oslokommune / gatekeeper Goto Github PK
View Code? Open in Web Editor NEWSimplifies integrating a web application with OAuth2 OIDC
License: MIT License
Simplifies integrating a web application with OAuth2 OIDC
License: MIT License
When sending big requests (files/pictures/videos) through the proxy, Gatekeeper will block the request with an 413 request entity too large error. The limit is per now set to 1mb.
I suggest (without thinking about it really) that we set the limit to infinity, or something really high and let reverse proxies handle request limits. A counter argument is that not everyone uses reverse proxies, but I suggest we implement it when and if its needed. Debugging request limiting is a pain in the. .
I ninjamerged a temp fix here: #38
Any thoughts on how we should handle this?
When the access token is expired, but the refresh token is not, user info must be called twice to get user info.
Before first request to /userinfo:
Before second request to /userinfo:
What I expected is that gatekeeper first refreshed the tokens, and then fetched the user info, so that only one request is necessary.
Would be nice with a descriptive error when one has misconfigured an upstream. Per now we get 500
We should either provide a adequate error message or redirect to frontend base URL in this case
The workflow pipeline.yaml is referencing action actions/checkout using references v1. However this reference is missing the commit a6747255bd19d7a757dbdda8c654a9f84db19839 which may contain fix to the some vulnerability.
The vulnerability fix that is missing by actions version could be related to:
(1) CVE fix
(2) upgrade of vulnerable dependency
(3) fix to secret leak and others.
Please consider to update the reference to the action.
The Gatekeeper brags about being best practice, let's keep it that way.
PKCE is an extension of the Authentication Code flow which is supposed to enhance security, especially for public clients.
Interrupting the server is a pain
Due to the Secure flag and no SSL locally, developing is subpar due to the difference in environment compared to prod.
This tool looks promising: https://github.com/FiloSottile/mkcert
cookies.clearStateId does not work as intended
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.