* chore(deps): Bump assent from 0.2.7 to 0.2.8
Bumps [assent](https://github.com/pow-auth/assent) from 0.2.7 to 0.2.8.
- [Release notes](https://github.com/pow-auth/assent/releases)
- [Changelog](https://github.com/pow-auth/assent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pow-auth/assent/compare/v0.2.7...v0.2.8)
---
updated-dependencies:
- dependency-name: assent
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(OAuth2): Reflect `assent` `site` -> `base_url` change.
I considered just rewriting it behind the scenes, but I think it's probably better in the long run if we just emit a deprecation.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Harton <james@harton.nz>
* feat: Add Google strategy
* fix: include Google strategy cheat sheet
* fix: Add documentation grouping for Google strategy
* chore: update formatter.
---------
Co-authored-by: James Harton <james@harton.nz>
Applies to both OAuth2 and OpenID Connect.
With this the developer can provide either the full
URL or the URL up to the AuthPlug path. If the suffix
is already there we won't add it again.
Should make it easier to get it on the first try.
Now any DSL option which allows the configuring of a token lifetime
can take _either_ a positive integer in it's previous default unit
or a tuple containing a positive integer and a unit.
Closes#376.
Additionally includes switching the resettable entity to being a singleton since that
feature didn't exist when I started.
* improvement: support generating sign in tokens on register
* chore: run formatter.
* fix: support generating tokens for other strategies.
---------
Co-authored-by: James Harton <james@harton.nz>
Changes:
1. Extracted `find_strategy/2..3` from a bunch of places across the codebase and moved into `Info`.
2. Updated `ConfirmationHookChange` to use `find_strategy/2..3`.
Closes#334.
Basically a copy-pasta of the `find_strategy/3` function from `HashPasswordChange` to allow for the strategy to be passed in via the context(s) or preparation options.
* feat(AshAuthentication.Strategy.Oidc): Add OpenID Connect strategy.
* chore(CI): disable the workflow on pull request event, since it's covered by push.
This fixes a security issue where someone in possession of a special purpose token (reset, confirmation, magic link, etc) would be able to access an API using this token. We strongly encourage you to upgrade.
Closes#190.
