Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement PKCE for OAuth2 #227

Open
lf- opened this issue Feb 29, 2024 · 2 comments
Open

Implement PKCE for OAuth2 #227

lf- opened this issue Feb 29, 2024 · 2 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@lf-
Copy link
Contributor

lf- commented Feb 29, 2024

Hi!

OpenGist currently doesn't support PKCE for OAuth2, the lack of which is not super secure. I have gone looking at the underlying library and it does support it since markbates/goth@7593a57 which this project has, but implementing it is nonobvious, but here are some relevant issues/prs:

markbates/goth#516
go-gitea/gitea#21426

Additionally, here is some code, but it seems to be based on an older version of the goth code prior to direct pkce support: https://github.com/mozilla/protodash/blob/cdfb39b44c1bd8fe9d256c97d892b9fd37c88103/pkce/session.go#L43
@thomiceli thomiceli added the enhancement New feature or request label Mar 4, 2024
@erlend-sh erlend-sh mentioned this issue May 24, 2024
Open
19 tasks
@zicklag zicklag mentioned this issue May 25, 2024
Open
@thomiceli thomiceli moved this to Backlog in Opengist Sep 10, 2024
@erlend-sh
Copy link

We’d like to set up an instance of OpenGist together with our service: https://weird.one/

..but we need PKCE for the cross-app login to work.

@thomiceli
Copy link
Owner

thomiceli commented Oct 24, 2024
edited
Loading

Struggling to make PKCE work with Authentik, maybe I'm missing something, if someone could send a PR it would be great :)

@thomiceli thomiceli added the help wanted Extra attention is needed label Oct 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
Opengist
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
3 participants
@erlend-sh @lf- @thomiceli