aboutsummaryrefslogtreecommitdiff
path: root/www
Commit message (Collapse)AuthorAgeFilesLines
* QT-1900 Add a CSRF token to the OIDC login flow.Matthias Benkard2015-04-234-13/+51
| | | | | | This improves security by generating a CSRF token, passing it to the OIDC IdP, and validating it afterwards. The token is stored in a cookie reverse-encrypted with MulkyID's private key.
* Support Google OpenID Connect.Matthias Benkard2015-04-233-22/+64
|
* Make reverse-proxyable.Matthias Benkard2015-04-232-6/+2
| | | | | | MulkyID used to be unable to run behind a reverse proxy. This is fixed by using the real_domain configuration value for redirects instead of the domain name sent by the client.
* Make stateless.Matthias Benkard2015-04-235-61/+62
| | | | | | MulkyID does not use session state stored in /tmp anymore. Instead, it uses a cookie encrypted with the private part of the MulkyID instance's RSA key.
* sign.pl: Make $::MULKONF->{real_domain} the issuer.Matthias Benkard2015-04-231-3/+1
|
* Fix bugs introduced by the previous patch.Matthias Andreas Benkard2014-05-137-105/+136
|
* Support Google Apps authentication.Matthias Andreas Benkard2014-05-0410-16/+137
|
* Fix login.Matthias Andreas Benkard2012-10-031-1/+1
|
* Update branding (BrowserID --> Persona).Matthias Andreas Benkard2012-10-032-16/+6
|
* Fix session user matching.Matthias Andreas Benkard2012-10-033-3/+3
|
* Make the configuration map a dynamic variable.Matthias Andreas Benkard2012-10-034-18/+19
|
* Make /etc/aliases optional. Add configurability through setup.pl.Matthias Andreas Benkard2012-10-034-35/+50
|
* Make PEM file location configurable.Matthias Andreas Benkard2012-10-031-3/+7
|
* Move public files to www/.Matthias Andreas Benkard2012-10-037-0/+385