k1nq/TREK
1
0
Fork 0
mirror of https://github.com/mauriceboe/TREK.git synced 2026-06-19 13:21:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7798d2a3fd74ff9722185873800cbf6676303db9
TREK/server/tests/unit
T
History
Julien G. 7798d2a3fd fix(oidc): normalize id_token iss claim before issuer comparison (#837) 
jwt.verify does an exact string match on the issuer. Providers like
Authentik include a trailing slash in the id_token iss claim while the
configured issuer is already normalized (no trailing slash), causing
every login attempt to fail with jwt issuer invalid.

Move the issuer check out of jwt.verify options and apply the same
trailing-slash normalization used in the discovery doc validation.
Also adds OIDC-SVC-033–036 unit tests covering exact match, trailing
slash, wrong issuer, and wrong audience cases.

Closes #834
2026-04-22 22:16:33 +02:00
..
mcp
fix(mcp): add RFC 9728 PRM, RFC 8707 audience binding, and collab sub-feature gating
2026-04-20 07:34:38 +02:00
middleware
security: close SEC-H4/H6 gaps from second-pass review
2026-04-20 21:35:30 +02:00
services
fix(oidc): normalize id_token iss claim before issuer comparison (#837)
2026-04-22 22:16:33 +02:00
systemNotices
feat(system-notices): replace expiresAt with [minVersion, maxVersion) version gate
2026-04-17 20:03:23 +02:00
utils
test: expand test suite to 87.3% backend coverage
2026-04-06 20:08:30 +02:00
scheduler.test.ts
Add comprehensive backend test suite (#339)
2026-04-03 13:17:53 +02:00