rebased into the newer commits. Frederick Muriuki Muriithi
2024-05-13Register the RefreshTokenGrant with the server...Register the RefreshTokenGrant with the server to enable refreshing of the tokens. Frederick Muriuki Muriithi
2024-05-13Use None as default for expires_inFrederick Muriuki Muriithi
2024-05-06Add `jti` claim...Have each JWT token have a `jti` claim (JWT ID) to help with tracking refreshes, and therefore validity of the JWTs. If a refresh token is used more than once, then that refresh token, and all its progeny/descendants are considered invalid, since that token could have been stolen. Frederick Muriuki Muriithi
2024-05-02Include refresh tokens with generated JWT...This shim enables us to have a refresh token with the JWT. This might not be the way to refresh JWTs - this is because the `authlib.oauth2.rfc7523.token.JWTBearerTokenGenerator.__call__(…)` method has a comment that states: # there is absolutely no refresh token in JWT format Searching on the internet, however, seems to indicate that JWTs can be used in conjunction with refresh tokens... We need to verify this and fix this if necessary. Frederick Muriuki Muriithi
2024-04-24Move the errors module up one level to break circular dependencies.Frederick Muriuki Muriithi
2024-04-23pylint: Fix linting errors.Frederick Muriuki Muriithi
2024-04-22Resolve the key using the "kid" field.Frederick Muriuki Muriithi
2024-04-20Separate authentication from token generation...Authenticate with the usual authentication code flow. Do not inherit AuthenticationCodeGrant in JWTBearerGrant, instead, use the JWTBearerGrant to generate the token after the user has already been successfully authenticated. Frederick Muriuki Muriithi
2024-04-20Remove unused importFrederick Muriuki Muriithi
2024-04-20Define and register grant for JWT tokens.Frederick Muriuki Muriithi
2024-03-21Rename "the_code" to "_code"....* gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py (__query_authorization_code__): Rename the_code -> _code. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> Munyoki Kilyungi
2024-03-08Explicitly add keyword arguments to AuthorisationCode....This improves readability. * gn_auth/auth/authentication/oauth2/grants/authorisation_code_grant.py (AuthorisationCodeGrant.save_authorization_code): Use keyword arguments. * gn_auth/auth/authentication/oauth2/models/authorization_code.py (authorisation_code): Ditto. Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> Munyoki Kilyungi
2023-08-07Change imports to new unified db module.Frederick Muriuki Muriithi
2023-08-07Update module name/path...Change from gn3 to gn_auth Frederick Muriuki Muriithi
2023-08-04Copy over files from GN3 repository.Frederick Muriuki Muriithi
generated by cgit v1.2.3 (git 2.46.2) at 2024-12-05 02:43:34 +0000