Gabriel Zachmann
Gabriel Zachmann
When doing the device flow iam requires authentication by posting client id and client secret to the token endpoint when looking up the device code. However, this should work without...
After the success of auto-load (auto oidc-add), the newest idea is auto-gen (auto oidc-gen). ## Context 1. Client requests an AT for a specific OP, e.g. with `oidc-token https://op.example.org` -...
Currently, the oidc-agent project does not have real user configuration files. There are config files such as `issuer.config`, `pubclients.config` but those are more data files than config files. The primary...
From #406 raised the idea to have an option to specify per OP or per account configuration whether the encryption password should be stored or not. The most straightforward way...
When setting a custom memory allocator and deallocator using https://github.com/cisco/cjose/blob/9261231f08d2a3cbcf5d73c5f9e754a2f1c379ac/src/util.c#L60 it is also applied to json. In https://github.com/cisco/cjose/blob/254ab05e04cc32d866712bea838990eb4011cbf5/src/jws.c#L54-L65 `json_dumps` allocatos `hdr_str` using the custom allocator. However later `hdr_str` is freed...
Replace calls to `free` with `cjose_get_dealloc()` in `_cjose_jws_build_hdr`