Timshel
Timshel
@BlackDex thinking on it I don´t think the semi-supported branch is a good idea. Main issue for people running this branch is that there might be some change in the...
Rebased and added the @BlackDex suggestion in https://github.com/dani-garcia/vaultwarden/pull/3154#issuecomment-1722179002 to make the `SSO button` visible when running the [docker-compose](https://github.com/Timshel/vaultwarden/tree/sso-support/test/oidc#readme).
@BlackDex Hey [fixed](https://github.com/dani-garcia/vaultwarden/pull/3899/commits/9ce3d5f699c5d2673d7a77d52309f890c5415751) an issue with the upgrade to [jsonwebtoken=9.0.0](https://github.com/dani-garcia/vaultwarden/blob/ecb31c85d68202f9d215c8ce12939158fb858af9/Cargo.lock#L1551): - https://github.com/Keats/jsonwebtoken/pull/332 make the audience mandatory No idea if it might not have similar issue in [auth.rs](https://github.com/dani-garcia/vaultwarden/blob/main/src/auth.rs#L52). @realSaltyFish Hey, good...
@realSaltyFish nothing crazy but would probably need : - First read the locale from the user, the `accept-language` is probably set by the front-end. - Then if it's missing or...
> What I haven't tried yet is if it works to migrate users from standard accounts to SSO if the names/emails match. @Blackclaws as long as the `email` match there...
When discussed with @BlackDex we thought that 7 days might be an appropriate value for the `refresh_token` expiration. Had some feedback on it, and it might be a bit short,...
> Also, how is this linked to the refresh roll PR? This is a superset of the refresh roll PR, the same logic of changing the device token is used...
A yes when unlocking I don't believe any call is done to the `refresh` endpoint, so there should be no issue/change.
Removed the rolling of the device token since it caused issues when the web client called the refresh token endpoint in parallel.
Since it's using docker to run `MaridaDb` and `Postgres` no idea how easy it is to integrate. Additionally the SSO version use `docker-compose` :(