| Age | Commit message (Expand) | Author |
|---|---|---|
| 2025-01-10 | Update server to support non-expiring JWTs. | Frederick Muriuki Muriithi |
| 2024-08-15 | Fix a bunch of linting errors. | Frederick Muriuki Muriithi |
| 2024-08-14 | refactor: move newest_jwk_with_rotation function to jwks.py...We have a similar jwk module in gn2 that does similar functionality. Moving the newest_jwk_with_rotation function to the module ensures that there's some consistency between both modules so that when we ever want to remove the duplication (e.g. by creating some python pip package) it's easier. | John Nduli |
| 2024-08-05 | Fix linting errors. | Frederick Muriuki Muriithi |
| 2024-08-02 | fix: use json to support parsing oauth2 requests...The local sign in request used by gn2 uses json. However, the default parsing assumes form data, see: - https://github.com/lepture/authlib/blob/v1.2.0/authlib/integrations/flask_oauth2/authorization_server.py#L72 - https://github.com/lepture/authlib/blob/v1.2.0/authlib/integrations/flask_helpers.py#L5 We create a custom Authorization server that defaults to `use_json=True` when creating the oauth request object | John Nduli |
| 2024-07-31 | Validate JWTs against all existing JWKs. | Frederick Muriuki Muriithi |
| 2024-07-31 | Remove obsoleted SSL_PRIVATE_KEY configuration...With the key rotation in place, eliminate the use of the SSL_PRIVATE_KEY configuration which pointed to a specific non-changing JWK. | Frederick Muriuki Muriithi |
| 2024-07-31 | Update datetime references on changed import. | Frederick Muriuki Muriithi |
| 2024-07-31 | Retrieve newest JWK, creating a new JWK where necessary....To help with key rotation, we fetch the latest key, creating a new JWK in any of the following 2 conditions: * There is no JWK in the first place * The "newest" key is older than a specified number of days | Frederick Muriuki Muriithi |
| 2024-05-13 | Fix myriad of linting error...These linting errors can't be rebased into the newer commits. | Frederick Muriuki Muriithi |
| 2024-05-13 | Link old refresh token to newly issued refresh token...We need to track the "lineage" of refresh tokens in order to detect possible stolen tokens and mitigate damage. | Frederick Muriuki Muriithi |
| 2024-05-13 | Register the RefreshTokenGrant with the server...Register the RefreshTokenGrant with the server to enable refreshing of the tokens. | Frederick Muriuki Muriithi |
| 2024-05-13 | Save refresh token when it is generated. | Frederick Muriuki Muriithi |
| 2024-05-13 | Save token with same ID as JWT's "jti" value. | Frederick Muriuki Muriithi |
| 2024-04-22 | Separate clients' keys from authorisation server's key...The authorisation server uses its key to sign any token it generates. It uses the clients' public keys to validate any assertions it receives from a client using the client's public key. | Frederick Muriuki Muriithi |
| 2024-04-20 | Setup token validators at app initialisation. | Frederick Muriuki Muriithi |
| 2024-04-20 | Define and register grant for JWT tokens. | Frederick Muriuki Muriithi |
| 2024-03-21 | Delete commented out import....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | Munyoki Kilyungi |
| 2024-03-13 | Rename "the_client" to "_client"....Signed-off-by: Munyoki Kilyungi <me@bonfacemunyoki.com> | Munyoki Kilyungi |
| 2023-08-07 | Change imports to new unified db module. | Frederick Muriuki Muriithi |
| 2023-08-07 | Update module name/path...Change from gn3 to gn_auth | Frederick Muriuki Muriithi |
| 2023-08-04 | Copy over files from GN3 repository. | Frederick Muriuki Muriithi |
 |
index : gn-auth | |
| GN authentication and authorization service |
| aboutsummaryrefslogtreecommitdiff |