Firstyear
Firstyear
It's not a bug, you are not intended to be able to customise the challenge as there are subtle security invariants that customisation can violate.
Non-attested passkeys don't provide an AAGUID so we have nothing to expose here (in fact, browsers actually strip it when they perform nav.cred.get() ). There is a w3c issue for...
@PoirotConstruction This error comes from https://github.com/kanidm/kanidm/blob/master/server/lib/src/idm/oauth2.rs#L2307 and it's a fall back for legacy tokens that we issued which were encrypted, not jwts. However, now tokens are expected to be jwts...
Because what you get back from that request isn't a token, it's a json struct that *contains* the token. See https://github.com/kanidm/kanidm/blob/master/proto/src/oauth2.rs#L190 and https://www.rfc-editor.org/rfc/rfc6749#section-4.1.4 So you need to parse that and...
The issue here is the OAuth2 specification: https://www.rfc-editor.org/rfc/rfc6749#section-7 """ The resource server MUST validate the access token and ensure that it has not expired and that its scope covers the...
We're about to release 1.4 in ~2 weeks, so I think it may not be worth the rush.
We have recently setup https://github.com/kanidm/kanidm_ppa so I see no issue in providing similar for kanidm_aur and giving the relevant maintainers ownership. @yaleman do you agree?
> > for orca, how do we build without it? i see it is not [mentioned in the build script](https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=kanidm) which does: > > Yeah it should already not build...
@yaleman Did you want to do the github repo creationing? Or should I? I know you have some stuff re security you setup.
@cuberoot74088 Yaleman is currently busy for a few days, but I'll leave it to them to setup the git repo for you if that's okay.