handler/oauth2: set expiration time before the access token is generated #216
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Nikita Vorobey <[email protected]>
|
Thank you! |
mgloystein
added a commit
to spotxchange/fosite
that referenced
this pull request
Jan 11, 2018
* handler/oauth2: set expiration time before the access token is generated (ory#216) Signed-off-by: Nikita Vorobey <[email protected]> * token/hmac: replace custom logic with copypasta * tests: replace nil checks with Error/NoError * scripts: add format helper scripts * all: format files with goimports * travis: use go-acc and test format * history: add 0.12.0 to TOC * travis: update to go 1.9 * travis: add goimports to install section * scripts: fix goimports import path * vendor: replace glide with dep * Add license header to all source files (ory#222) Closes ory#221 Signed-off-by: aeneasr <[email protected]> * travis: update go version (ory#220) * handler/oauth2: Client IDs in revokation requests must match now (ory#226) Closes ory#225 * Simplifies error contexts (ory#227) Simplifies how errors are instantiated. Errors now contain all necessary information without relying on `fosite.ErrorToRFC6749Error` any more. `fosite.ErrorToRFC6749Error` is now an internal method and was renamed to `fosite.errorToRFC6749Error`. * Exports ErrorToRFC6749Error again (ory#228) * Makes use of rfcerr in access error endpoint writer explicit * handler/oauth2: Improves authorization code error handling * handler/oauth2: Adds token revokation on authorize code reuse * internal: Updates mocks and mock generation * oauth2: Allows client credentials in POST body and solves public client auth Closes ory#231 Closes ory#217 * Improves error debug messages across the project * Resolves test issues and reverts auth code revokation patch * docs: Updates history.md * Improves test coverage report by removing internal package from it * Upgrades history.md * token/jwt: Adds ability to specify acr value natively in id token payload * Forces use of UTC time zone everywhere * Adds ability to catch non-conform OIDC authorizations Fosite is now capable of detecting authorization flows that are not conformant with the OpenID Connect spec. * Resolves overriding auth_time with wrong value * Improves http error codes * Returns the correct error on duplicate auth code use * handler/oauth2: Adds offline_access alias for refresh flow * Adds ability to forward hints and debug messages to clients (ory#242) * compose: Makes SendDebugMessages first class citizen (ory#243)
mgloystein
added a commit
to spotxchange/fosite
that referenced
this pull request
Mar 27, 2018
* handler/oauth2: set expiration time before the access token is generated (ory#216) Signed-off-by: Nikita Vorobey <[email protected]> * token/hmac: replace custom logic with copypasta * tests: replace nil checks with Error/NoError * scripts: add format helper scripts * all: format files with goimports * travis: use go-acc and test format * history: add 0.12.0 to TOC * travis: update to go 1.9 * travis: add goimports to install section * scripts: fix goimports import path * vendor: replace glide with dep * Add license header to all source files (ory#222) Closes ory#221 Signed-off-by: aeneasr <[email protected]> * travis: update go version (ory#220) * handler/oauth2: Client IDs in revokation requests must match now (ory#226) Closes ory#225 * Simplifies error contexts (ory#227) Simplifies how errors are instantiated. Errors now contain all necessary information without relying on `fosite.ErrorToRFC6749Error` any more. `fosite.ErrorToRFC6749Error` is now an internal method and was renamed to `fosite.errorToRFC6749Error`. * Exports ErrorToRFC6749Error again (ory#228) * Makes use of rfcerr in access error endpoint writer explicit * handler/oauth2: Improves authorization code error handling * handler/oauth2: Adds token revokation on authorize code reuse * internal: Updates mocks and mock generation * oauth2: Allows client credentials in POST body and solves public client auth Closes ory#231 Closes ory#217 * Improves error debug messages across the project * Resolves test issues and reverts auth code revokation patch * docs: Updates history.md * Improves test coverage report by removing internal package from it * Upgrades history.md * token/jwt: Adds ability to specify acr value natively in id token payload * Forces use of UTC time zone everywhere * Adds ability to catch non-conform OIDC authorizations Fosite is now capable of detecting authorization flows that are not conformant with the OpenID Connect spec. * Resolves overriding auth_time with wrong value * Improves http error codes * Returns the correct error on duplicate auth code use * handler/oauth2: Adds offline_access alias for refresh flow * Adds ability to forward hints and debug messages to clients (ory#242) * compose: Makes SendDebugMessages first class citizen (ory#243)
budougumi0617
added a commit
to budougumi0617/fosite
that referenced
this pull request
May 10, 2019
…ted (ory#216) Signed-off-by: Nikita Vorobey <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi!
JWT access token has invalid value in "exp" claim if implicit flow is used. This is because the token is generated before it is assigned an expiration time.