admin/Authentication
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50 Commits 1 Branch 0 Tags
ed8ce2903883a4242436c3241d0e326e8430abfd
Commit Graph

50 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
admin ed8ce29038 Merge branch 'rsa' into 'main' 
fix(jwt): make role claims consistent with /me and correct additional_role_id

See merge request psa/uess/authn!2
 2026-02-26 10:45:56 +08:00
admin 2f9ac51570 fix(jwt): make role claims consistent with /me and correct additional_role_id 
derive JWT roles from FetchUserByEmail (not GetRoleIDsFromEmail)
keep /me primary role as role_id
exclude primary role from additional_role_id (empty if no extra roles)
add project-to-role debug logs for role source tracing
 2026-02-26 10:45:32 +08:00
admin 2325b0827d Merge branch 'rsa' into 'main' 
Rsa

See merge request psa/uess/authn!1
 2026-02-25 16:24:59 +08:00
admin 0017432deb fix payload 2026-02-25 16:22:10 +08:00
admin 5d94c28378 fixed clearing of csrf and refresh tokens 2026-02-20 14:41:19 +08:00
admin ed2eb67912 fixed query 2026-02-20 14:18:25 +08:00
admin b255873767 test 2026-02-20 14:12:49 +08:00
admin 732ed73d4f added for csrf 2026-02-18 14:17:48 +08:00
admin f74c84df03 fixed csrf 2026-02-18 10:33:42 +08:00
admin 7020e16a97 added setting of csrf 2026-02-18 10:16:56 +08:00
admin b2b7cacaa6 updated query 2026-02-16 10:21:44 +08:00
admin 6821a32490 removed comment 2026-02-16 08:59:37 +08:00
admin fee314870d feat(auth): support multiple user roles in JWT and services 
- Change JWT access token RoleID claim from int to []int to support multiple roles per user
- Update all token generation and refresh logic to handle multiple role IDs as []int
- Refactor services to return and process multiple role IDs from user_roles table
- Fix OAuth state handling explanation and improve code comments
- Clean up related function signatures and usages for consistency
 2026-02-03 16:35:08 +08:00
admin f4b8651a5c fixed multiple roles! 2026-02-03 11:01:48 +08:00
admin 98f1705f72 fix 2026-01-27 13:20:03 +08:00
admin ac0ff00880 fix tests 2026-01-27 10:58:24 +08:00
admin 8af97e970a added error message 2026-01-26 10:36:49 +08:00
admin 33c59d1c6d added csrf 2026-01-21 13:41:15 +08:00
admin 7caf9b069d added forgot password 2026-01-21 11:12:46 +08:00
admin 18c845ddc8 added redirect if there's no email found in the system 2026-01-21 09:27:15 +08:00
admin a453d4b5af fixed error message if there's no email address found in the server 2026-01-15 13:51:29 +08:00
admin e2844df53b removed the snippet where it checks the authorization in authentication, authn is purely checking if the user is registered in db 2026-01-14 08:25:19 +08:00
admin 9af3e50011 fixed dereferencing of FetchedRedirectURI 2026-01-07 16:32:05 +08:00
admin de1361c20e fixed allowedRedirectURI 2026-01-07 15:40:53 +08:00
admin 2f1debaa96 added logging 2026-01-07 15:32:30 +08:00
admin 78c384055b removed unused variable 2026-01-07 15:27:32 +08:00
admin cd2c4cccb7 fixed error message 2026-01-07 15:27:23 +08:00
admin 1c443649d3 fixed redirect_uri logic 2026-01-07 15:21:01 +08:00
admin bfdfbba53e fixed logic 2026-01-07 14:42:05 +08:00
admin d91e4e57c8 added redirect_uri fetching from query param 2026-01-07 13:21:21 +08:00
admin ec18a6cacd added whitelisting of redirect 2026-01-07 13:20:24 +08:00
admin c8e873cbc1 add another check before generating a token for the used email 2026-01-06 09:19:15 +08:00
admin 4068992e06 fix 2026-01-06 09:11:28 +08:00
admin 679a7a9a42 removed redirec t 2026-01-06 09:07:24 +08:00
admin 744796a4b1 added logging 2026-01-05 16:03:53 +08:00
admin 81d3c5a3bd added health routes 2026-01-05 14:41:25 +08:00
admin c69a33dfd8 fixed 2026-01-05 14:06:03 +08:00
admin bf75cffb57 fix unable to find metricsPath 2026-01-05 14:00:12 +08:00
admin d92a05407c fixed 2026-01-05 13:13:07 +08:00
admin 47f32c9f2e used RSA instead of HMAC signing 2026-01-05 10:44:23 +08:00
admin 0a7694ef85 ignored .key 2026-01-05 10:43:42 +08:00
admin e54d121558 adjusted to fit the URS for JWT expiration time 2026-01-05 09:40:48 +08:00
admin ee45b546a3 added fetching of role_id 2025-12-18 10:25:04 +08:00
admin 8c67cd38e7 fixed 2025-12-15 14:10:10 +08:00
admin 44f7ddc1e3 fixed 2025-12-15 10:39:13 +08:00
admin adb0f59b23 authentication requests from authorization microservice 2025-12-09 15:43:48 +08:00
admin 7c87114b30 fixed 2025-11-26 11:31:09 +08:00
admin dd38813636 fixed 2025-11-26 11:31:02 +08:00
admin 00250fb7c3 fixed sonarqube issues 2025-11-25 15:18:13 +08:00
admin 052c7e0cca init commit 2025-11-25 15:12:31 +08:00