| Age | Commit message (Expand) | Author |
|---|---|---|
| 2024-10-09 | Update Configs: Change `OAUTH2_SCOPE` => `OAUTH2_SCOPES_SUPPORTED`...Use the OAUTH2_SCOPES_SUPPORTED application configuration variable, that is used by the flask integration for the Authlib library to set up the supported scopes. | Frederick Muriuki Muriithi |
| 2024-08-13 | Emails: Make "From" address configurable...We are running GeneNetwork in different environments. Each environment could have it's own separate domain, and need a different sender email to allow the underlying services to allow the emails through. | Frederick Muriuki Muriithi |
| 2024-07-31 | Remove the `CLIENTS_SSL_PUBLIC_KEYS_DIR` configuration...Moving forward, each client will advertise it's current JWKs at a known endpoint, and we'll use those, rather than having a configuration that requires manual update of the certificates. This will make it easier to implement key rotation on the clients too. | Frederick Muriuki Muriithi |
| 2024-07-31 | Enable external configuration of session expiry period...Enable passing in the number of minutes that a session can be valid for. This enables the length of time that the session can last to be configurable rather than hard-coded. | Frederick Muriuki Muriithi |
| 2024-07-31 | Remove obsoleted SSL_PRIVATE_KEY configuration...With the key rotation in place, eliminate the use of the SSL_PRIVATE_KEY configuration which pointed to a specific non-changing JWK. | Frederick Muriuki Muriithi |
| 2024-07-31 | Retrieve newest JWK, creating a new JWK where necessary....To help with key rotation, we fetch the latest key, creating a new JWK in any of the following 2 conditions: * There is no JWK in the first place * The "newest" key is older than a specified number of days | Frederick Muriuki Muriithi |
| 2024-06-03 | Initialise default email settings for the application. | Frederick Muriuki Muriithi |
| 2024-04-25 | Make `CLIENTS_SSL_PUBLIC_KEYS_DIR` explicitly a config setting. | Frederick Muriuki Muriithi |
| 2024-04-23 | Update default settings. | Frederick Muriuki Muriithi |
| 2024-04-22 | Separate clients' keys from authorisation server's key...The authorisation server uses its key to sign any token it generates. It uses the clients' public keys to validate any assertions it receives from a client using the client's public key. | Frederick Muriuki Muriithi |
| 2024-04-18 | Add the `SSL_KEY_PAIR_*` configurations...Add paths to the SSL key-pair used for signing and verifying the JWTs. | Frederick Muriuki Muriithi |
| 2024-03-01 | Put `GN_AUTH_SECRETS` config in the main configuration file. | Frederick Muriuki Muriithi |
| 2023-12-05 | Add missing scripts and update code to invoke them...Copy the missing scripts over from GN3 and update them for gn-auth. Update the code to invoke the scripts correctly. Set up correct redis keys for use with the scripts. | Frederick Muriuki Muriithi |
| 2023-12-05 | Enable CORS to allow access from GN2 javascript | Frederick Muriuki Muriithi |
| 2023-09-26 | Add default `REDIS_URI` configuration. | Frederick Muriuki Muriithi |
| 2023-08-04 | Initialise the application and update some module imports | Frederick Muriuki Muriithi |
 |
index : gn-auth | |
| GN authentication and authorization service |
| aboutsummaryrefslogtreecommitdiff |