co.gaiwan.oak.apis.assets
Static assets loaded from resources
Currently we're hard-coding specific asset routes. This isn't really scalable, but we shouldn't need many of them, and it means we don't end up serving things off the classpath or filesystem which we didn't intend to serve.
Static assets loaded from resources Currently we're hard-coding specific asset routes. This isn't really scalable, but we shouldn't need many of them, and it means we don't end up serving things off the classpath or filesystem which we didn't intend to serve.
co.gaiwan.oak.apis.auth
Authentication endpoints. Login, logout, etc.
Authentication endpoints. Login, logout, etc.
co.gaiwan.oak.apis.dashboard
Front page, some basic account management for the user
Front page, some basic account management for the user
co.gaiwan.oak.apis.jwks
JSON Web Key Set
Standard discoverable endpoint so third parties can validate our JWT tokens.
JSON Web Key Set Standard discoverable endpoint so third parties can validate our JWT tokens.
co.gaiwan.oak.apis.oauth
OAuth 2.1 authorization and token exchange
OAuth 2.1 authorization and token exchange
- authorize-response
- client-checks
- component
- error-html-response
- error-redirect-response
- error-response
- GET-authorization-server-metadata
- GET-authorize
- handle-authorization-code-grant
- handle-client-credentials-grant
- handle-refresh-token-grant
- identity-checks
- permission-dialog-response
- POST-exchange-token
- pre-client-checks
co.gaiwan.oak.apis.oidc
OpenID connect implementation
These are only the OIDC-specific endpoints like discovery or userinfo. Much of the OIDC logic lives inside the OAuth2 implemenation.
OpenID connect implementation These are only the OIDC-specific endpoints like discovery or userinfo. Much of the OIDC logic lives inside the OAuth2 implemenation.
co.gaiwan.oak.apis.proxy
reverse proxy to load resources from 3rd website
reverse proxy to load resources from 3rd website
co.gaiwan.oak.apis.totp
2FA endpoints.
- generate secret, store in session, show QR code
- user adds it to their authenticator app
- ask user for code from authenticator
- if code is valid, store secret as credential, remove from session
2FA endpoints. - generate secret, store in session, show QR code - user adds it to their authenticator app - ask user for code from authenticator - if code is valid, store secret as credential, remove from session
cljdoc builds & hosts documentation for Clojure/Script libraries
| Ctrl+k | Jump to recent docs |
| ← | Move to previous article |
| → | Move to next article |
| Ctrl+/ | Jump to the search field |