* Adds "password reset" during OAuth flows
* Adds "Sign up" during OAuth flows
* Adds support for multiple languages in the OAuth flow
* Adds "fr" translation for the OAuth flow
Co-authored-by: devin ivy <devinivy@gmail.com>
Co-authored-by: Eric Bailey <git@esb.lol>
* OAuthProvider: Update "trustProxy" options to allow function
* DeviceManager options can now be passed as argument to the OAuthProvider constructor
* Only trust one level of proxying when computing IP during OAuthFlows
* Prevent invalid use of trustProxy config
* tidy
* make the code compliant with legacy behavior
* Add linting rule to sort imports
* remove spacing between import groups
* changeset
* changeset
* prettier config fine tuning
* forbid use of deprecated imports
* tidy
* jwk: Improve type safety and compatibility with Bun
* improve type safety of jwk keys
* improve typing of verifyAccessToken
* update @types/http-errors
* Better report invalid content-encoding errors
* Mark jwk key fields as readonly
* Improve message of OAuthResolverError in case of metadata validation error
* Use named export from zod
* docs
* Enforce use of http and https url where applicable
* Verify authorization_endpoint URL protocol
* fix pds tests for new oauth resource metadata check
* Allow non-https urls as resource metadata url
* Strong validation or redirect_uri
* Ensure that client-id is a web url
* explicit use of "url" schema as potentially dangerous
* changeset
* tidy
* simplify type
* prevent loopback hostname for https: redirect uris
* Forbid use of non https internet uris
* allow "localhost" for web uris
* tidy
* tidy
* tidy
---------
Co-authored-by: Devin Ivy <devinivy@gmail.com>
* Properly negotiate response content-encoding
* negotiate acceptable encoding and type before building responses
* remove un-necessary async
* typo
* Remove response content-encoding logic
* Avoid using chunked encoding when writing a buffer to the response
* Improve error message when using invalid client_id during code exchange
* Extract SPA example OAuth client in own package
* wip
* remove dependency on get-port
* Properly configure jest to only transpile "get-port" from node_modules
https://jestjs.io/docs/configuration#transformignorepatterns-arraystring
* Use dynamically assigned port number during tests
* use puppeteer to run tests
* remove login input "id" attribute
* code style
* add missing declaration
* tidy
* headless
* remove get-port dependency
* fix tests/proxied/admin.test.ts
* fix tests
* Allow unsecure oauth providers through configuration
* transpile "lande" during ozone tests
* Cache Puppeteer browser binaries
* Use puppeteer cache during all workflow steps
* remove use of set-output
* use get-port in xrpc-server tests
* Renamed to allowHttp
* tidy
* tidy
