clinch

Author	SHA1	Message	Date
Dan Milne	b09ddf6db5	OpenID Conformance: We need to return to the redirect_uri in the case of errors. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 15:12:55 +11:00
Dan Milne	b2030df8c2	Return only scopes requested ( OpenID conformance test. Update README	2026-01-02 14:05:54 +11:00
Dan Milne	46aa983189	Don't use secret scanner for trivy - github already does it and it's hard to ignore the test key Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 12:56:03 +11:00
Dan Milne	2f6a2c7406	Update ruby 3.4.6 -> 3.4.7. Update gems. Add trivy scanning and ignore unfixable Debian CVEs. Ignore a test fixture key for Capybara Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 12:48:40 +11:00
Dan Milne	5137a25626	Add remainging rate limits. Add docker compose production example. Update beta-checklist. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 12:14:13 +11:00
Dan Milne	fed7c3cedb	Some beta-checklist updates	2026-01-02 11:53:41 +11:00
Dan Milne	c1c6e0112e	ADd backup / restore documentation Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 15:40:49 +11:00
Dan Milne	1afcd041f9	Update README, fix a test	2026-01-01 15:17:28 +11:00
Dan Milne	71198340d0	fix tests and add a Claude.md file Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 15:11:46 +11:00
Dan Milne	9234904e47	Add security-todo and beta-checklists, and some security rake tasks Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 13:06:54 +11:00
Dan Milne	e36a9a781a	Add new claims to the discovery endpoint Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-31 17:27:28 +11:00
Dan Milne	3db466f5a2	Switch Access / Refresh tokens / Auth Code from bcrypt ( and plain ) to hmac. BCrypt is for low entropy passwords and prevents dictionary attacks - HMAC is suitable for 256-bit random data. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-31 15:48:32 +11:00
Dan Milne	7c6ae7ab7e	Store only HMAC'd Auth codes, rather than plain text auth codes.	2025-12-31 15:00:00 +11:00
Dan Milne	a17c08c890	Improve the README	2025-12-31 14:31:53 +11:00
Dan Milne	4f31fadc6c	Improve the README and remove incorrect claims. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-31 12:17:15 +11:00
Dan Milne	29c0981a59	Improve readme and tests Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-31 11:56:09 +11:00
Dan Milne	9d402fcd92	Clean up and secure web_authn controller Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-31 11:44:11 +11:00
Dan Milne	283feea175	Update depenencies, bump versoin	2025-11-30 23:13:25 +11:00
Dan Milne	f8543f98cc	Add a subdirectory for active storage Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-27 19:12:09 +11:00
Dan Milne	d6029556d3	Add OIDC fixes, add prefered_username, add application-user claims	2025-11-25 16:29:40 +11:00
Dan Milne	7796c38c08	Add pairwise SID with a UUIDv4, a significatant upgrade over User.id.to_s. Complete allowing admin to enforce TOTP per user Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-23 11:16:06 +11:00
Dan Milne	e882a4d6d1	More complete oidc Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-18 20:03:03 +11:00
Dan Milne	4c5ac344bd	Bug updating OIDC apps. Update readme Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 20:14:41 +11:00
Dan Milne	ef15db77f9	Massive refactor. Merge forward_auth into App, remove references to unimplemented OIDC federation and SAML features. Add group and user custom claims. Groups now allocate which apps a user can use Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 13:21:55 +11:00
Dan Milne	4d1bc1ab66	Update readme	2025-10-29 22:39:49 +11:00
Dan Milne	c3205abffa	Improve finding the requested host's domain for setting the domain cookie	2025-10-29 13:47:23 +11:00
Dan Milne	2ee895888d	Add screenshots	2025-10-28 09:01:42 +11:00
Dan Milne	7d200b849e	Add a screenshot	2025-10-28 09:01:42 +11:00
Dan Milne	2679634a2b	Port 3000	2025-10-25 16:00:09 +11:00
Dan Milne	2d5823213c	Update readme	2025-10-25 13:50:15 +11:00
Dan Milne	831bd083c2	Update readme Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-24 12:02:38 +11:00
Dan Milne	1212e0f22e	Allow redirection to 3rd party sites Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-24 11:52:58 +11:00
Dan Milne	fc9afcd1b7	Separate Forward auth into it's own models + controller Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-24 10:56:27 +11:00
Dan Milne	256cbe3a48	User registation working. Sidebar built. Dashboard built. TOTP enable works - TOTP login works Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-23 18:07:27 +11:00
Dan Milne	56f7dd7b3c	First crack Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-23 16:45:00 +11:00
Dan Milne	1ff0a95392	First commit Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-23 16:19:56 +11:00

36 Commits