Johannes Koch
Johannes Koch
* document backend refinement * throw error for more blocks used in backend refinement --- Reviewer checklist Read PR description: a summary about the changes is required Changelog updated Documentation:...
* make `OAuth2ReqAuth` and `TokenRequest` code more similar * corrected error chaining * don't propagate token request roundtrip errors * add tests --- Reviewer checklist Read PR description: a summary...
Send WWW-Authenticate response header and appropriate status code for unauthorized bearer requests
The OAuth 2.0 Authorization Framework: Bearer Token Usage (This is the RFC defining Bearer Authorization.) Section ["3. The WWW-Authenticate Response Header Field"](https://tools.ietf.org/html/rfc6750#section-3): > If the protected resource request does not...
Implemented OAuth2 client authentication methods `client_secret_jwt` and `private_key_jwt` --- Reviewer checklist Read PR description: a summary about the changes is required Changelog updated Documentation: docs/{Reference, Cli, ...}, Docker and cli...
If an object mapping roles/permissions to (other) permissions (i.e. the value of `beta_roles_map` and `beta_permissions_map`) in a [JWT access control block](https://docs.couper.io/configuration/block/jwt) is quite big, it may be handy to transfer...
https://ossindex.sonatype.org/vulnerability/CVE-2020-7731?component-type=golang&component-name=github.com%2Frussellhaering%2Fgosaml2 > This affects all versions of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures. The document mentions https://github.com/russellhaering/gosaml2/issues/59 which was fixed with...
### Preflight Checklist - [X] I could not find a solution in the documentation, the existing issues or discussions - [X] I have joined the [ZITADEL chat](https://zitadel.com/chat) ### Environment ZITADEL...
I created my own (synchronized) forks of [go-cty](https://github.com/johakoch/go-cty) and [hcl](https://github.com/johakoch/hcl), added the changes that we need (json for go-cty and optional labels for hcl) in separate branches. Then did a...
Couper uses the https://github.com/avenga/hcl fork of https://github.com/hashicorp/hcl. Either * try to incorporate https://github.com/avenga/hcl/pull/2 into https://github.com/hashicorp/hcl, or * stabilize the fork by e.g. regularly updating it and creating a test setup.
Fixed claim validation for array/tuple and object claims --- Reviewer checklist Read PR description: a summary about the changes is required Changelog updated Documentation: docs/{Reference, Cli, ...}, Docker and cli...