Boy Baukema

@pmeulen I mean primarily for verifying a HTTP-POST signature. Most implementations (like SSP) will send the public key they used to sign the message (I think that is not obligatory,...

@DRvanR thoughts?

Good point!

Unfortunately work on this has halted due to budget constraints. A patch was developed on the master branch (post 1.12, pre 2.0 / 1.13), backported to 1.10 and verified with...

I don't think it currently supports OpenID Connect, but I'd like to see it though...

 @nennete I hacked https://github.com/bshaffer/oauth2-server-php at the time but I only needed a Proof Of Concept.

@xrowkristina I'm afraid I no longer have access to that code base.

SAML2 Service Providers should have an entityid, just add the following to the settings ( https://github.com/jpf/okta-pysaml2-example/blob/master/app.py#L97 ): ``` 'entityid': 'https://example.com/sp/metadata', ``` Or some unique URL on the applications domain (ideally...

As far as I can see this was not fixed. Maybe @Good-man saw https://github.com/isaacs/inflight/issues/5#ref-pullrequest-574816991 and thought it meant a fix was applied?

In https://github.com/isaacs/node-glob/issues/435 @isaacs mentioned that newer versions of glob >= 9 no longer use `inflight`. The remediation for those using older versions of glob would then, presumably be, to upgrade...