Skip to content

Commit

Permalink
Chore rebase (#4)
Browse files Browse the repository at this point in the history 
* upgrade openid_connect dependency

* fix mocha deprecation warning

* tweak travis settings

* Fix tests, update some dependencies

* Fix warnings

* Allows ui_locales, claims_locales and login_hint as request params

Ref:
[http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest](http://openid.net/specs/openid-connect-core-1_0.html#AuthRequest)
These params are allowed to be used during Authentication request.

* forward `params` call to `request.params`

* RP-Initiated Logout phase (#5)

* Add logout phase

* Avoid to make a discover for each other_phase call

* avoid using match when MatchData is not used

* Make uid label configurable (#11)

* add partner option

* fix: Gracefully handle state mismatch (#6)
  • Loading branch information
@bcarr092 @miguelakira
bcarr092 authored and miguelakira committed May 8, 2019
1 parent ee51a1a commit b0ad38b
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,16 +52,16 @@ Configuration details:
is valid. There are plans to bring in implicit flow and hybrid flow at some
point, but it hasn't come up yet for me. Those flows aren't best practive for
server side web apps anyway and are designed more for native/mobile apps.
* If you want to pass `state` paramete by yourself. You can set Proc Object.
* If you want to pass `state` paramete by yourself. You can set Proc Object.
e.g. `state: Proc.new { SecureRandom.hex(32) }`
* `nonce` is optional. If don't want to pass "nonce" parameter to provider, You should specify
`false` to `send_nonce` option. (default true)
* Support for other client authentication methods. If don't specified
`:client_auth_method` option, automatically set `:basic`.
* Use "OpenID Connect Discovery", You should specify `true` to `discovery` option. (default false)
* In "OpenID Connect Discovery", generally provider should have Webfinger endpoint.
If provider does not have Webfinger endpoint, You can specify "Issuer" to option.
e.g. `issuer: "https://myprovider.com"`
If provider does not have Webfinger endpoint, You can specify "Issuer" to option.
e.g. `issuer: "https://myprovider.com"`
It means to get configuration from "https://myprovider.com/.well-known/openid-configuration".
* The uid is by default using the `sub` value from the `user_info` response,
which in some applications is not the expected value. To avoid such limitations, the uid label can be
Expand Down

0 comments on commit b0ad38b

Please sign in to comment.