| Age | Commit message (Expand) | Author |
|---|---|---|
| 2024-07-31 | Validate JWTs against all existing JWKs. | Frederick Muriuki Muriithi |
| 2024-07-31 | Remove obsoleted SSL_PRIVATE_KEY configuration•••With the key rotation in place, eliminate the use of the SSL_PRIVATE_KEY configuration which pointed to a specific non-changing JWK. | Frederick Muriuki Muriithi |
| 2024-07-31 | Update datetime references on changed import. | Frederick Muriuki Muriithi |
| 2024-07-31 | Retrieve newest JWK, creating a new JWK where necessary.•••To help with key rotation, we fetch the latest key, creating a new JWK in any of the following 2 conditions: * There is no JWK in the first place * The "newest" key is older than a specified number of days | Frederick Muriuki Muriithi |
| 2024-05-13 | Fix myriad of linting error•••These linting errors can't be rebased into the newer commits. | Frederick Muriuki Muriithi |
| 2024-05-13 | Link old refresh token to newly issued refresh token•••We need to track the "lineage" of refresh tokens in order to detect possible stolen tokens and mitigate damage. | Frederick Muriuki Muriithi |
| 2024-05-13 | Register the RefreshTokenGrant with the server•••Register the RefreshTokenGrant with the server to enable refreshing of the tokens. | Frederick Muriuki Muriithi |
| 2024-05-13 | Save refresh token when it is generated. | Frederick Muriuki Muriithi |
| 2024-05-13 | Save token with same ID as JWT's "jti" value. | Frederick Muriuki Muriithi |
| 2024-04-22 | Separate clients' keys from authorisation server's key•••The authorisation server uses its key to sign any token it generates. It uses the clients' public keys to validate any assertions it receives from a client using the client's public key. | Frederick Muriuki Muriithi |
| 2024-04-20 | Setup token validators at app initialisation. | Frederick Muriuki Muriithi |
| 2024-04-20 | Define and register grant for JWT tokens. | Frederick Muriuki Muriithi |
| 2024-03-21 | Delete commented out import.•••Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | Munyoki Kilyungi |
| 2024-03-13 | Rename "the_client" to "_client".•••Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | Munyoki Kilyungi |
| 2023-08-07 | Change imports to new unified db module. | Frederick Muriuki Muriithi |
| 2023-08-07 | Update module name/path•••Change from gn3 to gn_auth | Frederick Muriuki Muriithi |
| 2023-08-04 | Copy over files from GN3 repository. | Frederick Muriuki Muriithi |
 |
index : gn-auth | |
| GN authentication and authorization service |
| aboutsummaryrefslogtreecommitdiff |