aiden
/
pixelfed
mirror of https://github.com/pixelfed/pixelfed
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
12,175 Commits
22 Branches
45 Tags
118 MiB
shleeable-patch-12
shleeable-patch-11
shleeable-patch-10
shleeable-patch-9
shleeable-patch-8
shleeable-patch-7
shleeable-patch-5
shleeable-patch-2
staging
dev
b1
q2
q1
shleeable-patch-6
relationship_active
shleeable-patch-4
shleeable-patch-3
shleeable-patch-1
q3
l10n_staging
groups
vue3
v0.1.9
v0.10.0
v0.10.1
v0.10.10
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.10.6
v0.10.7
v0.10.8
v0.10.9
v0.11.0
v0.11.1
v0.11.10
v0.11.11
v0.11.12
v0.11.13
v0.11.2
v0.11.3
v0.11.4
v0.11.5
v0.11.6
v0.11.7
v0.11.8
v0.11.9
v0.12.0
v0.12.1
v0.12.2
v0.12.3
v0.12.4
v0.12.5
v0.12.6
v0.12.7
v0.5.9
v0.6.0
v0.6.1
v0.7.6
v0.8.0
v0.8.5
v0.8.6
v0.9.0
v0.9.4
v0.9.5
v0.9.6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ac19942083'
${ noResults }
Commit Graph

4 Commits (ac1994208341bbd1a656ca0c0210807210f871eb)

Author SHA1 Message Date
Daniel Supernault 374344754e
Lint 2 months ago
Daniel Supernault 26887c7672
Update OIDC config with comments, and disable tests as we dont have db tests configured 10 months ago
Gavin Mogan 70584b47c5 Fixes for items highlighted by review.ai 
* Consider using `hash_equals()` instead of `==` when comparing the state values to prevent timing attacks:
`abort_unless(hash_equals($request->input('state'), $request->session()->pull('oauth2state')), 400, 'invalid
state');`
* For better data integrity, consider adding a foreign key constraint to the user_id column: `$table-
>foreign('user_id')->references('id')->on('users')->onDelete('cascade');`
* Does the OIDC provider guarantee that the username field exists in the userInfo data? Consider adding a
null check or fallback: `$userInfoData[config('remote-auth.oidc.field_username')] ?? null`
 10 months ago
Gavin Mogan 441c8e0d4c Generic OIDC Support 
* Everything should be configurable by env variables
* Basic request tests
 10 months ago