omniauth-jwt
omniauth-jwt copied to clipboard
mbleigh
An OmniAuth strategy that uses JSON Web Token for Single Sign-On
Authentication server implementations may differ. These options allow a bit more flexibility in handling server responses by allowing for the callback jwt parameter name to be customised, and for user...
```shell $ curl -sO https://rubygems.org/downloads/omniauth-jwt-0.0.2.gem $ gem unpack omniauth-jwt-0.0.2.gem Unpacked gem: '/Users/richardc/src/omniauth-jwt-0.0.2' $ find omniauth-jwt-0.0.2 -ls 8600003236 0 drwxr-xr-x 13 richardc staff 416 27 Mar 18:01 omniauth-jwt-0.0.2 8600003241 8 -rw-r--r--...
Correct me if I'm wrong, but is it unsecured to include the token in the redirection url? Any host standing in between may intercept and extract the token at will.
Hi, you should consider to update your gemspec as your gem is likely to break with jwt 1.0 due to the following commit: https://github.com/progrium/ruby-jwt/blob/master/lib/jwt.rb#L106 The `decode` method now returns an...
- Compatibility with JWT 2.0 (from [Aha's fork](https://github.com/aha-app/omniauth-jwt)) - Compatibility with JWT 2.2 (from [Discourse's renamed fork](https://github.com/discourse/discourse-omniauth-jwt)) - Compatibility with OpenSSL 3.0 (from [GitLab's vendored fork](https://github.com/gitlabhq/gitlabhq/blob/master/lib/omni_auth/strategies/jwt.rb)) - some additional fixes...
