Sean Johnson
Sean Johnson
Is there any chance of getting KVM or libvirt support in the future?
We should attempt to add unit and integration tests for this. It would make pushing new releases easier. But, the only problem I can see is building forked sources since...
From the way RFC 6749 reads, client credentials style grant is similar to resource owner password credentials grant, but provides more flexibility. With the client credentials grant, the main differences...
Around access.lua#L429, we should be able to add an ngx.req.set_header call to set a header (`X-LSSO-Session` -- but configurable?) so that the upstream service can use that as an auth...
Exactly as it sounds -- I want to support U2F registration and auth in the typically lsso workflow.
This is something to keep in the mind for the future and partially take care of now. The access token API call should be able to be toggled via a...
When creating a new session for a scoped location, ensure that we not only request a token for the location's specified scope, but also for the `config.oauth_auth_scope` to keep the...
There needs to be some way of testing various parts of the codebase. Both functional and "production" tests need to be run. Maybe this warrants a small Docker-based build with...
Similar to PR #196, but for other languages that need a simple, standalone, constant-time secure comparison function. --------- `secureCompare` for Ruby: ``` # Run a constant-time comparison against two strings...