back interdiff of round #1 and #0

appview/oauth: use client attestation #721

merged
opened by oppi.li targeting master from push-qryntruoqzmt

this change makes our tangled appview a "confidential" client.

this change includes breaking changes to the appview service, it now requires two different environment variables:

  • TANGLED_OAUTH_CLIENT_SECRET: the secret component of the old JWKs object
  • TANGLED_OAUTH_CLIENT_KID: the key ID the old JWKs object

both of these can be extracted from the old JWKs object: obj.d and obj.kid respectively.

Signed-off-by: oppiliappan me@oppi.li

options
unified split
files
appview
config
config.go
oauth
handler.go
oauth.go
cmd
genjwks
main.go
docs
hacking.md
flake.nix
nix
pkgs
genjwks.nix
goat.nix
scripts
appview.sh
generate-jwks.sh
ERROR
appview/config/config.go

Failed to calculate interdiff for this file.

ERROR
appview/oauth/handler.go

Failed to calculate interdiff for this file.

ERROR
appview/oauth/oauth.go

Failed to calculate interdiff for this file.

ERROR
cmd/genjwks/main.go

Failed to calculate interdiff for this file.

ERROR
docs/hacking.md

Failed to calculate interdiff for this file.

ERROR
flake.nix

Failed to calculate interdiff for this file.

ERROR
nix/pkgs/genjwks.nix

Failed to calculate interdiff for this file.

ERROR
nix/pkgs/goat.nix

Failed to calculate interdiff for this file.

ERROR
scripts/appview.sh

Failed to calculate interdiff for this file.

ERROR
scripts/generate-jwks.sh

Failed to calculate interdiff for this file.