Dan Milne 5178cf3d81 Drop redundant MemoryStore internals peek from fa_token creation test ...

The refute_match on response.location already proves create_forward_auth_token
did nothing: the cache.write and the URL rewrite are back-to-back with no
branch between them, so the URL lacking fa_token= implies no cache entry
was written. The instance_variable_get(:@data) inspection was both redundant
and coupled to MemoryStore's private layout.

Co-Authored-By: Claude Opus 4 <noreply@anthropic.com>

2026-04-20 20:28:28 +10:00

..

api

Drop redundant MemoryStore internals peek from fa_token creation test

2026-04-20 20:28:28 +10:00

concerns

StandardRB fixes

2026-01-01 13:29:44 +11:00

.keep

First commit

2025-10-23 16:19:56 +11:00

input_validation_test.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

invitations_controller_test.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

oidc_authorization_code_security_test.rb

Revoke full token chain on OIDC authorization-code replay

2026-04-20 17:39:08 +10:00

oidc_claims_security_test.rb

Add missing files, fix formatting

2026-01-05 23:34:11 +11:00

oidc_pkce_controller_test.rb

Harden OIDC, add SVG sanitization, improve form UX and security defaults

2026-04-06 21:06:51 +10:00

oidc_prompt_login_test.rb

Upgrade to Ruby 4.0.1, bump version to 0.9.0

2026-03-05 21:52:11 +11:00

oidc_refresh_token_controller_test.rb

OpenID Conformance: user info endpoint should support get and post requets, not just get

2026-01-02 15:26:39 +11:00

oidc_userinfo_controller_test.rb

OpenID conformance test: we get a warning for not having a value for every claim. But we can explictly list support claims. Nothing we can do about a warning in the complience.

2026-01-02 16:35:12 +11:00

passwords_controller_test.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

sessions_controller_test.rb

StandardRB fixes

2026-01-01 13:29:44 +11:00

totp_security_test.rb

Hold TOTP enrollment secret server-side and email user on activation

2026-04-20 18:17:50 +10:00