Kyle Isom
18756f62b7
MCR can now redirect users to MCIAS for login instead of showing its own login form. This enables passkey/FIDO2 authentication since WebAuthn credentials are bound to MCIAS's domain. - Add optional [sso] config section with redirect_uri - Add handleSSOLogin (redirects to MCIAS) and handleSSOCallback (exchanges code for JWT, validates roles, sets session cookie) - SSO is opt-in: when redirect_uri is empty, the existing login form is used (backward compatible) - Guest role check preserved in SSO callback path - Return-to URL preserved across the SSO redirect - Uses mcdsl/sso package (local replace for now) Security: - State cookie uses SameSite=Lax for cross-site redirect compatibility - Session cookie remains SameSite=Strict (same-site only after login) - Code exchange is server-to-server over TLS 1.3 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
202 lines
6.8 KiB
Plaintext
202 lines
6.8 KiB
Plaintext
# git.wntrmute.dev/mc/mcdsl v1.2.0 => ../mcdsl
|
|
## explicit; go 1.25.7
|
|
git.wntrmute.dev/mc/mcdsl/auth
|
|
git.wntrmute.dev/mc/mcdsl/config
|
|
git.wntrmute.dev/mc/mcdsl/db
|
|
git.wntrmute.dev/mc/mcdsl/grpcserver
|
|
git.wntrmute.dev/mc/mcdsl/sso
|
|
# github.com/dustin/go-humanize v1.0.1
|
|
## explicit; go 1.16
|
|
github.com/dustin/go-humanize
|
|
# github.com/go-chi/chi/v5 v5.2.5
|
|
## explicit; go 1.22
|
|
github.com/go-chi/chi/v5
|
|
github.com/go-chi/chi/v5/middleware
|
|
# github.com/google/uuid v1.6.0
|
|
## explicit
|
|
github.com/google/uuid
|
|
# github.com/inconshreveable/mousetrap v1.1.0
|
|
## explicit; go 1.18
|
|
github.com/inconshreveable/mousetrap
|
|
# github.com/mattn/go-isatty v0.0.20
|
|
## explicit; go 1.15
|
|
github.com/mattn/go-isatty
|
|
# github.com/ncruces/go-strftime v1.0.0
|
|
## explicit; go 1.17
|
|
github.com/ncruces/go-strftime
|
|
# github.com/pelletier/go-toml/v2 v2.3.0
|
|
## explicit; go 1.21.0
|
|
github.com/pelletier/go-toml/v2
|
|
github.com/pelletier/go-toml/v2/internal/characters
|
|
github.com/pelletier/go-toml/v2/internal/tracker
|
|
github.com/pelletier/go-toml/v2/unstable
|
|
# github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec
|
|
## explicit; go 1.12
|
|
github.com/remyoudompheng/bigfft
|
|
# github.com/spf13/cobra v1.10.2
|
|
## explicit; go 1.15
|
|
github.com/spf13/cobra
|
|
# github.com/spf13/pflag v1.0.9
|
|
## explicit; go 1.12
|
|
github.com/spf13/pflag
|
|
# golang.org/x/net v0.48.0
|
|
## explicit; go 1.24.0
|
|
golang.org/x/net/http/httpguts
|
|
golang.org/x/net/http2
|
|
golang.org/x/net/http2/hpack
|
|
golang.org/x/net/idna
|
|
golang.org/x/net/internal/httpcommon
|
|
golang.org/x/net/internal/timeseries
|
|
golang.org/x/net/trace
|
|
# golang.org/x/sys v0.42.0
|
|
## explicit; go 1.25.0
|
|
golang.org/x/sys/unix
|
|
golang.org/x/sys/windows
|
|
# golang.org/x/text v0.32.0
|
|
## explicit; go 1.24.0
|
|
golang.org/x/text/secure/bidirule
|
|
golang.org/x/text/transform
|
|
golang.org/x/text/unicode/bidi
|
|
golang.org/x/text/unicode/norm
|
|
# google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217
|
|
## explicit; go 1.24.0
|
|
google.golang.org/genproto/googleapis/rpc/status
|
|
# google.golang.org/grpc v1.79.3
|
|
## explicit; go 1.24.0
|
|
google.golang.org/grpc
|
|
google.golang.org/grpc/attributes
|
|
google.golang.org/grpc/backoff
|
|
google.golang.org/grpc/balancer
|
|
google.golang.org/grpc/balancer/base
|
|
google.golang.org/grpc/balancer/endpointsharding
|
|
google.golang.org/grpc/balancer/grpclb/state
|
|
google.golang.org/grpc/balancer/pickfirst
|
|
google.golang.org/grpc/balancer/pickfirst/internal
|
|
google.golang.org/grpc/balancer/roundrobin
|
|
google.golang.org/grpc/binarylog/grpc_binarylog_v1
|
|
google.golang.org/grpc/channelz
|
|
google.golang.org/grpc/codes
|
|
google.golang.org/grpc/connectivity
|
|
google.golang.org/grpc/credentials
|
|
google.golang.org/grpc/credentials/insecure
|
|
google.golang.org/grpc/encoding
|
|
google.golang.org/grpc/encoding/internal
|
|
google.golang.org/grpc/encoding/proto
|
|
google.golang.org/grpc/experimental/stats
|
|
google.golang.org/grpc/grpclog
|
|
google.golang.org/grpc/grpclog/internal
|
|
google.golang.org/grpc/internal
|
|
google.golang.org/grpc/internal/backoff
|
|
google.golang.org/grpc/internal/balancer/gracefulswitch
|
|
google.golang.org/grpc/internal/balancer/weight
|
|
google.golang.org/grpc/internal/balancerload
|
|
google.golang.org/grpc/internal/binarylog
|
|
google.golang.org/grpc/internal/buffer
|
|
google.golang.org/grpc/internal/channelz
|
|
google.golang.org/grpc/internal/credentials
|
|
google.golang.org/grpc/internal/envconfig
|
|
google.golang.org/grpc/internal/grpclog
|
|
google.golang.org/grpc/internal/grpcsync
|
|
google.golang.org/grpc/internal/grpcutil
|
|
google.golang.org/grpc/internal/idle
|
|
google.golang.org/grpc/internal/metadata
|
|
google.golang.org/grpc/internal/pretty
|
|
google.golang.org/grpc/internal/proxyattributes
|
|
google.golang.org/grpc/internal/resolver
|
|
google.golang.org/grpc/internal/resolver/delegatingresolver
|
|
google.golang.org/grpc/internal/resolver/dns
|
|
google.golang.org/grpc/internal/resolver/dns/internal
|
|
google.golang.org/grpc/internal/resolver/passthrough
|
|
google.golang.org/grpc/internal/resolver/unix
|
|
google.golang.org/grpc/internal/serviceconfig
|
|
google.golang.org/grpc/internal/stats
|
|
google.golang.org/grpc/internal/status
|
|
google.golang.org/grpc/internal/syscall
|
|
google.golang.org/grpc/internal/transport
|
|
google.golang.org/grpc/internal/transport/networktype
|
|
google.golang.org/grpc/keepalive
|
|
google.golang.org/grpc/mem
|
|
google.golang.org/grpc/metadata
|
|
google.golang.org/grpc/peer
|
|
google.golang.org/grpc/resolver
|
|
google.golang.org/grpc/resolver/dns
|
|
google.golang.org/grpc/serviceconfig
|
|
google.golang.org/grpc/stats
|
|
google.golang.org/grpc/status
|
|
google.golang.org/grpc/tap
|
|
# google.golang.org/protobuf v1.36.11
|
|
## explicit; go 1.23
|
|
google.golang.org/protobuf/encoding/protojson
|
|
google.golang.org/protobuf/encoding/prototext
|
|
google.golang.org/protobuf/encoding/protowire
|
|
google.golang.org/protobuf/internal/descfmt
|
|
google.golang.org/protobuf/internal/descopts
|
|
google.golang.org/protobuf/internal/detrand
|
|
google.golang.org/protobuf/internal/editiondefaults
|
|
google.golang.org/protobuf/internal/encoding/defval
|
|
google.golang.org/protobuf/internal/encoding/json
|
|
google.golang.org/protobuf/internal/encoding/messageset
|
|
google.golang.org/protobuf/internal/encoding/tag
|
|
google.golang.org/protobuf/internal/encoding/text
|
|
google.golang.org/protobuf/internal/errors
|
|
google.golang.org/protobuf/internal/filedesc
|
|
google.golang.org/protobuf/internal/filetype
|
|
google.golang.org/protobuf/internal/flags
|
|
google.golang.org/protobuf/internal/genid
|
|
google.golang.org/protobuf/internal/impl
|
|
google.golang.org/protobuf/internal/order
|
|
google.golang.org/protobuf/internal/pragma
|
|
google.golang.org/protobuf/internal/protolazy
|
|
google.golang.org/protobuf/internal/set
|
|
google.golang.org/protobuf/internal/strs
|
|
google.golang.org/protobuf/internal/version
|
|
google.golang.org/protobuf/proto
|
|
google.golang.org/protobuf/protoadapt
|
|
google.golang.org/protobuf/reflect/protoreflect
|
|
google.golang.org/protobuf/reflect/protoregistry
|
|
google.golang.org/protobuf/runtime/protoiface
|
|
google.golang.org/protobuf/runtime/protoimpl
|
|
google.golang.org/protobuf/types/known/anypb
|
|
google.golang.org/protobuf/types/known/durationpb
|
|
google.golang.org/protobuf/types/known/timestamppb
|
|
# modernc.org/libc v1.70.0
|
|
## explicit; go 1.24.0
|
|
modernc.org/libc
|
|
modernc.org/libc/errno
|
|
modernc.org/libc/fcntl
|
|
modernc.org/libc/fts
|
|
modernc.org/libc/grp
|
|
modernc.org/libc/honnef.co/go/netdb
|
|
modernc.org/libc/langinfo
|
|
modernc.org/libc/limits
|
|
modernc.org/libc/netdb
|
|
modernc.org/libc/netinet/in
|
|
modernc.org/libc/poll
|
|
modernc.org/libc/pthread
|
|
modernc.org/libc/pwd
|
|
modernc.org/libc/signal
|
|
modernc.org/libc/stdio
|
|
modernc.org/libc/stdlib
|
|
modernc.org/libc/sys/socket
|
|
modernc.org/libc/sys/stat
|
|
modernc.org/libc/sys/types
|
|
modernc.org/libc/termios
|
|
modernc.org/libc/time
|
|
modernc.org/libc/unistd
|
|
modernc.org/libc/utime
|
|
modernc.org/libc/uuid
|
|
modernc.org/libc/uuid/uuid
|
|
modernc.org/libc/wctype
|
|
# modernc.org/mathutil v1.7.1
|
|
## explicit; go 1.21
|
|
modernc.org/mathutil
|
|
# modernc.org/memory v1.11.0
|
|
## explicit; go 1.23.0
|
|
modernc.org/memory
|
|
# modernc.org/sqlite v1.47.0
|
|
## explicit; go 1.25.0
|
|
modernc.org/sqlite
|
|
modernc.org/sqlite/lib
|
|
modernc.org/sqlite/vtab
|
|
# git.wntrmute.dev/mc/mcdsl => ../mcdsl
|