Stephan Renatus

@sagikazarmark Yeah it would also make for a decent middleware piece, sure. 😃

@ericchiang What do you think about this one? While #1020 would resolve our need for using dex for user storage, as long as that's the case, this addition would let...

@ericchiang well, these two are rather complementary... 🤔 Or am I missing something? `VerifyPassword` wouldn't be of much use [for simplifying this](https://github.com/dexidp/dex/pull/1271#issuecomment-423531244), would it?

Thanks for reporting this, and including all that information. 👍 > - making AuthRequest expiry configurable to reduce period in which they could accumulate prior to them being garbage collected...

@mxey `help wanted` or not, exposing that as a configurable seems like a welcome PR to me. 😃

> by using a cookie. One thing to consider here is that cookies are _per browser_, not _per tab_. With the current way of redirecting with a `req=..` parameter, you...

@mxey indeed -- we do the same. But I'm a little uneasy with imposing this on everyone... On a related note, I don't think my previous proposal (JWT authreq) makes...

You're probably correct. The [spec](https://openid.net/specs/openid-connect-discovery-1_0.html) isn't explicit here, I think: > **response_types_supported** > REQUIRED. JSON array containing a list of the OAuth 2.0 response_type values that this OP supports. Dynamic...

Sorry I've dropped the ball here -- just now tried to run this again. 😅 ``` $ echo $SSH_AUTH_SOCK /private/tmp/com.apple.launchd.azCoQjXH1l/Listeners ``` I now get an error still, but it seems...

> Maybe the PR was opened before the runner was up? 🤔 Yes indeed. What can I do now? Close and re-open or open a new one?