openiddict-core

Commit Graph

Author	SHA1	Message	Date
Kévin Chalet	53b38c93f3	Add the OpenIddict endpoints tests	10 years ago
Kévin Chalet	8e92e1467e	Remove OpenIddictModule	10 years ago
Kévin Chalet	9ede71fa12	Introduce OpenIddictBuilder.DisableConfigurationEndpoint() and DisableCryptographyEndpoint()	10 years ago
Kévin Chalet	bc5f21ad26	Remove OpenIddictUser	10 years ago
Kévin Chalet	d8fadc0f99	Decouple OpenIddict from ASP.NET Core Identity	10 years ago
Kévin Chalet	62a0a5e012	React to API changes in aspnet-contrib/AspNet.Security.OpenIdConnect.Server	10 years ago
Kévin Chalet	6c7ff09f01	Remove the email/profile scopes checks	10 years ago
Kévin Chalet	673caa409d	Introduce OpenIddictBuilder.RequireClientIdentification()	10 years ago
Kévin Chalet	59dc31abe6	Introduce an OpenIdConnectRequest/OpenIdConnectResponse model binder	10 years ago
Kévin Chalet	12af8067f8	Remove the internal CanSignInAsync/IsLockedOutAsync checks	10 years ago
Kévin Chalet	599d707081	Introduce OpenIddictBuilder.UseDataProtectionProvider()	10 years ago
Kévin Chalet	aa6a82e85e	Update OpenIddictProvider to allow using custom grant types	10 years ago
Kévin Chalet	94f1189592	Remove OpenIddictMiddleware and the parameterless OpenIddictBuilder.EnableAuthorizationEndpoint() overloads	10 years ago
Kévin Chalet	1ac09594d1	Add an OpenIddictBuilder.AddEphemeralSigningKey() overload accepting an algorithm name	10 years ago
Kévin Chalet	383b1e0f9c	Introduce parameterless OpenIddictBuilder.EnableEndpoint() extensions	10 years ago
Kévin Chalet	92122c11b0	Remove the built-in logout handling feature	10 years ago
Kévin Chalet	1db3779ab3	Allow handling grant_type=password and grant_type=client_credentials requests in user code and introduce OpenIddictMiddleware	10 years ago
Kévin Chalet	2b2ac8b884	Introduce OpenIddictBuilder.AddSigningKey()	10 years ago
Kévin Chalet	5fe563d80d	Introduce new OpenIddictOptions extensions	10 years ago
Kévin Chalet	ce61ab5779	Relax the authorization request validation policy to allow confidential clients to partially use the hybrid flow	10 years ago
Kévin Chalet	76d9b62571	Reject authorization requests that specify code_challenge_method=plain or use an inappropriate response type	10 years ago
Kévin Chalet	113176d023	Extend request_id to the logout endpoint and update AuthorizationController to only flow the request_id instead of the entire payload	10 years ago
Kévin Chalet	b96fa64f44	Update OpenIddict.Core to target the ASOS beta7 nightly builds	10 years ago
Kévin Chalet	aac69a011c	Fix the invalid type check in OpenIddictBuilder.AddUserStore()	10 years ago
Kévin Chalet	7f646c8554	Throw an exception when no signing key is explicitly registered and introduce OpenIddictBuilder.AddEphemeralSigningKey()	10 years ago
Kévin Chalet	9bea36b96a	Fix the incorrect redirection in OpenIddictProvider.HandleAuthorizationRequest	10 years ago
Kévin Chalet	8ee541cece	Introduce OpenIddictBuilder.SetAuthorizationCodeLifetime()/SetIdentityTokenLifetime()	10 years ago
Kévin Chalet	05a69e3131	Introduce a list of supported grant types	10 years ago
Kévin Chalet	28fe95f7db	Disable the authorization/introspection/logout/revocation/token/userinfo endpoints by default	10 years ago
Kévin Chalet	574d8b770a	Skip scope validation when the profile corresponding to the logged in user cannot be found in the database	10 years ago
Kévin Chalet	bd81a9240d	Introduce OpenIddictBuilder.AddUserManager()/AddUserStore()	10 years ago
Kévin Chalet	696b883d4d	Replace the internal error handling logic by the status code pages stack	10 years ago
Kévin Chalet	289b18045b	Replace ISession by IDistributedCache and extend request_id handling to GET requests	10 years ago
Kévin Chalet	4e225db73b	Remove OpenIddict.Mvc, OpenIddict.Assets and OpenIddict.Security	10 years ago
Kévin Chalet	c1d1d426d2	Update OpenIddictProvider.ValidateRevocationRequest to skip request validation when client authentication cannot be enforced	10 years ago
Kévin Chalet	492f647d84	Expose the supported scopes via the provider metadata endpoint	10 years ago
Kévin Chalet	81a836a447	Reject grant_type=client_credentials requests with an OpenIddict-specific message when the client credentials are missing	10 years ago
Kévin Chalet	9f27be57ec	Update OpenIddictProvider.ValidateTokenRequest to skip request validation when client authentication cannot be enforced	10 years ago
Kévin Chalet	34fa0c1eb5	Implement POST authorization requests support using user sessions	10 years ago
Kévin Chalet	154fa490b7	Implement automatic authorization code revocation	10 years ago
Kévin Chalet	9b54678e26	Reject authorization requests that include a request/request_uri parameter	10 years ago
Kévin Chalet	3082ba9752	Reject authorization requests that don't specify a standard response_type/response_mode	10 years ago
Kévin Chalet	dced1cd8fe	Migrate to the .NET Core/ASP.NET Core RTM packages	10 years ago
XperiAndri	fd7420c445	Rename OpenIddictContext to OpenIddictDbContext	10 years ago
XperiAndri	4a3b84ddb5	Introduce OpenIddictApplication.ClientId to separate the public client identifier from the internal primary key	10 years ago
Kévin Chalet	759df0c0d3	Reject introspection requests when the caller is not listed as a valid audience	10 years ago
Kévin Chalet	e4019e8a1d	Implement ValidateUserinfoRequest and GrantAuthorizationCode to reject invalid tokens more gracefully	10 years ago
Massimiliano Donini	758e1266af	Introduce new log messages in OpenIddictProvider and throw exceptions when appropriate	10 years ago
Kévin Chalet	1bde9c2cf5	Introduce OpenIddictUserManager and add OpenIddictToken/OpenIddictUser/OpenIddictApplication relationships support	10 years ago
Kévin Chalet	5abedfb75d	Reject grant_type=client_credentials requests specifying scope=offline_access	10 years ago

1 2 3

150 Commits (c26907bd968f7246edb82042efccd6614bd8bd2f)