auth0/express-openid-connect

Issues

• Please update cookie dependency to >=0.7.1 and release a new version

  #637 opened 2 months ago by sseide
  1

• Unable to perform error handling for custom session store.

  #620 opened 8 months ago by YMarumo
  1

• Allow setting cookie domain for the transactionCookie separately from session cookie

  #636 opened 2 months ago by mhautala
  1

• id_token claims should be decoded before afterCallback is invoked

  #634 opened 3 months ago by nboisnea
  0

• attemptSilentLogin doesn't take into account Auth0 session

  #630 opened 3 months ago by vafada
  2

• Replace the "checks.state argument is missing" error message

  #627 opened 5 months ago by natewaddoups
  1

• absoluteDuration: false not working as expected

  #624 opened 6 months ago by hwride
  3

• AuthorizationParameters.nonce is discarded.

  #622 opened 4 months ago by timvanoostrom
  2

• Don't set `id_token` if not in refresh response

  #628 opened 5 months ago by wryrye
  1

• Be able to have different strategies of session storage between logged users or anonymous ones

  #623 opened 6 months ago by Will956
  4

• BadRequestError: checks.state argument is missing when routing between pages using browser's back button

  #625 opened 6 months ago by link01153113
  2

• Remove hard-coded logout endpoint for broader provider compatibility

  #621 opened 8 months ago by chesspro13
  2

• Request for support of rotating ID Token algorithm

  #616 opened 8 months ago by dutta-arnab1
  2

• Documentation gaps (readme.md), is this framework ONLY for auth0, or can work with any OIDC provider?

  #613 opened 9 months ago by DmitriyAlergant-T1A
  3

• Deprecation warning (promisify) when upgrading to Node v21.6.0

  #571 opened a year ago by Will956
  0

• Please support NestJS.

  #436 opened 2 years ago by KieronWiltshire
  9

• Continue Signed In Functionality

  #488 opened a year ago by mnadeem
  3

• Have a way to configure different domain for refreshing token and accessing login page

  #554 opened a year ago by Will956
  1

• BadRequestError: checks.state argument is missing

  #543 opened a year ago by javiern8410
  2

• Allow logout_hint instead of id_token_hint

  #530 opened a year ago by timvanoostrom
  3

• checks.state argument is missing

  #512 opened a year ago by maciekpaprocki
  2

• code samples, an interface, or middleware for fastify (express is becoming legacy)

  #504 opened a year ago by jordanst3wart
  1

• node crypto hkdfSync vs hkdf

  #487 opened a year ago by alexcberk
  2

• Timeout issues when calling `/oauth/token` and/or `.well-known/openid-configuration`

  #482 opened a year ago by Will956
  4

• ES6 Modules are not yet supported completely.

  #480 opened a year ago by techlism
  1

• the "originalUrl" is not used as the default "returnTo" url, the baseUrl is

  #479 opened a year ago by jordanst3wart
  2

• AggregateError: Issuer.discover() failed

  #476 opened 2 years ago by mnadeem
  2

• Incorrect forwarding with reverse proxy after callback

  #475 opened 2 years ago by sebsgr
  5

• Expose the http parameters, including https, e.g. certificate authority (ca) in auth config

  #459 opened 2 years ago by hcjehg
  5

• Use of sync api

  #474 opened 2 years ago by maciekpaprocki
  1

• Using express-openid-connect with express 5

  #472 opened 2 years ago by maciekpaprocki
  1

• Auth flow doesn't complete when using AWS Lambda

  #473 opened 2 years ago by rbhalla
  2

• Question: mitigate `checks.state argument is missing` error when messing with concurrent login.

  #467 opened 2 years ago by maxime-bc
  12

• Question: How to set up swagger to work with express-openid-connect?

  #462 opened 2 years ago by spuxx1701
  7

• Modify Config based on request headers.

  #466 opened 2 years ago by srirudratetali273
  2

• Question: `genid` function as async

  #463 opened 2 years ago by Will956
  2

• Logout does not produce the expected behavior when performed by GET <CUSTOM_DOMAIN>/v2/logout call (PKCE flow)

  #455 opened 2 years ago by StudioFlow
  6

• client_credentials flow support?

  #457 opened 2 years ago by juliussuominen
  2

• `/logout` cookie cleaning issues

  #452 opened 2 years ago by Will956
  2

• isExpired should not only check access token, but also provide possibility to validate for id token

  #444 opened 2 years ago by awacode21
  2

• Setting idpLogout to true is not working as expected

  #451 opened 2 years ago by danielwong2268
  1

• Use appSession for unauthenticated users

  #450 opened 2 years ago by webstacker
  2

• in-flight request re-establishes `appSession` cookie that is cleared by `/logout`

  #446 opened 2 years ago by samm81
  4

• Allow authorization bearer header to authenticate

  #445 opened 2 years ago by qpwo
  5

• Question - appSession cookie not backed with a session store - is there a workaround?

  #440 opened 2 years ago by javapapo
  4

• The 'expires' prop required in the cookiesConfig

  #431 opened 2 years ago by younes-io
  4

• BadRequestError: checks.state argument is missing, While Production and deployment in digital ocean platform.

  #432 opened 2 years ago by naresh4dev
  5

• invalid_token after success login

  #433 opened 2 years ago by rjcpereira
  2

• Incorrect Type Definitions for Properties Added in SDK-3808

  #428 opened 2 years ago by mmcxii
  1

• Defense-In-Depth Post-Login CSRF Support

  #426 opened 2 years ago by madaster97
  4