GluuFederation/oxd

Issues

• fix(oxd):JSONException in oxd-server

  #644 opened 4 months ago by manojs1978
  1

• fix(oxd): update grpc libs to conform spanner CE version

  #640 opened 7 months ago by yurem
  0

• fix: failure in oxd test-cases

  #638 opened 8 months ago by duttarnab
  0

• fix(oxd): fix runtime errors in version_4.5.3

  #629 opened 8 months ago by duttarnab
  1

• Remote code execution vulnerability in Commons Text library (commons-text-1.9)

  #625 opened 2 years ago by roney492
  2

• fix: update the dependencies to resolve vulnerability

  #623 opened 2 years ago by duttarnab
  1

• fix: use remove method with OC to conform SQL ORM

  #602 opened 3 years ago by yurem
  1

• fix: fix test cases

  #587 opened 3 years ago by duttarnab
  3

• Casa script fails due to empty client redirect uri

  #595 opened 3 years ago by yurem
  3

• fix: change `expired_objects` table column name to adjust with `h2` dependency upgrade

  #586 opened 3 years ago by duttarnab
  1

• IntrospectionService - Exception during access token introspection

  #581 opened 3 years ago by chikelvi
  0

• Change `client_frontchannel_logout_uri` from `List` to `string` type during client registration

  #553 opened 3 years ago by duttarnab
  1

• oxd should be able to use Auth-server sql/spanner database for storage.

  #568 opened 3 years ago by duttarnab
  1

• Add isFips check in oxd

  #571 opened 3 years ago by duttarnab
  1

• Modify oxd apis to make it compatible with Auth0 sdks

  #572 opened 3 years ago by duttarnab
  2

• Create fallback to convert space separated scopes string to List for token introspection response.

  #570 opened 3 years ago by duttarnab
  1

• Upgrade dropwizard framework to stable with jackson dependency which does not conflict with oxauth

  #567 opened 4 years ago by yuriyz
  0

• Adding `request` paramater in `/get-authorization-code` command

  #530 opened 4 years ago by duttarnab
  4

• FAPI: If the ID Token contains multiple audiences, the Client SHOULD verify that an azp Claim is present.

  #536 opened 4 years ago by duttarnab
  2

• Write test with state=base64urlencode(url)

  #538 opened 4 years ago by yuriyz
  3

• FAPI: The iat value in the `id_token` should not be very old.

  #541 opened 4 years ago by duttarnab
  2

• FAPI: Audience, Issuer, nonce claim is mandatory in id_token

  #542 opened 4 years ago by duttarnab
  2

• Add `id_token_hint` parameter in LogoutUrl

  #550 opened 4 years ago by duttarnab
  2

• Create `login initiation endpoint` in oxd to initiate Login from a Third Party

  #565 opened 4 years ago by duttarnab
  1

• Encode client_id in authorization_url (from `/get-authorization-url`)

  #549 opened 4 years ago by duttarnab
  1

• Add `response_mode` parameter in `/get-authorization-url` to support `form_post`

  #564 opened 4 years ago by duttarnab
  1

• Displaying oxd version in `/health-check` and `/opt/oxd-server/bin/oxd-server version` output

  #560 opened 4 years ago by duttarnab
  1

• Build fails with Return code is: 501 , ReasonPhrase:HTTPS Required.

  #562 opened 4 years ago by elch78
  4

• Automation of swagger client generation in oxd

  #557 opened 4 years ago by duttarnab
  4

• Handle jwks from OP where keys are without `kid`

  #555 opened 4 years ago by duttarnab
  1

• Add `client_assertion`, `TokenEndpointAuthSigningAlgorithm` params in ` /get-tokens-by-code`.

  #511 opened 4 years ago by duttarnab
  1

• Add fields to select `tlsVersion` and `ciphers` in oxd configuration

  #517 opened 4 years ago by duttarnab
  1

• For `private_key_jwt`, `tls_client_auth` , `self_signed_tls_client_auth` allow certificate-based client authentication.

  #518 opened 4 years ago by duttarnab
  1

• Validate `s_hash` in id_token

  #519 opened 4 years ago by duttarnab
  1

• The algorithm used to sign the `id_token` should match with `id_token_signed_response_alg` set during client registration.

  #537 opened 4 years ago by duttarnab
  1

• Removed re-fetching of jwks from OP server during token validation

  #543 opened 4 years ago by duttarnab
  1

• Minor: Show clear error message when get `redirect_uri` with fragment component during registration instead of generic `invalid_redirect_uri`

  #526 opened 4 years ago by yuriyz
  1

• Upgrade dropwizard to version: 2.0.12

  #512 opened 4 years ago by duttarnab
  4

• Save `client_id` and `client_secret` in oxd storage (in Rp table) when it is passed as paramater during client registration.

  #510 opened 4 years ago by duttarnab
  1

• Merge latest changes and fix in 4.2.1 branch

  #515 opened 4 years ago by duttarnab
  1

• Add `bindHost` with default value localhost

  #503 opened 4 years ago by yuriyz
  4

• Passing `Request Object by Value` and `Request Object by Reference` in Authorization Request

  #499 opened 4 years ago by duttarnab
  1

• Use WebFinger (RFC7033) and OpenID Provider Issuer Discovery to determine the location of the OpenID Provider

  #498 opened 4 years ago by duttarnab
  1

• Correct security alert in test dependency

  #501 opened 4 years ago by yuriyz
  6

• Merge two oxd dbs data into one

  #487 opened 5 years ago by ldeveloperl1985
  0

• Improve error message when client_secret is not returned by OP

  #486 opened 4 years ago by yuriyz
  1

• `trust_all_certs` feature in oxd-server.yml not working

  #490 opened 4 years ago by duttarnab
  1

• Add persistence manager support from oxcore

  #477 opened 4 years ago by yuriyz
  7

• Upgrade oxd to log4j version 2

  #484 opened 5 years ago by yuriyz
  1

• Read jedis version from `gluu-core-bom`

  #478 opened 5 years ago by duttarnab
  1