Skip to content
Snippets Groups Projects
Select Git revision
  • connector-ldap-fix-tests
  • approval
  • also-push-image-with-commit-sha-tag
  • hdacloud
  • dependabot/go_modules/api/v2/google.golang.org/grpc-1.69.4
  • dependabot/go_modules/examples/google.golang.org/grpc-1.69.4
  • dependabot/docker/distroless/static-debian12-6ec5aa9
  • master default protected
  • dependabot/docker/golang-2314d93
  • dependabot/go_modules/golang.org/x/net-0.34.0
  • dependabot/go_modules/google.golang.org/api-0.216.0
  • dependabot/github_actions/actions/cache-4.2.0
  • dependabot/github_actions/docker/setup-buildx-action-3.8.0
  • dependabot/github_actions/helm/kind-action-1.12.0
  • dependabot/github_actions/docker/setup-qemu-action-3.3.0
  • dependabot/github_actions/anchore/sbom-action-0.17.9
  • update-go
  • dependabot/go_modules/examples/go_modules-232a611e2d
  • dependabot/go_modules/go_modules-232a611e2d
  • dependabot/go_modules/api/v2/go_modules-232a611e2d
  • api/v2.2.0
  • v2.41.1
  • v2.41.0
  • v2.40.0
  • v2.39.1
  • v2.39.0
  • v2.38.0
  • v2.37.0
  • v2.36.0
  • v2.35.3
  • v2.35.2
  • v2.35.1
  • v2.35.0
  • v2.32.1
  • v2.34.0
  • v2.33.1
  • v2.33.0
  • v2.32.0
  • v2.31.2
  • v2.31.1
40 results
Compare
user avatar
server: add at_hash claim support
Eric Chiang authored 
The "at_hash" claim, which provides hash verification for the
"access_token," is a required claim for implicit and hybrid flow
requests. Previously we did not include it (against spec). This
PR implements the "at_hash" logic and adds the claim to all
responses.

As a cleanup, it also moves some JOSE signing logic out of the
storage package and into the server package.

For details see:

https://openid.net/specs/openid-connect-core-1_0.html#ImplicitIDToken
1eda3827
History
user avatar 1eda3827
History
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
Name Last commit Last update
..