Benjamin Foote
Benjamin Foote
I see this being implemented after #41 @prateek2408 are you interested in working on this feature along with #41? PRs welcome.
That's wonderful @prateek2408. Do let me know if I can be of assistance.
@simongottschlag I'm going to reopen this one. I'm pushing on #41 OIDC discovery right now and hope to tackle some aspect of this at the same time.
@danielewood thanks much for the contribution to VP and the effort. Always appreciated. I keep on looking at VerifyUser and wonder where that really should be headed. There's confusion (even...
@kthare10 could you clarify your usage of the refresh token? Are you hoping to use the refresh token to directly access the IdP to get a new access token? Should...
@badstreff @shabe @kthare10 at this point we're leaning against including the passing of Refresh Tokens to protected sites/apps, though we're willing to be convinced. The thinking is, if the app...
FWIW I'm more interested in #149 having VP do the refresh, but then there's the question of "where to keep the refresh token" and various other aspects of triggering the...
@rhansen Thanks for opening this issue. There has been talk from time to time of moving to `sub` and it's clearly the right choice. I know you've tested the PR...
@rhansen sorry for the delay in reviewing this PR Unfortunately #310 breaks `github` support. All of the `GetUserInfo` calls should be audited for each provider to ensure that `User.Sub` is...
@rhansen I've added the Sub adjustment for `github` and a rudimentary fix in `structs.PrepareUserData` but it should still be looked at a bit closer IMHO.