Is your feature request related to a problem? Please describe.

When querying the Clients/Consent Sessions using pagination, ORY Hydra will only return results with some links, but not the total count of the items, which is useful to display in the frontend, you know, showing the total pages or something.

Describe the solution you'd like

Add the total_count parameter into Hea

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

Should the Debian install docs mention:

sudo apt-get install apt-transport-https

?

Just hit that myself, and we also had a recent support request about it.

/cc @danderson

With the “keycloak” provider the cookie-refresh feature does not work. Instead of using the refresh token for acquiring a new access token in the background, the user is redirected to Keycloak.

Expected Behavior

Given a web page which is protected by OAuth2 Proxy configured to use Keycloak as the identity provider
and given a user has authenticated and has loaded the page
when the user

It would be helpful to have a comprehensive documentation of the endpoints to help configure Authelia correctly in real life environments.

What would you like to be added

Allow more url variations in "step certificate inspect".
e.g.

// this works
step certificate inspect https://www.google.com

// these don't
step certificate inspect https://www.google.com/
step certificate inspect www.google.com:443
step certificate inspect www.google.com

Why this is needed

More convenience

直接npm i &&npm run dev无法直接跑起项目 ，现在卡在mock模拟初始数据这个块，看配置用的是webpack4 & babel 7 ,找了网上的.babel 7配置

{
"presets": [
["@babel/preset-env", {
"modules": false,
"targets": {
"browsers": ["> 1%", "last 2 versions", "not ie <= 8"]
},
"useBuiltIns": "usage"
}]
],
"plugins": ["transform-vue-jsx","@babel/plugin-syntax-dynamic-import"]
}

目前跑起来，但console报错

Describe the problem

After logging out, you can still pass vouch's validate handler with the captured cookie.

Expected behavior

vouch should not allowed a logged out session to re-use a cookie to log in.

Additional context

Steps to replicate

1. log into a site (vouch /login)
2. capture the cookie that stores the jwt (cooke: name in config.yml)
   -- easiest method is

Man-in-the-Middle
commons-httpclient:commons-httpclient is a HttpClient component of the Apache HttpComponents project.

Affected versions of this package are vulnerable to Man-in-the-Middle (MitM). due to not verifing the requesting server's hostname agains existing domain names in the SSL Certificate. The AbstractVerifier does not properly verify that the server hostname matches a dom

Would it be possible to make aws-google-auth pop up the standard google auth webpage (Normally lets you pick a google account) instead of asking for username+password in the CLI?

This would be nice as I'm already logged into google and so wouldn't need to re-enter my user+pass, and it would also dodge the annoying captcha challenge.

There is no proper documentation to explain what are the values for accountState identity claim and what is the meaning of each value.

Add encryption support to access token as JWT.