planka_custom

You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

History

lebaudantoine 9aaaca1b8d feat: Support OIDC signed UserInfo responses Some OIDC providers support signed UserInfo response, to enhance security. The OIDC client should be free to ask for the user info sgnature, however in certain situations (e.g egov applications) where security matters, the OIDC providers might chose to enforce this sugnature. Planka was not supported signed UserInfo response, which resulted in an misleading exception 'invalidCodeOrNonce'. Introduce the proper configurations to parametrize the OIDC client, and a dedicated exception to improve the developer experience. Specifications: "The UserInfo Claims MUST be returned as the members of a JSON object unless a signed or encrypted response was requested during Client Registration."	1 year ago
..
index.js	feat: Support OIDC signed UserInfo responses	1 year ago

lebaudantoine 9aaaca1b8d feat: Support OIDC signed UserInfo responses

Some OIDC providers support signed UserInfo response, to enhance
security. The OIDC client should be free to ask for the user info
sgnature, however in certain situations (e.g egov applications)
where security matters, the OIDC providers might chose to enforce
this sugnature.

Planka was not supported signed UserInfo response, which resulted
in an misleading exception 'invalidCodeOrNonce'.

Introduce the proper configurations to parametrize the OIDC client,
and a dedicated exception to improve the developer experience.

Specifications:

"The UserInfo Claims MUST be returned as the members of a JSON
object unless a signed or encrypted response was requested
during Client Registration."

index.js

feat: Support OIDC signed UserInfo responses