Michael Manganiello 7fedaca59a fix: Improve OIDC email verified check ...

The OIDC email verified check now fails if the email is explicitly
unverified, or if the `email_verified` claim is supported and the email
is not explicitly verified.

Previously, the OIDC implementation failed for any OIDC provider that
did not include the `email_verified` claim in the userinfo response.
Providers like Synology do not include this claim, so the check always
failed with error "Email is not verified."

I haven't found a formal specification for the `email_verified` claim,
and how it should be handled, but this implementation should be more
robust and work with more OIDC providers.

Fixes #1446.

2025-01-09 00:55:20 -03:00

..

auth

fix: Improve OIDC email verified check

2025-01-09 00:55:20 -03:00

database

fix: Use proper JSON contains function for PostgreSQL

2025-01-08 21:07:01 -03:00

filesystem

misc: Use immutable types for constants

2024-12-25 15:49:18 -03:00

metadata

misc: Change signature for get_matched_rom_by_id function

2025-01-05 15:18:19 -03:00

tests

fix pytests

2024-09-09 00:01:37 -04:00

__init__.py

refactor handlers out into own files

2024-05-05 12:45:56 -04:00

redis_handler.py

fix: Improve handling of Redis URL

2024-10-11 21:41:19 -03:00

scan_handler.py

misc: Use immutable types for constants

2024-12-25 15:49:18 -03:00

socket_handler.py

fix: Improve handling of Redis URL

2024-10-11 21:41:19 -03:00