-
### Feature Description
I have the following use case: I have an authorization server running next to my Gitea instance. Gitea is not supposed to do anything related to authentication or authorizat…
-
Using JWTs as sessions is not recommended by several large security companies and not spring boot themselves and that there is a reason as to why spring security does not have a JWTFilter built in by …
-
The death of the tokens seem to be at a random time interval. When the token needs to be regenerated for making/editing a board, all the checkmark boxes are reset and need to be clicked again.
For a…
ghost updated
10 years ago
-
# Bug report
## Describe the bug
I get this error after running the nuget command inside my Assets folder. `nuget install supabase-csharp -OutputDirectory ./ -Framework netstandard2.0`
Assem…
-
**Github username:** @catellaTech
**Twitter username:** catellatech
**Submission hash (on-chain):** 0xd160e3e72ff8f3ff38dc2097cfdc40f2c21dc1d6e193ff3f0873775321056d49
**Severity:** high
**Descriptio…
-
### Enviroment
- Operating System: Darwin
- Node Version: v20.5.0
- Nuxt Version: 3.11.1
- CLI Version: 3.11.1
- Package Manager: pnpm@8.14.1
- User Config: devtools, modules,…
-
Hi,
My azure blob storage uses a private container and as such requires a SAS token in the URL.
Short lived tokens are generated on our backend and sent to the client. The client then provides…
-
I have a situation where we would like to use `RequestAuthentication` to validate JWT tokens on a per-route basis where other routes require different forms of authentication that may not be in a vali…
-
ZITADEL already ensures that the authorization code as well as the refresh token can only be used as grant once and refresh tokens are rotated on each grant.
To improve the security (and be compliant…
-
spin-off from https://github.com/OWASP/ASVS/issues/1925 "proposal 4"
From @TobiasAhnoff
> 4 Verify that only access-tokens are used for authorization by the RS (not id-tokens or other kinds of t…