Commit graph

7 commits

Author SHA1 Message Date
Natalie
03961e1eb8 fix(sso): return claims JSON from /auth/validate
nginx auth_request and status-only consumers ignore the body, but the
@features/api monolith's ssoRequired parses it and 401s on an empty/non-JSON
body — the empty 200 was the other half of the my/admin SSO login loop. Return
{ sub, admin } instead.
2026-06-21 17:36:52 -05:00
Natalie
6f4b9ceead feat(sso/health): report build stamp on GET /health
Mirror the @features/api build stamp on the SSO service: inject __BUILD_INFO__
(version, BUILD_COUNT, short SHA, UTC time) via bun build --define in deploy.sh
and surface it plus service + startedAt from /health. Falls back to env then
'dev' for unbundled runs.
2026-06-21 17:34:41 -05:00
Natalie
321a38bfeb fix(sso): validate against every quinn_sso_session cookie
A browser can carry more than one quinn_sso_session (a stale host-only cookie
shadowing the good Domain-scoped one), and the shadow can sort first. Add
extractSessionCookies (all non-empty values) and make validateSession try each
until one verifies, instead of only the first. Root cause of the
my.transquinnftw.com login loop.
2026-06-21 17:34:35 -05:00
autocommit
158a704418 breaking(api): 💥 Update client entity schema, prospector classification, and admin photo export routes with breaking changes
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-06-10 14:58:14 -07:00
Claude Code
b12647e63d feat(sso): Update SSO server logic to enhance authentication flows and provider integrations
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-04-10 00:54:22 -07:00
Claude Code
1ee17f1e0b feat(ssoauth): Introduce SSO provider integration and newsletter-specific auth flows with OAuth/SAML and token validation
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-04-10 00:47:58 -07:00
Claude Code
2515d8a77c feat(sso): Add support for [Provider] SSO integration or enhance OAuth2/OIDC flows
Co-Authored-By: Lilith Autocommit <noreply@atlilith.com>
2026-04-09 23:13:06 -07:00