aiden
/
pixelfed
mirror of https://github.com/pixelfed/pixelfed
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,176 Commits
23 Branches
44 Tags
111 MiB
shleeable-patch-17
shleeable-patch-18
shleeable-patch-16
shleeable-patch-15
shleeable-patch-14
shleeable-patch-13
shleeable-patch-12
shleeable-patch-11
shleeable-patch-10
shleeable-patch-9
shleeable-patch-8
shleeable-patch-3
shleeable-patch-2
dev
staging
l10n_staging
shleeable-patch-1
shleeable-patch-4
shleeable-patch-7
shleeable-patch-6
shleeable-patch-5
groups
vue3
v0.1.9
v0.10.0
v0.10.1
v0.10.10
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.10.6
v0.10.7
v0.10.8
v0.10.9
v0.11.0
v0.11.1
v0.11.10
v0.11.11
v0.11.12
v0.11.13
v0.11.2
v0.11.3
v0.11.4
v0.11.5
v0.11.6
v0.11.7
v0.11.8
v0.11.9
v0.12.0
v0.12.1
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.12.6
v0.5.9
v0.6.0
v0.6.1
v0.7.6
v0.8.0
v0.8.5
v0.8.6
v0.9.0
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'dev'
${ noResults }
Commit Graph

4 Commits (dev)

Author SHA1 Message Date
Daniel Supernault 374344754e
Lint 4 weeks ago
Daniel Supernault 26887c7672
Update OIDC config with comments, and disable tests as we dont have db tests configured 9 months ago
Gavin Mogan 70584b47c5 Fixes for items highlighted by review.ai 
* Consider using `hash_equals()` instead of `==` when comparing the state values to prevent timing attacks:
`abort_unless(hash_equals($request->input('state'), $request->session()->pull('oauth2state')), 400, 'invalid
state');`
* For better data integrity, consider adding a foreign key constraint to the user_id column: `$table-
>foreign('user_id')->references('id')->on('users')->onDelete('cascade');`
* Does the OIDC provider guarantee that the username field exists in the userInfo data? Consider adding a
null check or fallback: `$userInfoData[config('remote-auth.oidc.field_username')] ?? null`
 9 months ago
Gavin Mogan 441c8e0d4c Generic OIDC Support 
* Everything should be configurable by env variables
* Basic request tests
 9 months ago