Comments (1)
@PhilippeChab I think we need to introduce another configuration option, because you cannot use all the custom attributes directly.
In our case, we can allow access to multiple tenants so it's actually tenant_ids
on our side. We'll need to use that configuration option to filter inside matching_token_for
@JeremyC-za I guess we haven't hit yet but is still important to handle. Not sure if we want to handle it in #1660 or a separate PR though 🤔
from doorkeeper.
Related Issues (20)
- Regression with Errors in 5.6.8 HOT 5
- Refreshing a token sending scopes separated by `+` does not work HOT 5
- Cleanup job removes not expired tokens HOT 1
- Different access grants return the same access token with `reuse_access_token` enabled
- Removing active_record_options was a breaking change HOT 1
- `Doorkeeper::AccessToken.find_or_create_for` with empty scopes raises NoMethodError HOT 6
- Token revocation error when token contains null byte. HOT 2
- Doorkeeper is loading ActiveRecord too early HOT 1
- AuthorizedApplications returns the date that the _application_ was created, not the date that the _authorization_ was created HOT 2
- Add GitHub Discussions to the project HOT 1
- Doorkeeper appears to be missing a way to validate client configuration before redirecting to the authentication page HOT 1
- Access tokens should be revoked when multiple attempts are made to exchange the same authorization code
- When introspection is disabled we return 200 for authorized clients via basic auth but 401 for authorized clients via bearer auth HOT 8
- Option to specify supported PKCE code_challenge_methods supported HOT 8
- Doorkeeper's redirect_uri validation is not implemented according to specification
- Refresh Tokens as-implemented are susceptible to Refresh Token Reuse Attacks
- Support for RFC 9207 - OAuth 2.0 Authorization Server Issuer Identification
- Issues getting tests running HOT 3
- Doorkeeper shouldn't generate a secret for public clients HOT 2
- There is no way to refresh an access token without revoking the previous access token
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doorkeeper.