Dan Milne 27d77ebf47 Expose 'username' via forward auth headers

2026-01-05 15:12:02 +11:00

..

concerns

Switch Access / Refresh tokens / Auth Code from bcrypt ( and plain ) to hmac. BCrypt is for low entropy passwords and prevents dictionary attacks - HMAC is suitable for 256-bit random data.

2025-12-31 15:48:32 +11:00

application_group.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

application_record.rb

First commit

2025-10-23 16:19:56 +11:00

application_user_claim.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

application.rb

Expose 'username' via forward auth headers

2026-01-05 15:12:02 +11:00

current.rb

First crack

2025-10-23 16:45:00 +11:00

group.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

oidc_access_token.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

oidc_authorization_code.rb

Add claims support

2026-01-05 12:00:29 +11:00

oidc_refresh_token.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

oidc_user_consent.rb

Add claims support

2026-01-05 12:00:29 +11:00

session.rb

First crack

2025-10-23 16:45:00 +11:00

user_group.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

user.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

webauthn_credential.rb

Fix webauthn bug. Fix tests. Update docs

2026-01-01 15:24:56 +11:00