happyz
/
memos
mirror of https://github.com/usememos/memos.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
memos/web/src
History
Johnny 1a9bd32cf1 feat(auth): add PKCE support and enhance OAuth security 
Implements critical OAuth 2.0 security improvements to protect against authorization code interception attacks and improve provider compatibility:

- Add PKCE (RFC 7636) support with SHA-256 code challenge/verifier
- Fix access token extraction to use standard field instead of Extra()
- Add OAuth error parameter handling (access_denied, invalid_scope, etc.)
- Maintain backward compatibility for non-PKCE flows

This brings the OAuth implementation up to modern security standards as recommended by Auth0, Okta, and the OAuth 2.0 Security Best Current Practice (RFC 8252).

Backend changes:
- Add code_verifier parameter to ExchangeToken with PKCE support
- Use token.AccessToken for better provider compatibility
- Update proto definition with optional code_verifier field

Frontend changes:
- Generate cryptographically secure PKCE parameters
- Include code_challenge in authorization requests
- Handle and display OAuth provider errors gracefully
- Pass code_verifier during token exchange

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 		2025-12-01 00:04:26 +08:00
..
components chore: tweak comments 2025-11-30 13:16:02 +08:00
helpers chore: streamline MemoEditor components and remove unused code 2025-11-30 12:30:00 +08:00
hooks chore: tweak comments 2025-11-30 13:16:02 +08:00
layouts fix(web): resolve tag sidebar filtering and reactivity issues 2025-11-25 22:17:01 +08:00
lib chore(web): migrate from ESLint+Prettier to Biome 2025-11-14 23:58:07 +08:00
locales refactor: remove enable link preview setting 2025-11-30 10:34:22 +08:00
pages feat(auth): add PKCE support and enhance OAuth security 2025-12-01 00:04:26 +08:00
router chore(web): migrate from ESLint+Prettier to Biome 2025-11-14 23:58:07 +08:00
store chore: tweak comments 2025-11-30 13:16:02 +08:00
themes feat: add midnight theme (#5288) 2025-11-27 21:21:57 +08:00
types feat(auth): add PKCE support and enhance OAuth security 2025-12-01 00:04:26 +08:00
utils feat(auth): add PKCE support and enhance OAuth security 2025-12-01 00:04:26 +08:00
App.tsx chore(web): migrate from ESLint+Prettier to Biome 2025-11-14 23:58:07 +08:00
grpcweb.ts refactor: rename workspace to instance throughout codebase 2025-11-05 23:35:35 +08:00
i18n.ts feat: add norwegian bokmål (nb) translation (#4561) 2025-03-27 13:14:12 +08:00
index.css fix(web): refactor task list styles to follow GitHub standard (#5253) 2025-11-14 23:37:00 +08:00
main.tsx refactor: rename workspace to instance throughout codebase 2025-11-05 23:35:35 +08:00