Johnny 1a9bd32cf1 feat(auth): add PKCE support and enhance OAuth security ... Implements critical OAuth 2.0 security improvements to protect against authorization code interception attacks and improve provider compatibility: - Add PKCE (RFC 7636) support with SHA-256 code challenge/verifier - Fix access token extraction to use standard field instead of Extra() - Add OAuth error parameter handling (access_denied, invalid_scope, etc.) - Maintain backward compatibility for non-PKCE flows This brings the OAuth implementation up to modern security standards as recommended by Auth0, Okta, and the OAuth 2.0 Security Best Current Practice (RFC 8252). Backend changes: - Add code_verifier parameter to ExchangeToken with PKCE support - Use token.AccessToken for better provider compatibility - Update proto definition with optional code_verifier field Frontend changes: - Generate cryptographically secure PKCE parameters - Include code_challenge in authorization requests - Handle and display OAuth provider errors gracefully - Pass code_verifier during token exchange 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>		2025-12-01 00:04:26 +08:00
..
public	chore: enhance site.webmanifest in firefox (#4828)	2025-07-08 19:56:46 +08:00
src	feat(auth): add PKCE support and enhance OAuth security	2025-12-01 00:04:26 +08:00
.gitignore	chore: update gitignore	2025-04-17 23:11:36 +08:00
biome.json	chore(web): migrate from ESLint+Prettier to Biome	2025-11-14 23:58:07 +08:00
components.json	feat: themes (#4824)	2025-07-07 20:13:22 +08:00
index.html	chore: remove fixed theme color	2025-07-15 23:26:07 +08:00
package.json	fix(markdown): render single newlines as line breaks	2025-11-26 20:13:57 +08:00
pnpm-lock.yaml	fix(markdown): render single newlines as line breaks	2025-11-26 20:13:57 +08:00
tsconfig.json	refactor: update import prefix with alias (#1433)	2023-04-01 16:03:14 +08:00
vite.config.mts	refactor: update markdown parser	2025-10-26 11:28:40 +08:00