This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/server
Alastair Houghton cd0c24ec4d fix: add an extra endpoint to avoid refresh generating AuthRequests.
By adding an extra endpoint and a redirect, we can avoid a situation
where it's trivially easy to generate a large number of AuthRequests
by hitting F5/refresh in the browser.

Signed-off-by: Alastair Houghton <alastair@alastairs-place.net>
2021-05-21 11:42:52 +01:00
..
internal chore(deps): upgrade protobuf in server/internal package 2021-03-22 19:27:47 +01:00
api.go Discard package "version" (#2107) 2021-05-18 00:55:24 +02:00
api_test.go Discard package "version" (#2107) 2021-05-18 00:55:24 +02:00
deviceflowhandlers.go Make /device/token deprecation warning more concise 2021-02-25 11:53:25 +04:00
deviceflowhandlers_test.go Add gocritic 2020-10-18 01:54:27 +04:00
doc.go initial commit 2016-07-26 15:51:24 -07:00
handlers.go fix: add an extra endpoint to avoid refresh generating AuthRequests. 2021-05-21 11:42:52 +01:00
handlers_test.go fix: add an extra endpoint to avoid refresh generating AuthRequests. 2021-05-21 11:42:52 +01:00
oauth2.go Merge pull request #1773 from faro-oss/faro-upstream/add-c_hash-to-id_token 2021-02-10 16:12:54 +01:00
oauth2_test.go Use constants in errors 2021-01-18 14:54:43 +04:00
refreshhandlers.go Update server/refreshhandlers.go 2021-03-09 09:41:41 +04:00
refreshhandlers_test.go More refresh token handler refactoring, more tests 2021-02-10 23:43:19 +04:00
rotation.go Fixes of naming and code style 2021-02-10 23:37:57 +04:00
rotation_test.go Fixes of naming and code style 2021-02-10 23:37:57 +04:00
server.go fix: add an extra endpoint to avoid refresh generating AuthRequests. 2021-05-21 11:42:52 +01:00
server_test.go remove client secret encryption option 2021-05-17 10:16:50 -04:00
templates.go fix: back link on password page needs to be explicit. 2021-05-21 11:24:30 +01:00
templates_test.go use go 1.16 new package io/fs 2021-03-20 20:05:59 +00:00