GluuFederation/oxAuth
OAuth 2.0 server and client; OpenID Connect Provider (OP) & UMA Authorization Server (AS)
JavaMIT
Issues
- 1
fix(oxauth): prevent rxss
#1923 opened by yuriyz - 1
fix(oxauth): when acr_values has multiple values, order of processing is not always preserved
#1922 opened by yuriyz - 3
fix(oxauth): Plaintext passwords logged from TokenRestWebServiceImpl with DEBUG log level
#1910 opened by mmrraju - 2
- 0
fix(oxauth): introspection endpoint returns error for valid basic client authentication and invalid token
#1916 opened by yuriyz - 3
- 2
Super Gluu script failed to load.
#1902 opened by MohitMaliFtechiz - 0
feat(oxauth): uppercased typ=JWT
#1903 opened by yuriyz - 0
- 1
- 2
feat: Allow deep links in redirect Login URI
#1894 opened by mzico - 1
feat: health-check should return "starting" if external authentication and dynamic scope is not started
#1895 opened by yurem - 4
fix(oxauth): the `requestUriParameterSupported` and `requestParameterSupported` should be involved in request processing
#1891 opened by mmrraju - 0
docs: add lifetime to supergluu DCR
#1888 opened by SafinWasi - 5
fix(oxauth): re-authentication doesn't happen for OIDC authz request with the higher "level" acr requested anymore
#1879 opened by aliaksander-samuseu - 1
feat: implement Saml router script
#1883 opened by yurem - 1
- 0
fix(stat-exporter): if run stat exporter against jans-auth-server it is trying to connect to wrong endpoint and fail
#1859 opened by yuriyz - 1
fix(oxauth) : add exclusion to authentication filter for "/token" and "public client" when PKCE is used
#1861 opened by yuriyz - 2
Unable to add multiple case sensitive redirect URI
#1867 opened by mzico - 0
fix(oxauth): Updated Passwurd API script
#1845 opened by maduvena - 1
fix(oxauth): cnf introspection response is null even when valid cert is send during MTLS #6343
#1868 opened by yuriyz - 1
feat: add configuration property to AS which will allow to bypass basic client authentication restriction to query only own tokens
#1865 opened by mmrraju - 2
- 4
Support passing custom parameters in the body of POST authorization request
#1860 opened by aliaksander-samuseu - 1
- 1
fix(oxauth): state is not always returned on redirect from /end_session endpoint
#1857 opened by yuriyz - 1
fix(oxauth): if scopes are missed in grant_type=refresh_token AS must take scopes from previous grant
#1853 opened by yuriyz - 0
U
#1856 opened by Gboy209420 - 3
fix(oxauth): explicit user consent is required when up-scope within client authorized scopes
#1849 opened by yuriyz - 2
feat(oxauth): create MAU exporter
#1850 opened by yuriyz - 2
fix: in 4.5 and in 4.3.1.sp1, server responding with 200 even when request is not correct
#1843 opened by yurem - 3
- 1
- 1
- 1
- 1
- 3
- 1
chore(oxauth): remove oxlicense dependencies which point to old commons-httpclient lib
#1836 opened by yuriyz - 1
Authentication failed on Twilio authn script
#1835 opened by MohitMaliFtechiz - 5
fix(oxauth): Modify AT in Update token script has errors
#1833 opened by maduvena - 2
fix: Illegal op_policy_uri parameter: - exclude entries with blank values from discovery response
#1823 opened by crazedmeph - 1
fix(deps): upgrade nimbus
#1830 opened by yuriyz - 1
Unnecessary "session not found" error messages during refresh token flow
#1824 opened by aliaksander-samuseu - 2
fix: In error pages currentDateTime is null
#1829 opened by mmrraju - 2
chore(oxauth): upgrade dependencies
#1826 opened by yuriyz - 1
feat(oxauth): we should strive to let RP handle error instead of showing Ooops page
#1818 opened by yuriyz - 1
bug(oxauth): apply `clientWhiteList` when session is valid (`allowPostLogoutRedirectWithoutValidation=true` )
#1820 opened by yuriyz - 1
- 2
fix(oxauth): dynamic registration - assign to client only scopes which are explicitly in request #4426
#1815 opened by yuriyz