feat: Validate Google, Azure, OIDC SSO access (#3590)
* chore: Store expiresAt on UserAuthentications. This represents the time that the accessToken is no longer valid and should be exchanged using the refreshToken * feat: Check and expire Google SSO * fix: Better handling of multiple auth methods Added more docs * fix: Retry access validation with network errors * Small refactor, add Azure token validation support * doc * test * lint * OIDC refresh support * CheckSSOAccessTask -> ValidateSSOAccessTask Added lastValidatedAt column Skip checks if validated within 5min Some edge cases around encrypted columns
This commit is contained in:
Tom Moor
GitHub
10
server/utils/oidc.ts
Normal file
10
server/utils/oidc.ts
Normal file
@@ -0,0 +1,10 @@
|
||||
import env from "@server/env";
|
||||
import OAuthClient from "./oauth";
|
||||
|
||||
export default class OIDCClient extends OAuthClient {
|
||||
endpoints = {
|
||||
authorize: env.OIDC_AUTH_URI || "",
|
||||
token: env.OIDC_TOKEN_URI || "",
|
||||
userinfo: env.OIDC_USERINFO_URI || "",
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user