Code Monkey home page Code Monkey logo

gatekeeper's People

Contributors

deifyed avatar dependabot[bot] avatar jonmorten avatar simenheg avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

aulonm

gatekeeper's Issues

Settle on a way to handle body size limit on proxy requests

When sending big requests (files/pictures/videos) through the proxy, Gatekeeper will block the request with an 413 request entity too large error. The limit is per now set to 1mb.

I suggest (without thinking about it really) that we set the limit to infinity, or something really high and let reverse proxies handle request limits. A counter argument is that not everyone uses reverse proxies, but I suggest we implement it when and if its needed. Debugging request limiting is a pain in the. .

I ninjamerged a temp fix here: #38

Any thoughts on how we should handle this?

Calling /userinfo with expired access_token and valid refresh_token results in 401

When the access token is expired, but the refresh token is not, user info must be called twice to get user info.

Before first request to /userinfo:

  • expired access token
  • valid refresh token
    Endpoint returns 401 and sets a new access token and refresh token

Before second request to /userinfo:

  • valid access token
  • valid refresh token
    Endpoint returns 200 with user info

What I expected is that gatekeeper first refreshed the tokens, and then fetched the user info, so that only one request is necessary.

[Security] Workflow pipeline.yaml is using vulnerable action actions/checkout

The workflow pipeline.yaml is referencing action actions/checkout using references v1. However this reference is missing the commit a6747255bd19d7a757dbdda8c654a9f84db19839 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.

Implement PKCE

The Gatekeeper brags about being best practice, let's keep it that way.

PKCE is an extension of the Authentication Code flow which is supposed to enhance security, especially for public clients.

ref

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.