| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
This improves security by generating a CSRF token, passing it to the
OIDC IdP, and validating it afterwards. The token is stored in
a cookie reverse-encrypted with MulkyID's private key.
|
|
|
|
|
|
| |
MulkyID used to be unable to run behind a reverse proxy. This is
fixed by using the real_domain configuration value for redirects
instead of the domain name sent by the client.
|
|
|
|
|
|
| |
MulkyID does not use session state stored in /tmp anymore. Instead, it
uses a cookie encrypted with the private part of the MulkyID
instance's RSA key.
|
| |
|
| |
|
| |
|
|
|