Nov Matake
Nov Matake
In `unauthorized_client` case, the combination of client_id & redirect_uri should be valid but the client isn't allowed to use the response_type. and `invalid_client` is error token response, not error authorization...
it allows optional caching by setting something like ```ruby JSON::JWK::Set::Fetcher.cache = Rails.cache ```
Since Yahoo! JAPAN starts rejecting UserInfo API access for some RPs, this gem shouldn't rely on the API access.
The default hash algorithm used in `ActiveSupport::KeyGenerator` changed from SHA1 to SHA256. It affects `ActiveRecordEncryption::Encryptor::ActiveSupport` and causes `ActiveSupport::MessageVerifier::InvalidSignature` when accessing to an attribute encrypted using SHA1.
with the latest i18n-tasks gem, defining those keys ```yml ja: foo: one: いち ``` ```yml en: foo: one: One ``` then `others` are detected as missing, even when it's not...
in my application, `rails_semantic_logger` gem is loaded before `rackup` gem is loaded. it causes `Rack::Server is deprecated and replaced by Rackup::Server` warning. to stop that warning, I had to specify...
only specs
Y!J start refusing UserInfo API access for many RPs. However this gem requires UserInfo API access for all RPs. Make it optional. ps. For now, I have a fork for...
same with https://github.com/omniauth/omniauth_openid_connect/pull/124 when passing `OpenIDConnect::Discovery::Provider::Config::Response` instance to `OpenIDConnect::ResponseObject::IdToken.decode`, it fetches JWK Set using `JSON::JWK::Set::Fetcher`. `JSON::JWK::Set::Fetcher` tries to cache JWKS by given `kid` when `JSON::JWK::Set::Fetcher.cache` is setup like below. ```ruby...