Isekai-Project
/
isekai-openid-connect-generic
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
57 Commits
1 Branch
0 Tags
1.4 MiB
isekai
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2655668089'
${ noResults }
Commit Graph

8 Commits (2655668089cd4780acef4ff54caac3025e82bdee)

Author SHA1 Message Date
Raif Atef a47f6d2bfc Refresh tokens when needed instead of logging out when access_token expires. 
- refresh_token + access_token expiry is sent via encrypted cookie to the browser.
- If cookie is missing or invalid, user is logged out.
- If last access token expired, use refresh token to fetch a new one and send a new cookie.
- If token refresh fails, user is logged out.
- Cookie encryption is with per-user random key stored in user meta.
- Encryption and key generation done using https://github.com/defuse/php-encryption
- Updated autoloader function to support loading namespaced classes.
 8 years ago
Raif Atef d8a043a6c7 Make token_type check in validate_token_response case-insensitive (Fixes issue #15). 8 years ago
wgengarelly 08d9f58d0d When requesting userinfo, send the access token using the Authorization header field as recommended in section 5.3.1 of the specs. 9 years ago
daggerhart 4db956c119 bug: wrong variable as error data 9 years ago
Jonathan Daggerhart ada93ba4f3 Added setting for http_response_timeout 9 years ago
Jonathan Daggerhart 9b2dd29659 Method comments, and unique errors 10 years ago
Jonathan Daggerhart c646078421 refactoring some internal settings for clarity 10 years ago
Jonathan Daggerhart 2e3167fa20 major refactor to separate responsibility 10 years ago