oauth

The upstream issues got closed. It is referenced in:

• client/manager_test_helpers.go#L235

This issue was created by the ORY Closed Reference Notifier GitHub action.

Description 📓

Currently the maxAge on the jwt and the expires on the cookie options are being set to a hard coded 15 minutes.

pkce

defined here

https://github.com/nextauthjs/next-auth/blob/e4ee520b4aba55fbc123801291bcba404f578d3f/packages/next-auth/src/core/lib/oauth/pkce-handler.ts#L7

set as expires here

https://github.com/nextauthjs/next-auth/blob/e4ee520b4aba55fbc12380129

What are you trying to do?

When using the tailscale CLI, it would be very helpful to have shell tab completion for things like subcommands, nodes, and more to make it easier to use.

How should we solve this?

The command line argument parsing library that the CLI currently uses does not support the automatic generation of completion definitions:

Features like tab completion

The repo containing the Dockerfile and the entrypoint is here.

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

This will allow users to set up API mgmt for provisioners, and unblock users in environments where the ca.json is not easily accessible.

The --enable-admin flag would create the first provisioner and admin (this code already exists, just behind a boolean).
The --acme flag would create an ACME provisioner.

Related: smallstep/certificates#737