atproto/metal-oranges-sing.md at 3fa2ee3b6a382709b10921da53e69a901bccbb05

Matthieu Sieben 3fa2ee3b6a

Deprecate query & fragment in DPoP proof htu claim (#3879 )

* Properly validate JWK `htu` claim by enforcing URL without query or fragment

* type fix

* Return DPoP validation result from `authenticateRequest`

* Log clients using invalid "htu" claim in DPoP proof

* review comments

* fix lint

* tidy

* rename dpop result to dpop proof

2025-06-05 14:46:51 +02:00

76 B

Raw Blame History

@atproto/oauth-provider

@atproto/oauth-provider
minor

Improve validation of DPoP proofs

76 B Raw Blame History

76 B

Raw Blame History