Commit Graph

452 Commits

Author SHA1 Message Date
Elias Schneider
ef5444342c Merge branch 'main' into feat/huma-api-docs 2026-07-17 11:19:04 +02:00
Elias Schneider
807bd9e037 feat: add support for proxy protocol 2026-07-17 10:37:47 +02:00
Kyle Mendell
f5de8e6bad remove built in api docs 2026-07-16 21:45:52 -05:00
Kyle Mendell
8beb4921c1 coderabbit review stuff 2026-07-13 11:25:01 -05:00
Kyle Mendell
c87b9a97aa limits 2026-07-13 11:12:46 -05:00
Kyle Mendell
00d2b0fea9 Merge remote-tracking branch 'origin/main' into feat/huma-api-docs 2026-07-13 11:00:13 -05:00
Elias Schneider
9714296efb fix: block link-local addresses in SSRF protection 2026-07-13 11:05:24 +02:00
Elias Schneider
187cd8ddcd feat: add support for CIDR and IP address lists in TRUST_PROXY 2026-07-13 09:32:05 +02:00
Elias Schneider
d9ead47d19 fix: allow insecure callback URLs by default until next major release 2026-07-13 09:21:53 +02:00
Kyle Mendell
7b5d6f5a9c format api routes 2026-07-12 13:42:05 -05:00
Kyle Mendell
3893376cba Merge branch 'main' into feat/huma-api-docs 2026-07-12 12:48:50 -05:00
Alessandro (Ale) Segala
cfda5f693b refactor: manage instance ID in the KV table (#1579) 2026-07-11 16:16:05 +02:00
Kyle Mendell
f8b441fb06 feat: built in api documentation via huma gin adapter 2026-07-10 16:31:45 -05:00
Elias Schneider
da3677f33d docs: fix wrong OpenAPI documentation 2026-07-10 15:44:28 +02:00
Alessandro (Ale) Segala
b2711ced99 fix: /authorize endpoint crashes when list of scopes is empty (#1575) 2026-07-08 17:48:32 -07:00
Sean McKenzie
6734585712 feat: add description field to oidc clients (#1547)
Co-authored-by: Elias Schneider <login@eliasschneider.com>
2026-07-08 13:41:51 +02:00
Elias Schneider
c85a4e63da fix: disable one time access token exchange for disabled users 2026-07-08 12:04:16 +02:00
Elias Schneider
ce7d3a7e1d tests(unit): fix wrong migration name 2026-07-08 11:51:43 +02:00
Elias Schneider
190914fd72 refactor: remove duplicate fosite config properties 2026-07-08 11:01:50 +02:00
Elias Schneider
25dcad757a feat: add support for unencrypted OIDC request parameter 2026-07-08 10:42:05 +02:00
Elias Schneider
f3b6ceb876 fix: add missing burst to rate limit 2026-07-07 14:01:26 +02:00
Elias Schneider
fa2d08cb6d refactor: remove redundant dtos 2026-07-07 11:51:37 +02:00
Elias Schneider
2f55b7cbc3 fix: device authorization resolve resource creating device_code 2026-07-07 11:51:02 +02:00
Elias Schneider
8035a4c8d5 perf: include permissions in api list response 2026-07-07 11:38:59 +02:00
Elias Schneider
7667377c98 refactor: pass transaction to resolveResource 2026-07-07 11:14:19 +02:00
Elias Schneider
5e2cc6f40e fix: merge requested scopes instead of replacing them 2026-07-07 11:03:06 +02:00
Elias Schneider
e8cb0c831c fix: re-check api permissions on access token refresh 2026-07-07 10:58:39 +02:00
Elias Schneider
9a94aa0694 refactor: move Pocket ID specific logic from Fosite into Pocket ID repo 2026-07-06 23:34:33 +02:00
Elias Schneider
34e9a6d198 fix: restore behavior that unknown scopes get ignored 2026-07-06 22:42:38 +02:00
Elias Schneider
09d196f7c5 feat: add OAuth APIs with scoped permissions (#1542)
Co-authored-by: Alessandro (Ale) Segala <43508+ItalyPaleAle@users.noreply.github.com>
2026-07-06 12:25:02 -07:00
Alessandro (Ale) Segala
eefd51cc4d fix: various bugs in observability / OTel (#1564) 2026-07-05 14:14:39 -07:00
Alessandro (Ale) Segala
f68ad42618 chore: use go-kit for sending emails (#1565) 2026-07-05 13:10:11 -07:00
Alessandro (Ale) Segala
9607495ab4 refactor: integrate Francis actor framework for background jobs, cron scheduling, and rate limiting (#1556)
Co-authored-by: Elias Schneider <login@eliasschneider.com>
Co-authored-by: Claude <noreply@anthropic.com>
2026-07-03 08:36:45 +02:00
Elias Schneider
ecad31cae2 refactor: migrate signup functionality to single usersignup module 2026-06-30 20:53:31 +02:00
Elias Schneider
58fcf7cbe6 refactor: migrate Webauthn functionality to single webauthn module 2026-06-29 14:05:07 +02:00
Elias Schneider
9fce987106 refactor: migrate API key functionality to single apikey module 2026-06-29 12:11:18 +02:00
James18232
97bd466f38 feat: prompt admin with PKCE client support hint (#1499)
Co-authored-by: james <james@goldfish.net>
Co-authored-by: Alessandro (Ale) Segala <43508+ItalyPaleAle@users.noreply.github.com>
Co-authored-by: Elias Schneider <login@eliasschneider.com>
Co-authored-by: Kyle Mendell <kmendell@ofkm.us>
2026-06-28 11:10:30 -07:00
Elias Schneider
d467855870 feat: add ability to skip consent for client 2026-06-26 23:35:26 +02:00
Elias Schneider
16b5c16a66 fix: CSP error with response_mode=form_post 2026-06-26 14:51:56 +02:00
Elias Schneider
2ed703540d fix: don't reject offline_accessscope 2026-06-26 14:43:22 +02:00
Elias Schneider
8689ddd72b feat: improve error handling on authorize page 2026-06-22 22:12:14 +02:00
Elias Schneider
519cda0eef refactor: remove dead code 2026-06-22 21:58:55 +02:00
Elias Schneider
8158452b37 refactor: use fosite for OAuth 2.0 logic (#1520) 2026-06-22 18:42:02 +02:00
James18232
2e77d57282 fix: login code null submission and login code length check (#1512)
Co-authored-by: james <james@goldfish.net>
Co-authored-by: Kyle Mendell <kmendell@ofkm.us>
2026-06-20 20:42:50 +02:00
Elias Schneider
8a75774971 fix: callback URL validation not validated if prompt=none 2026-06-16 12:02:57 +02:00
Elias Schneider
3d9d4de619 fix: PAR parameters not respected by authorize page 2026-06-16 09:29:34 +02:00
Elias Schneider
4f97cd4188 refactor: fix linter issues 2026-06-02 14:08:33 +02:00
Thibault NORMAND
68a5abdcca feat(oauth): add support for Pushed Authorization Requests (RFC9126) (#1404)
Co-authored-by: Elias Schneider <login@eliasschneider.com>
2026-06-02 14:02:12 +02:00
Elias Schneider
7027296632 fix: restore cross-platform binary builds 2026-05-31 20:04:30 +02:00
Elias Schneider
bc4f75c44f refactor: fix linter issues 2026-05-29 12:25:06 +02:00