-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Enforce pkce only public client #1874
feat: Enforce pkce only public client #1874
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! You still need to add it to the config schema: https://github.com/ory/hydra/blob/master/.schema/config.schema.json#L720
f7d4180
to
a111e58
Compare
3ca4b38
to
1f46722
Compare
@aeneasr I've done! CI job Could you review this PR again? |
will resolve the nancy issue! |
go.mod
Outdated
@@ -20,34 +21,37 @@ require ( | |||
github.com/google/uuid v1.1.1 | |||
github.com/gorilla/securecookie v1.1.1 | |||
github.com/gorilla/sessions v1.2.0 | |||
github.com/gorilla/websocket v1.4.2 // indirect |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Re-add this for nancy to pass
Signed-off-by: sawadashota <xiootas@gmail.com>
Signed-off-by: sawadashota <xiootas@gmail.com>
Signed-off-by: sawadashota <xiootas@gmail.com>
Signed-off-by: sawadashota <xiootas@gmail.com>
Signed-off-by: sawadashota <xiootas@gmail.com>
Signed-off-by: sawadashota <xiootas@gmail.com>
e99ffe5
to
d747d7b
Compare
Now all tests are passed! |
Thank you for the great work! |
Proposed changes
Enforce pkce only public client.
Checklist
vulnerability. If this pull request addresses a security. vulnerability, I
confirm that I got green light (please contact
security@ory.sh) from the maintainers to push
the changes.
works.
Further comments