David Ramos

icon indicating a website link www.linkedin.com/in/david-ramos-phd icon indicating an email [email protected]

icon company Figma icon location San Francisco, CA icon location Projects owned by this account are personal and not affiliated with my employer.

Results 148 comments of David Ramos

4.0 stabilization

[4.0.0-rc.1](https://crates.io/crates/openidconnect/4.0.0-rc.1) is now released, so the API is considered stable (i.e., no further breaking changes) for 4.x. If there are no further bugs filed in the next few weeks I'll...

Add examples for non-oidc-provider providers mentioned in README

> GitHub, Google, GitLab, Microsoft, Apple, Discord, and many other providers. Ah whoops, I think I was confusing GitHub's support for OIDC [from within Actions](https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-cloud-providers) for its own API auth,...

Add examples for non-oidc-provider providers mentioned in README

I updated the README for accuracy in fcada1718118cfebfaa874e8b1920cd1dbc2b358. Thanks for pointing out those issues! I was too hasty in adding those a few weeks ago.

How to remember prior-login url?

I'd suggest using the `state` value to carry arbitrary payload in addition to a CSRF token (e.g., as a base64url-encoded JSON blob). The OIDC provider will include the `state` you...

How to request non-standard claims for id_token

Hey @jgiacomoni, This can currently be done using [`AuthorizationRequest::add_extra_param`](https://docs.rs/openidconnect/latest/openidconnect/struct.AuthorizationRequest.html#method.add_extra_param), where `claims` is the name and the serialized JSON is the value. The value will be URL-encoded automatically, so just pass...

Decouple fetching of openid-configuration and JWKS

I think the current behavior is a sensible default for most use cases. For special use cases, I'd suggest fetching the `openid-configuration` manually (since it's a simple HTTP GET request)...

sha2: bump to pre-release 0.11.0-pre.3

is there a vulnerability or something that justifies bumping the dependency to a pre-release version?

Add support for RFC 9068

See https://github.com/ramosbugs/openidconnect-rs/issues/160#issuecomment-2063885944 JWT functionality adds significant complexity that I don't want to add as a maintenance burden to this crate. Instead, it can be built as a separate crate on...

Change the scopes for the google example

Hey, thanks for the PR. I'd prefer not to add `openid` to the examples in this crate since the `openidconnect` crate is specifically intended for this use case and already...

Change the scopes for the google example

Yeah I agree. The examples should do a better job of documenting how to set up the corresponding provider to work with each example.