Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / tlodderstedt/oauth2 issues and pull requests

#57 - JWT introspection response 04 security consideration edits

Pull Request - State: closed - Opened by vdzhuvinov over 5 years ago

#57 - JWT introspection response 04 security consideration edits

Pull Request - State: closed - Opened by vdzhuvinov over 5 years ago

#56 - Fix a typo

Pull Request - State: closed - Opened by SECtim over 5 years ago

#56 - Fix a typo

Pull Request - State: closed - Opened by SECtim over 5 years ago

#55 - Potential Mix-Up between user and client ids

Issue - State: closed - Opened by tlodderstedt over 5 years ago - 1 comment

#55 - Potential Mix-Up between user and client ids

Issue - State: closed - Opened by tlodderstedt over 5 years ago - 1 comment

#54 - Attacker model: Make clear that a message that leaks can be stopped by attacker.

Issue - State: closed - Opened by danielfett almost 6 years ago - 1 comment

#54 - Attacker model: Make clear that a message that leaks can be stopped by attacker.

Issue - State: closed - Opened by danielfett almost 6 years ago - 1 comment

#53 - PKCE is currently optional for AS - can be ignored!

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 4 comments

#53 - PKCE is currently optional for AS - can be ignored!

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 4 comments

#52 - Discourage use of Resource Owner Password Credentials Grant Type

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 2 comments

#52 - Discourage use of Resource Owner Password Credentials Grant Type

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 2 comments

#51 - state must be integrity protected

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 2 comments

#51 - state must be integrity protected

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 2 comments

#50 - Double recommendation for PKCE and (PKCE or Client Auth)?

Issue - State: closed - Opened by danielfett almost 6 years ago - 1 comment

#50 - Double recommendation for PKCE and (PKCE or Client Auth)?

Issue - State: closed - Opened by danielfett almost 6 years ago - 1 comment

#49 - Table of Content w/ links

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 3 comments

#49 - Table of Content w/ links

Issue - State: closed - Opened by tlodderstedt almost 6 years ago - 3 comments

#47 - "It is also recommended to use end-to-end TLS whenever possible."

Issue - State: closed - Opened by danielfett about 6 years ago - 2 comments

#47 - "It is also recommended to use end-to-end TLS whenever possible."

Issue - State: closed - Opened by danielfett about 6 years ago - 2 comments

#46 - Dfett/attacker model

Pull Request - State: closed - Opened by danielfett about 6 years ago - 2 comments

#46 - Dfett/attacker model

Pull Request - State: closed - Opened by danielfett about 6 years ago - 2 comments

#45 - Tlodderstedt/refresh tokens

Pull Request - State: closed - Opened by tlodderstedt about 6 years ago

#45 - Tlodderstedt/refresh tokens

Pull Request - State: closed - Opened by tlodderstedt about 6 years ago

#44 - attacker model

Issue - State: closed - Opened by tlodderstedt about 6 years ago

#44 - attacker model

Issue - State: closed - Opened by tlodderstedt about 6 years ago

#43 - text on request/response protection?

Issue - State: open - Opened by tlodderstedt about 6 years ago - 1 comment

#43 - text on request/response protection?

Issue - State: open - Opened by tlodderstedt about 6 years ago - 1 comment

#42 - text on client authentication

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 5 comments

#42 - text on client authentication

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 5 comments

#41 - PKCE Chosen Challenge Attacks

Issue - State: open - Opened by tlodderstedt about 6 years ago - 8 comments

#41 - PKCE Chosen Challenge Attacks

Issue - State: open - Opened by tlodderstedt about 6 years ago - 8 comments

#40 - Add implementation consideration to RT section

Issue - State: closed - Opened by tlodderstedt about 6 years ago

#40 - Add implementation consideration to RT section

Issue - State: closed - Opened by tlodderstedt about 6 years ago

#39 - Use PKCE instead of State for CSRF protection

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 6 comments

#39 - Use PKCE instead of State for CSRF protection

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 6 comments

#38 - rework text on implicit and co

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 9 comments

#38 - rework text on implicit and co

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 9 comments

#37 - text about SPAs and secrets

Issue - State: open - Opened by tlodderstedt about 6 years ago
Labels: spa bcp

#37 - text about SPAs and secrets

Issue - State: open - Opened by tlodderstedt about 6 years ago
Labels: spa bcp

#36 - text on 3rd party libraries and TLS-based sender constraint methods

Issue - State: open - Opened by tlodderstedt about 6 years ago - 2 comments
Labels: spa bcp

#36 - text on 3rd party libraries and TLS-based sender constraint methods

Issue - State: open - Opened by tlodderstedt about 6 years ago - 2 comments
Labels: spa bcp

#35 - Which PKCE mode?

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 2 comments

#35 - Which PKCE mode?

Issue - State: closed - Opened by tlodderstedt about 6 years ago - 2 comments

#34 - Dfett/changes

Pull Request - State: open - Opened by danielfett over 6 years ago - 2 comments

#34 - Dfett/changes

Pull Request - State: open - Opened by danielfett over 6 years ago - 2 comments

#33 - added section on refresh token protection

Pull Request - State: closed - Opened by tlodderstedt over 6 years ago

#33 - added section on refresh token protection

Pull Request - State: closed - Opened by tlodderstedt over 6 years ago

#32 - Proposal for CSRF and replay prevention.

Pull Request - State: closed - Opened by danielfett over 6 years ago - 3 comments

#32 - Proposal for CSRF and replay prevention.

Pull Request - State: closed - Opened by danielfett over 6 years ago - 3 comments

#31 - Dfett/security topics 05 feedback

Pull Request - State: closed - Opened by danielfett over 6 years ago - 2 comments

#31 - Dfett/security topics 05 feedback

Pull Request - State: closed - Opened by danielfett over 6 years ago - 2 comments

#29 - First draft for section on mix-up.

Pull Request - State: closed - Opened by danielfett almost 7 years ago

#29 - First draft for section on mix-up.

Pull Request - State: closed - Opened by danielfett almost 7 years ago

#28 - Reworked section 3.8.1

Pull Request - State: closed - Opened by tlodderstedt almost 7 years ago

#28 - Reworked section 3.8.1

Pull Request - State: closed - Opened by tlodderstedt almost 7 years ago

#27 - Updated CSRF and code/state leakage section (plus some minor changes).

Pull Request - State: closed - Opened by danielfett almost 7 years ago - 2 comments

#27 - Updated CSRF and code/state leakage section (plus some minor changes).

Pull Request - State: closed - Opened by danielfett almost 7 years ago - 2 comments

#26 - Multiple-tokens mode?

Issue - State: closed - Opened by LEW21 almost 8 years ago - 1 comment

#26 - Multiple-tokens mode?

Issue - State: closed - Opened by LEW21 almost 8 years ago - 1 comment

#25 - Small editorial updates.

Pull Request - State: closed - Opened by ve7jtb almost 8 years ago

#25 - Small editorial updates.

Pull Request - State: closed - Opened by ve7jtb almost 8 years ago

#24 - Add files via upload

Pull Request - State: closed - Opened by ve7jtb almost 8 years ago

#24 - Add files via upload

Pull Request - State: closed - Opened by ve7jtb almost 8 years ago

#23 - TLS version (D2: Richard Barnes)

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#23 - TLS version (D2: Richard Barnes)

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#22 - Richard Barnes: TLS on revocation is backward

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#22 - Richard Barnes: TLS on revocation is backward

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#21 - IANA process

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#21 - IANA process

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#19 - Align endpoint URL description with RFC6749

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 2 comments

#19 - Align endpoint URL description with RFC6749

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 2 comments

#17 - make unsupported_token_type I cannot revoke this token

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#17 - make unsupported_token_type I cannot revoke this token

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#16 - HTTP 200 for bogus tokens (description of rationales)

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#16 - HTTP 200 for bogus tokens (description of rationales)

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#15 - TLS version

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#15 - TLS version

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#14 - Sean Turner: no content

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#14 - Sean Turner: no content

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#13 - Sean Turner: Note

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#13 - Sean Turner: Note

Issue - State: closed - Opened by tlodderstedt over 11 years ago - 1 comment

#12 - proposed IANA process

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#12 - proposed IANA process

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#11 - Justin: Nits

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#11 - Justin: Nits

Issue - State: closed - Opened by tlodderstedt over 11 years ago

#10 - DoS due to token hint value?

Issue - State: closed - Opened by tlodderstedt almost 12 years ago

#10 - DoS due to token hint value?

Issue - State: closed - Opened by tlodderstedt almost 12 years ago

#9 - Remove unused reference to portable contacts spec

Issue - State: closed - Opened by tlodderstedt almost 12 years ago

#8 - Change Title

Issue - State: closed - Opened by tlodderstedt almost 12 years ago

#7 - Response Type Name must be Hint Value

Issue - State: closed - Opened by tlodderstedt almost 12 years ago

#6 - Handling of erroneous token_type_hint

Issue - State: closed - Opened by tlodderstedt almost 12 years ago