GluuFederation/oxAuth

Issues

• bug(oxauth): UID became case sensitive for users after cache refresh in postgresql

  #1927 opened a month ago by mzico
  1

• fix(oxauth): prevent rxss

  #1923 opened 2 months ago by yuriyz
  1

• fix(oxauth): when acr_values has multiple values, order of processing is not always preserved

  #1922 opened 2 months ago by yuriyz
  1

• fix(oxauth): Plaintext passwords logged from TokenRestWebServiceImpl with DEBUG log level

  #1910 opened 3 months ago by mmrraju
  3

• feat(oxauth): support wildcard character in redirect_uri

  #1918 opened 3 months ago by aliaksander-samuseu
  2

• fix(oxauth): introspection endpoint returns error for valid basic client authentication and invalid token

  #1916 opened 4 months ago by yuriyz
  0

• fix(oxauth): check race condition during refresh token removal

  #1909 opened 4 months ago by yuriyz
  3

• Super Gluu script failed to load.

  #1902 opened 7 months ago by MohitMaliFtechiz
  2

• feat(oxauth): uppercased typ=JWT

  #1903 opened 7 months ago by yuriyz
  0

• bug: SG authentication scripts requires updates to conform new jQuery versions

  #1896 opened 8 months ago by yurem
  0

• fix(oxauth): OxElevenCryptoProvider should pass all jwks, not just first key

  #1900 opened 8 months ago by yuriyz
  1

• feat: Allow deep links in redirect Login URI

  #1894 opened 8 months ago by mzico
  2

• feat: health-check should return "starting" if external authentication and dynamic scope is not started

  #1895 opened 8 months ago by yurem
  1

• fix(oxauth): the `requestUriParameterSupported` and `requestParameterSupported` should be involved in request processing

  #1891 opened 9 months ago by mmrraju
  4

• docs: add lifetime to supergluu DCR

  #1888 opened a year ago by SafinWasi
  0

• fix(oxauth): re-authentication doesn't happen for OIDC authz request with the higher "level" acr requested anymore

  #1879 opened a year ago by aliaksander-samuseu
  5

• feat: implement Saml router script

  #1883 opened a year ago by yurem
  1

• fix(oxauth): backporting id_token validation from 4.5.3->4.2.3.sp2

  #1881 opened a year ago by yuriyz
  1

• fix(stat-exporter): if run stat exporter against jans-auth-server it is trying to connect to wrong endpoint and fail

  #1859 opened a year ago by yuriyz
  0

• fix(oxauth) : add exclusion to authentication filter for "/token" and "public client" when PKCE is used

  #1861 opened a year ago by yuriyz
  1

• Unable to add multiple case sensitive redirect URI

  #1867 opened a year ago by mzico
  2

• fix(oxauth): Updated Passwurd API script

  #1845 opened a year ago by maduvena
  0

• fix(oxauth): cnf introspection response is null even when valid cert is send during MTLS #6343

  #1868 opened a year ago by yuriyz
  1

• feat: add configuration property to AS which will allow to bypass basic client authentication restriction to query only own tokens

  #1865 opened a year ago by mmrraju
  1

• fix: Authentication Filter should not process OPTIONS request method

  #1854 opened a year ago by yurem
  2

• Support passing custom parameters in the body of POST authorization request

  #1860 opened a year ago by aliaksander-samuseu
  4

• feat(oxauth): add client_id parameter support to /end_session

  #1862 opened a year ago by yuriyz
  1

• fix(oxauth): state is not always returned on redirect from /end_session endpoint

  #1857 opened a year ago by yuriyz
  1

• fix(oxauth): if scopes are missed in grant_type=refresh_token AS must take scopes from previous grant

  #1853 opened a year ago by yuriyz
  1

• U

  #1856 opened a year ago by Gboy209420
  0

• fix(oxauth): explicit user consent is required when up-scope within client authorized scopes

  #1849 opened a year ago by yuriyz
  3

• feat(oxauth): create MAU exporter

  #1850 opened a year ago by yuriyz
  2

• fix: in 4.5 and in 4.3.1.sp1, server responding with 200 even when request is not correct

  #1843 opened a year ago by yurem
  2

• feat: add option to HttpService2 to allow configure connection timeouts

  #1840 opened a year ago by yurem
  1

• fix: HttpService functions accounting for other status codes

  #1814 opened a year ago by SafinWasi
  1

• feat: add proxy support to HttpService2 (apache http client)

  #1839 opened a year ago by yurem
  1

• fix: failed to initialize resteasy proxy from script at server startup #5116

  #1838 opened a year ago by yurem
  1

• Super_gluu authethetication failed on Mysql and postgresql

  #1834 opened a year ago by MohitMaliFtechiz
  3

• chore(oxauth): remove oxlicense dependencies which point to old commons-httpclient lib

  #1836 opened a year ago by yuriyz
  1

• Authentication failed on Twilio authn script

  #1835 opened 2 years ago by MohitMaliFtechiz
  1

• fix(oxauth): Modify AT in Update token script has errors

  #1833 opened 2 years ago by maduvena
  5

• fix: Illegal op_policy_uri parameter: - exclude entries with blank values from discovery response

  #1823 opened 2 years ago by crazedmeph
  2

• fix(deps): upgrade nimbus

  #1830 opened 2 years ago by yuriyz
  1

• Unnecessary "session not found" error messages during refresh token flow

  #1824 opened 2 years ago by aliaksander-samuseu
  1

• fix: In error pages currentDateTime is null

  #1829 opened 2 years ago by mmrraju
  2

• chore(oxauth): upgrade dependencies

  #1826 opened 2 years ago by yuriyz
  2

• feat(oxauth): we should strive to let RP handle error instead of showing Ooops page

  #1818 opened 2 years ago by yuriyz
  1

• bug(oxauth): apply `clientWhiteList` when session is valid (`allowPostLogoutRedirectWithoutValidation=true` )

  #1820 opened 2 years ago by yuriyz
  1

• fix(oxauth): Unable to fetch SessionId object after authentication

  #1819 opened 2 years ago by maduvena
  1

• fix(oxauth): dynamic registration - assign to client only scopes which are explicitly in request #4426

  #1815 opened 2 years ago by yuriyz
  2