sso

Asking about this since the NSA recently published guidance advising the public and private sectors to transition to cryptographic algorithms that are no less than sha384 & ec384 (elliptic curves).

While Edwards' Curves are different, its worth noting that prior to this update sha256 & secp256k1 were both on the list of acceptable cryptographic algorithms. My deduction was that 128-bit securit

On Windows, if the authentication flow isn't completed (failure, closed the browser, etc.) then the client keeps showing 'connecting' but doesn't show a clear action to restart authentication.

Clicking disconnect + connect, or log in as a different user will generate a new authentication link and unblock the user, but that's somewhat difficult to discover.

Options for improvement include adding

I'm trying to build a container image with oauth2-proxy as base image for the linux/arm64/v8 platform.

Expected Behavior

The build is successful

Current Behavior

The build failes with error building image: no child with platform linux/arm64/v8 in index quay.io/oauth2-proxy/oauth2-proxy:v7.2.1

Possible Solution

The arm64 entry in the image index is missing the v8

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

Hello

What would you like to be added

Currently the step-cli certificate fingerprint foo.pem command only outputs the fingerprint as a SHA256 hash. It would be convenient to have an option to display a SHA1 fingerprint instead.

Why this is needed

Azure Iot Hub services display the fingerprints as SHA1 hashes on the Azure portal, so it's not easy to compare both types of finge

Describe the issue:
The links not show hover states on hover on the getting started page.

How to reproduce:

1. Navigate to getting started page
2. hover over any link

Expected behavior:
Should indicate hover state for links

Describe the bug

The test case for searching user by custom attributes is wrong here. By the documentation of keycloak rest api, the search params should be like `users.find({ q: 'key1:va