docs: fix rfc references and fix misc issues (#4879)
parent
db2fbabff6
commit
a7ccf3652f
|
@ -816,7 +816,7 @@ paths:
|
||||||
summary: OAuth 2.0 Authorization Server Metadata
|
summary: OAuth 2.0 Authorization Server Metadata
|
||||||
description: >
|
description: >
|
||||||
This endpoint retrieves the OAuth 2.0 Authorization Server Metadata document (RFC8414) used by clients to
|
This endpoint retrieves the OAuth 2.0 Authorization Server Metadata document (RFC8414) used by clients to
|
||||||
perform discovery for an OAuth 2.0 Authorization Server. See https://www.rfc-editor.org/rfc/rfc8414.
|
perform discovery for an OAuth 2.0 Authorization Server. See https://datatracker.ietf.org/doc/html/rfc8414.
|
||||||
responses:
|
responses:
|
||||||
"200":
|
"200":
|
||||||
description: OK
|
description: OK
|
||||||
|
@ -2822,8 +2822,8 @@ components:
|
||||||
description: >
|
description: >
|
||||||
JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the
|
JSON array containing a list of the JWS [JWS] signing algorithms (alg values) [JWA] supported by the
|
||||||
UserInfo Endpoint to encode the Claims in a JWT [JWT]. The value none MAY be included. See Also:
|
UserInfo Endpoint to encode the Claims in a JWT [JWT]. The value none MAY be included. See Also:
|
||||||
JWS: https://datatracker.ietf.org/doc/html/rfc7515 JWA: https://datatracker.ietf.org/doc/html/rfc7518 JWT:
|
JWS: https://datatracker.ietf.org/doc/html/rfc7515 JWA: https://datatracker.ietf.org/doc/html/rfc7518
|
||||||
https://datatracker.ietf.org/doc/html/rfc7519
|
JWT: https://datatracker.ietf.org/doc/html/rfc7519
|
||||||
type: array
|
type: array
|
||||||
example: ["none", "RS256"]
|
example: ["none", "RS256"]
|
||||||
items:
|
items:
|
||||||
|
|
|
@ -426,7 +426,7 @@ authentication_backend:
|
||||||
## changed once attributed to a user otherwise it would break the configuration for that user. Technically,
|
## changed once attributed to a user otherwise it would break the configuration for that user. Technically,
|
||||||
## non-unique attributes like 'mail' can also be used but we don't recommend using them, we instead advise to use
|
## non-unique attributes like 'mail' can also be used but we don't recommend using them, we instead advise to use
|
||||||
## a filter to perform alternative lookups and the attributes mentioned above (sAMAccountName and uid) to
|
## a filter to perform alternative lookups and the attributes mentioned above (sAMAccountName and uid) to
|
||||||
## follow https://www.ietf.org/rfc/rfc2307.txt.
|
## follow https://datatracker.ietf.org/doc/html/rfc2307.
|
||||||
# username_attribute: uid
|
# username_attribute: uid
|
||||||
|
|
||||||
## The additional_users_dn is prefixed to base_dn and delimited by a comma when searching for users.
|
## The additional_users_dn is prefixed to base_dn and delimited by a comma when searching for users.
|
||||||
|
|
|
@ -256,8 +256,8 @@ truncation that [Bcrypt] does. It is not supported by many other systems.*
|
||||||
|
|
||||||
Controls the hashing cost when hashing passwords using [Bcrypt].
|
Controls the hashing cost when hashing passwords using [Bcrypt].
|
||||||
|
|
||||||
[Argon2]: https://www.rfc-editor.org/rfc/rfc9106.html
|
[Argon2]: https://datatracker.ietf.org/doc/html/rfc9106
|
||||||
[Scrypt]: https://en.wikipedia.org/wiki/Scrypt
|
[Scrypt]: https://en.wikipedia.org/wiki/Scrypt
|
||||||
[PBKDF2]: https://www.ietf.org/rfc/rfc2898.html
|
[PBKDF2]: https://datatracker.ietf.org/doc/html/rfc2898
|
||||||
[SHA2 Crypt]: https://www.akkadia.org/drepper/SHA-crypt.txt
|
[SHA2 Crypt]: https://www.akkadia.org/drepper/SHA-crypt.txt
|
||||||
[Bcrypt]: https://en.wikipedia.org/wiki/Bcrypt
|
[Bcrypt]: https://en.wikipedia.org/wiki/Bcrypt
|
||||||
|
|
|
@ -316,4 +316,4 @@ for your users.
|
||||||
|
|
||||||
[username attribute]: #usernameattribute
|
[username attribute]: #usernameattribute
|
||||||
[TechNet wiki]: https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
|
[TechNet wiki]: https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
|
||||||
[RFC2307]: https://www.rfc-editor.org/rfc/rfc2307.html
|
[RFC2307]: https://datatracker.ietf.org/doc/html/rfc2307
|
||||||
|
|
|
@ -170,7 +170,7 @@ encoded PEM format used to sign/encrypt the [OpenID Connect 1.0] [JWT]'s. When c
|
||||||
JSON key's in the JWKs [Discoverable Endpoint](../../integration/openid-connect/introduction.md#discoverable-endpoints)
|
JSON key's in the JWKs [Discoverable Endpoint](../../integration/openid-connect/introduction.md#discoverable-endpoints)
|
||||||
as per [RFC7517].
|
as per [RFC7517].
|
||||||
|
|
||||||
[RFC7517]: https://www.rfc-editor.org/rfc/rfc7517
|
[RFC7517]: https://datatracker.ietf.org/doc/html/rfc7517
|
||||||
[x5c]: https://datatracker.ietf.org/doc/html/rfc7517#section-4.7
|
[x5c]: https://datatracker.ietf.org/doc/html/rfc7517#section-4.7
|
||||||
[x5t]: https://datatracker.ietf.org/doc/html/rfc7517#section-4.8
|
[x5t]: https://datatracker.ietf.org/doc/html/rfc7517#section-4.8
|
||||||
|
|
||||||
|
@ -251,7 +251,7 @@ this value.
|
||||||
|
|
||||||
{{< confkey type="string" default="public_clients_only" required="no" >}}
|
{{< confkey type="string" default="public_clients_only" required="no" >}}
|
||||||
|
|
||||||
[Proof Key for Code Exchange](https://www.rfc-editor.org/rfc/rfc7636.html) enforcement policy: if specified, must be
|
[Proof Key for Code Exchange](https://datatracker.ietf.org/doc/html/rfc7636) enforcement policy: if specified, must be
|
||||||
either `never`, `public_clients_only` or `always`.
|
either `never`, `public_clients_only` or `always`.
|
||||||
|
|
||||||
If set to `public_clients_only` (default), [PKCE] will be required for public clients using the
|
If set to `public_clients_only` (default), [PKCE] will be required for public clients using the
|
||||||
|
@ -530,12 +530,12 @@ To integrate Authelia's [OpenID Connect 1.0] implementation with a relying party
|
||||||
|
|
||||||
[token lifespan]: https://docs.apigee.com/api-platform/antipatterns/oauth-long-expiration
|
[token lifespan]: https://docs.apigee.com/api-platform/antipatterns/oauth-long-expiration
|
||||||
[OpenID Connect 1.0]: https://openid.net/connect/
|
[OpenID Connect 1.0]: https://openid.net/connect/
|
||||||
[JWT]: https://www.rfc-editor.org/rfc/rfc7519.html
|
[JWT]: https://datatracker.ietf.org/doc/html/rfc7519
|
||||||
[RFC6234]: https://www.rfc-editor.org/rfc/rfc6234.html
|
[RFC6234]: https://datatracker.ietf.org/doc/html/rfc6234
|
||||||
[RFC4648]: https://www.rfc-editor.org/rfc/rfc4648.html
|
[RFC4648]: https://datatracker.ietf.org/doc/html/rfc4648
|
||||||
[RFC7468]: https://www.rfc-editor.org/rfc/rfc7468.html
|
[RFC7468]: https://datatracker.ietf.org/doc/html/rfc7468
|
||||||
[RFC6749 Section 2.1]: https://datatracker.ietf.org/doc/html/rfc6749#section-2.1
|
[RFC6749 Section 2.1]: https://datatracker.ietf.org/doc/html/rfc6749#section-2.1
|
||||||
[PKCE]: https://www.rfc-editor.org/rfc/rfc7636.html
|
[PKCE]: https://datatracker.ietf.org/doc/html/rfc7636
|
||||||
[Authorization Code Flow]: https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth
|
[Authorization Code Flow]: https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowAuth
|
||||||
[Subject Identifier Type]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
[Subject Identifier Type]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
||||||
[Pairwise Identifier Algorithm]: https://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg
|
[Pairwise Identifier Algorithm]: https://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg
|
||||||
|
|
|
@ -154,7 +154,7 @@ The value must be one or more certificates encoded in the DER base64 ([RFC4648])
|
||||||
|
|
||||||
### private_key
|
### private_key
|
||||||
|
|
||||||
{{< confkey type="string" required="yes" >}}
|
{{< confkey type="string" required="no" >}}
|
||||||
|
|
||||||
*__Important Note:__ This can also be defined using a [secret](../methods/secrets.md) which is __strongly recommended__
|
*__Important Note:__ This can also be defined using a [secret](../methods/secrets.md) which is __strongly recommended__
|
||||||
especially for containerized deployments.*
|
especially for containerized deployments.*
|
||||||
|
@ -163,6 +163,8 @@ The private key to be used with the [certificate_chain](#certificatechain) for m
|
||||||
|
|
||||||
The value must be one private key encoded in the DER base64 ([RFC4648]) encoded PEM format.
|
The value must be one private key encoded in the DER base64 ([RFC4648]) encoded PEM format.
|
||||||
|
|
||||||
|
[RFC4648]: https://datatracker.ietf.org/doc/html/rfc4648
|
||||||
|
|
||||||
## Server Buffers
|
## Server Buffers
|
||||||
|
|
||||||
### read
|
### read
|
||||||
|
|
|
@ -172,5 +172,5 @@ at least a minimal configuration that has the storage backend connection details
|
||||||
See the [CLI Documentation](../../reference/cli/authelia/authelia_storage_user_totp_export.md) for methods to perform
|
See the [CLI Documentation](../../reference/cli/authelia/authelia_storage_user_totp_export.md) for methods to perform
|
||||||
exports.
|
exports.
|
||||||
|
|
||||||
[RFC4226]: https://www.rfc-editor.org/rfc/rfc4226.html
|
[RFC4226]: https://datatracker.ietf.org/doc/html/rfc4226
|
||||||
[RFC6238]: https://www.rfc-editor.org/rfc/rfc6238.html
|
[RFC6238]: https://datatracker.ietf.org/doc/html/rfc6238
|
||||||
|
|
|
@ -588,7 +588,7 @@ The match type `Equals` matches if the value extracted from the pattern is equal
|
||||||
match value is a list/slice).
|
match value is a list/slice).
|
||||||
|
|
||||||
The regex groups are case-insensitive due to the fact that the regex groups are used in domain criteria and domain names
|
The regex groups are case-insensitive due to the fact that the regex groups are used in domain criteria and domain names
|
||||||
should not be compared in a case-sensitive way as per the [RFC4343](https://www.rfc-editor.org/rfc/rfc4343.html)
|
should not be compared in a case-sensitive way as per the [RFC4343](https://datatracker.ietf.org/doc/html/rfc4343)
|
||||||
abstract and [RFC3986 Section 3.2.2](https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2).
|
abstract and [RFC3986 Section 3.2.2](https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2).
|
||||||
|
|
||||||
We do not currently apply any other normalization to usernames or groups when matching these groups. As such it's
|
We do not currently apply any other normalization to usernames or groups when matching these groups. As such it's
|
||||||
|
@ -664,6 +664,6 @@ access_control:
|
||||||
policy: bypass
|
policy: bypass
|
||||||
```
|
```
|
||||||
|
|
||||||
[RFC7231]: https://www.rfc-editor.org/rfc/rfc7231.html
|
[RFC7231]: https://datatracker.ietf.org/doc/html/rfc7231
|
||||||
[RFC5789]: https://www.rfc-editor.org/rfc/rfc5789.html
|
[RFC5789]: https://datatracker.ietf.org/doc/html/rfc5789
|
||||||
[RFC4918]: https://www.rfc-editor.org/rfc/rfc4918.html
|
[RFC4918]: https://datatracker.ietf.org/doc/html/rfc4918
|
||||||
|
|
|
@ -166,16 +166,16 @@ These endpoints implement OpenID Connect elements.
|
||||||
[OpenID Connect 1.0]: https://openid.net/connect/
|
[OpenID Connect 1.0]: https://openid.net/connect/
|
||||||
|
|
||||||
[OpenID Connect Discovery]: https://openid.net/specs/openid-connect-discovery-1_0.html
|
[OpenID Connect Discovery]: https://openid.net/specs/openid-connect-discovery-1_0.html
|
||||||
[OAuth 2.0 Authorization Server Metadata]: https://www.rfc-editor.org/rfc/rfc8414.html
|
[OAuth 2.0 Authorization Server Metadata]: https://datatracker.ietf.org/doc/html/rfc8414
|
||||||
|
|
||||||
[JSON Web Key Sets]: https://datatracker.ietf.org/doc/html/rfc7517#section-5
|
[JSON Web Key Sets]: https://datatracker.ietf.org/doc/html/rfc7517#section-5
|
||||||
|
|
||||||
[Authorization]: https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint
|
[Authorization]: https://openid.net/specs/openid-connect-core-1_0.html#AuthorizationEndpoint
|
||||||
[Token]: https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint
|
[Token]: https://openid.net/specs/openid-connect-core-1_0.html#TokenEndpoint
|
||||||
[UserInfo]: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
|
[UserInfo]: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
|
||||||
[Introspection]: https://www.rfc-editor.org/rfc/rfc7662.html
|
[Introspection]: https://datatracker.ietf.org/doc/html/rfc7662
|
||||||
[Revocation]: https://www.rfc-editor.org/rfc/rfc7009.html
|
[Revocation]: https://datatracker.ietf.org/doc/html/rfc7009
|
||||||
|
|
||||||
[RFC8176]: https://www.rfc-editor.org/rfc/rfc8176.html
|
[RFC8176]: https://datatracker.ietf.org/doc/html/rfc8176
|
||||||
[RFC4122]: https://www.rfc-editor.org/rfc/rfc4122.html
|
[RFC4122]: https://datatracker.ietf.org/doc/html/rfc4122
|
||||||
[Subject Identifier Types]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
[Subject Identifier Types]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
||||||
|
|
|
@ -193,9 +193,9 @@ This table suggests the parameters for the [SHA2 Crypt] algorithm:
|
||||||
| Standard CPU | sha512 | 50000 | 16 |
|
| Standard CPU | sha512 | 50000 | 16 |
|
||||||
| High End CPU | sha512 | 150000 | 16 |
|
| High End CPU | sha512 | 150000 | 16 |
|
||||||
|
|
||||||
[Argon2]: https://www.rfc-editor.org/rfc/rfc9106.html
|
[Argon2]: https://datatracker.ietf.org/doc/html/rfc9106
|
||||||
[Scrypt]: https://en.wikipedia.org/wiki/Scrypt
|
[Scrypt]: https://en.wikipedia.org/wiki/Scrypt
|
||||||
[PBKDF2]: https://www.ietf.org/rfc/rfc2898.html
|
[PBKDF2]: https://datatracker.ietf.org/doc/html/rfc2898
|
||||||
[SHA2 Crypt]: https://www.akkadia.org/drepper/SHA-crypt.txt
|
[SHA2 Crypt]: https://www.akkadia.org/drepper/SHA-crypt.txt
|
||||||
[Bcrypt]: https://en.wikipedia.org/wiki/Bcrypt
|
[Bcrypt]: https://en.wikipedia.org/wiki/Bcrypt
|
||||||
[FIPS-140 compliance]: https://csrc.nist.gov/publications/detail/fips/140/2/final
|
[FIPS-140 compliance]: https://csrc.nist.gov/publications/detail/fips/140/2/final
|
||||||
|
|
|
@ -46,7 +46,7 @@ utilize these overrides should either check for changes to the files in the
|
||||||
|
|
||||||
The locales directory holds folders of internationalization locales. This directory can be utilized to override these
|
The locales directory holds folders of internationalization locales. This directory can be utilized to override these
|
||||||
locales. They are the names of locales that are returned by the `navigator.langauge` ECMAScript command. These are
|
locales. They are the names of locales that are returned by the `navigator.langauge` ECMAScript command. These are
|
||||||
generally those in the [RFC5646 / BCP47 Format](https://www.rfc-editor.org/rfc/rfc5646.html) specifically the language
|
generally those in the [RFC5646 / BCP47 Format](https://datatracker.ietf.org/doc/html/rfc5646) specifically the language
|
||||||
codes from [Crowdin](https://support.crowdin.com/api/language-codes/).
|
codes from [Crowdin](https://support.crowdin.com/api/language-codes/).
|
||||||
|
|
||||||
Each directory has JSON files which you can explore the format of in the
|
Each directory has JSON files which you can explore the format of in the
|
||||||
|
|
|
@ -115,7 +115,7 @@ Feature List:
|
||||||
|
|
||||||
{{< roadmap-status stage="in-progress" version="v4.38.0" >}}
|
{{< roadmap-status stage="in-progress" version="v4.38.0" >}}
|
||||||
|
|
||||||
* [OAuth 2.0 Pushed Authorization Requests](https://www.rfc-editor.org/rfc/rfc9126.html)
|
* [OAuth 2.0 Pushed Authorization Requests](https://datatracker.ietf.org/doc/html/rfc9126)
|
||||||
* Per-Client [Proof Key Code Exchange (PKCE)] Policy
|
* Per-Client [Proof Key Code Exchange (PKCE)] Policy
|
||||||
|
|
||||||
### Beta 7
|
### Beta 7
|
||||||
|
@ -177,7 +177,7 @@ Should be implemented alongside [Dynamic Client Registration](#openid-connect-dy
|
||||||
|
|
||||||
{{< roadmap-status stage="complete" version="v4.34.0" >}}
|
{{< roadmap-status stage="complete" version="v4.34.0" >}}
|
||||||
|
|
||||||
See the [IETF Specification RFC8414](https://www.rfc-editor.org/rfc/rfc8414.html) for more information.
|
See the [IETF Specification RFC8414](https://datatracker.ietf.org/doc/html/rfc8414) for more information.
|
||||||
|
|
||||||
#### OpenID Connect Session Management
|
#### OpenID Connect Session Management
|
||||||
|
|
||||||
|
@ -205,9 +205,9 @@ The `preferred_username` claim was missing and was fixed.
|
||||||
|
|
||||||
[Cross Origin Resource Sharing]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
[Cross Origin Resource Sharing]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
||||||
|
|
||||||
[RFC8176]: https://www.rfc-editor.org/rfc/rfc8176.html
|
[RFC8176]: https://datatracker.ietf.org/doc/html/rfc8176
|
||||||
[RFC8693 Section 4.3]: https://www.rfc-editor.org/rfc/rfc8693.html/#section-4.3
|
[RFC8693 Section 4.3]: https://datatracker.ietf.org/doc/html/rfc8693/#section-4.3
|
||||||
[RFC4122]: https://www.rfc-editor.org/rfc/rfc4122.html
|
[RFC4122]: https://datatracker.ietf.org/doc/html/rfc4122
|
||||||
|
|
||||||
[OpenID Connect]: https://openid.net/connect/
|
[OpenID Connect]: https://openid.net/connect/
|
||||||
[OpenID Connect Front-Channel Logout]: https://openid.net/specs/openid-connect-frontchannel-1_0.html
|
[OpenID Connect Front-Channel Logout]: https://openid.net/specs/openid-connect-frontchannel-1_0.html
|
||||||
|
@ -219,4 +219,4 @@ The `preferred_username` claim was missing and was fixed.
|
||||||
[OpenID Connect Core (Subject Identifier Types)]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
[OpenID Connect Core (Subject Identifier Types)]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
|
||||||
[OpenID Connect Core (Pairwise Identifier Algorithm)]: https://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg
|
[OpenID Connect Core (Pairwise Identifier Algorithm)]: https://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg
|
||||||
[OpenID Connect Core (Mandatory to Implement Features for All OpenID Providers)]: https://openid.net/specs/openid-connect-core-1_0.html#ServerMTI
|
[OpenID Connect Core (Mandatory to Implement Features for All OpenID Providers)]: https://openid.net/specs/openid-connect-core-1_0.html#ServerMTI
|
||||||
[Proof Key Code Exchange (PKCE)]: https://www.rfc-editor.org/rfc/rfc7636.html
|
[Proof Key Code Exchange (PKCE)]: https://datatracker.ietf.org/doc/html/rfc7636
|
||||||
|
|
|
@ -426,7 +426,7 @@ authentication_backend:
|
||||||
## changed once attributed to a user otherwise it would break the configuration for that user. Technically,
|
## changed once attributed to a user otherwise it would break the configuration for that user. Technically,
|
||||||
## non-unique attributes like 'mail' can also be used but we don't recommend using them, we instead advise to use
|
## non-unique attributes like 'mail' can also be used but we don't recommend using them, we instead advise to use
|
||||||
## a filter to perform alternative lookups and the attributes mentioned above (sAMAccountName and uid) to
|
## a filter to perform alternative lookups and the attributes mentioned above (sAMAccountName and uid) to
|
||||||
## follow https://www.ietf.org/rfc/rfc2307.txt.
|
## follow https://datatracker.ietf.org/doc/html/rfc2307.
|
||||||
# username_attribute: uid
|
# username_attribute: uid
|
||||||
|
|
||||||
## The additional_users_dn is prefixed to base_dn and delimited by a comma when searching for users.
|
## The additional_users_dn is prefixed to base_dn and delimited by a comma when searching for users.
|
||||||
|
|
|
@ -234,11 +234,11 @@ func (p *CORSPolicy) handleOPTIONS(ctx *fasthttp.RequestCtx) {
|
||||||
|
|
||||||
/* The OPTIONS method should not return a 204 as per the following specifications when read together:
|
/* The OPTIONS method should not return a 204 as per the following specifications when read together:
|
||||||
|
|
||||||
RFC7231 (https://www.rfc-editor.org/rfc/rfc7231#section-4.3.7):
|
RFC7231 (https://datatracker.ietf.org/doc/html/rfc7231#section-4.3.7):
|
||||||
A server MUST generate a Content-Length field with a value of "0" if no payload body is to be sent in
|
A server MUST generate a Content-Length field with a value of "0" if no payload body is to be sent in
|
||||||
the response.
|
the response.
|
||||||
|
|
||||||
RFC7230 (https://www.rfc-editor.org/rfc/rfc7230#section-3.3.2):
|
RFC7230 (https://datatracker.ietf.org/doc/html/rfc7230#section-3.3.2):
|
||||||
A server MUST NOT send a Content-Length header field in any response with a status code of 1xx (Informational)
|
A server MUST NOT send a Content-Length header field in any response with a status code of 1xx (Informational)
|
||||||
or 204 (No Content).
|
or 204 (No Content).
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -121,33 +121,48 @@ func (mr *MockRandomMockRecorder) IntErr(arg0 interface{}) *gomock.Call {
|
||||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IntErr", reflect.TypeOf((*MockRandom)(nil).IntErr), arg0)
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IntErr", reflect.TypeOf((*MockRandom)(nil).IntErr), arg0)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Integer mocks base method.
|
// Intn mocks base method.
|
||||||
func (m *MockRandom) Integer(arg0 int) int {
|
func (m *MockRandom) Intn(arg0 int) int {
|
||||||
m.ctrl.T.Helper()
|
m.ctrl.T.Helper()
|
||||||
ret := m.ctrl.Call(m, "Integer", arg0)
|
ret := m.ctrl.Call(m, "Intn", arg0)
|
||||||
ret0, _ := ret[0].(int)
|
ret0, _ := ret[0].(int)
|
||||||
return ret0
|
return ret0
|
||||||
}
|
}
|
||||||
|
|
||||||
// Integer indicates an expected call of Integer.
|
// Intn indicates an expected call of Intn.
|
||||||
func (mr *MockRandomMockRecorder) Integer(arg0 interface{}) *gomock.Call {
|
func (mr *MockRandomMockRecorder) Intn(arg0 interface{}) *gomock.Call {
|
||||||
mr.mock.ctrl.T.Helper()
|
mr.mock.ctrl.T.Helper()
|
||||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Integer", reflect.TypeOf((*MockRandom)(nil).Integer), arg0)
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Intn", reflect.TypeOf((*MockRandom)(nil).Intn), arg0)
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntegerErr mocks base method.
|
// IntnErr mocks base method.
|
||||||
func (m *MockRandom) IntegerErr(arg0 int) (int, error) {
|
func (m *MockRandom) IntnErr(arg0 int) (int, error) {
|
||||||
m.ctrl.T.Helper()
|
m.ctrl.T.Helper()
|
||||||
ret := m.ctrl.Call(m, "IntegerErr", arg0)
|
ret := m.ctrl.Call(m, "IntnErr", arg0)
|
||||||
ret0, _ := ret[0].(int)
|
ret0, _ := ret[0].(int)
|
||||||
ret1, _ := ret[1].(error)
|
ret1, _ := ret[1].(error)
|
||||||
return ret0, ret1
|
return ret0, ret1
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntegerErr indicates an expected call of IntegerErr.
|
// IntnErr indicates an expected call of IntnErr.
|
||||||
func (mr *MockRandomMockRecorder) IntegerErr(arg0 interface{}) *gomock.Call {
|
func (mr *MockRandomMockRecorder) IntnErr(arg0 interface{}) *gomock.Call {
|
||||||
mr.mock.ctrl.T.Helper()
|
mr.mock.ctrl.T.Helper()
|
||||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IntegerErr", reflect.TypeOf((*MockRandom)(nil).IntegerErr), arg0)
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IntnErr", reflect.TypeOf((*MockRandom)(nil).IntnErr), arg0)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Prime mocks base method.
|
||||||
|
func (m *MockRandom) Prime(arg0 int) (*big.Int, error) {
|
||||||
|
m.ctrl.T.Helper()
|
||||||
|
ret := m.ctrl.Call(m, "Prime", arg0)
|
||||||
|
ret0, _ := ret[0].(*big.Int)
|
||||||
|
ret1, _ := ret[1].(error)
|
||||||
|
return ret0, ret1
|
||||||
|
}
|
||||||
|
|
||||||
|
// Prime indicates an expected call of Prime.
|
||||||
|
func (mr *MockRandomMockRecorder) Prime(arg0 interface{}) *gomock.Call {
|
||||||
|
mr.mock.ctrl.T.Helper()
|
||||||
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Prime", reflect.TypeOf((*MockRandom)(nil).Prime), arg0)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Read mocks base method.
|
// Read mocks base method.
|
||||||
|
|
|
@ -163,8 +163,8 @@ func (n *SMTPNotifier) Send(ctx context.Context, recipient mail.Address, subject
|
||||||
}
|
}
|
||||||
|
|
||||||
func (n *SMTPNotifier) setMessageID(msg *gomail.Msg, domain string) {
|
func (n *SMTPNotifier) setMessageID(msg *gomail.Msg, domain string) {
|
||||||
rn := n.random.Integer(100000000)
|
rn := n.random.Intn(100000000)
|
||||||
rm := n.random.Integer(10000)
|
rm := n.random.Intn(10000)
|
||||||
rs := n.random.StringCustom(17, random.CharSetAlphaNumeric)
|
rs := n.random.StringCustom(17, random.CharSetAlphaNumeric)
|
||||||
pid := os.Getpid() + rm
|
pid := os.Getpid() + rm
|
||||||
|
|
||||||
|
|
|
@ -180,7 +180,7 @@ func (s *Store) DeleteAccessTokenSession(ctx context.Context, signature string)
|
||||||
return s.revokeSessionBySignature(ctx, storage.OAuth2SessionTypeAccessToken, signature)
|
return s.revokeSessionBySignature(ctx, storage.OAuth2SessionTypeAccessToken, signature)
|
||||||
}
|
}
|
||||||
|
|
||||||
// RevokeAccessToken revokes an access token as specified in: https://tools.ietf.org/html/rfc7009#section-2.1
|
// RevokeAccessToken revokes an access token as specified in: https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
|
||||||
// If the token passed to the request is an access token, the server MAY revoke the respective refresh token as well.
|
// If the token passed to the request is an access token, the server MAY revoke the respective refresh token as well.
|
||||||
// This implements a portion of oauth2.TokenRevocationStorage.
|
// This implements a portion of oauth2.TokenRevocationStorage.
|
||||||
func (s *Store) RevokeAccessToken(ctx context.Context, requestID string) (err error) {
|
func (s *Store) RevokeAccessToken(ctx context.Context, requestID string) (err error) {
|
||||||
|
@ -205,7 +205,7 @@ func (s *Store) DeleteRefreshTokenSession(ctx context.Context, signature string)
|
||||||
return s.revokeSessionBySignature(ctx, storage.OAuth2SessionTypeRefreshToken, signature)
|
return s.revokeSessionBySignature(ctx, storage.OAuth2SessionTypeRefreshToken, signature)
|
||||||
}
|
}
|
||||||
|
|
||||||
// RevokeRefreshToken revokes a refresh token as specified in: https://tools.ietf.org/html/rfc7009#section-2.1
|
// RevokeRefreshToken revokes a refresh token as specified in: https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
|
||||||
// If the particular token is a refresh token and the authorization server supports the revocation of access tokens,
|
// If the particular token is a refresh token and the authorization server supports the revocation of access tokens,
|
||||||
// then the authorization server SHOULD also invalidate all access tokens based on the same authorization grant (see Implementation Note).
|
// then the authorization server SHOULD also invalidate all access tokens based on the same authorization grant (see Implementation Note).
|
||||||
// This implements a portion of oauth2.TokenRevocationStorage.
|
// This implements a portion of oauth2.TokenRevocationStorage.
|
||||||
|
@ -213,7 +213,7 @@ func (s *Store) RevokeRefreshToken(ctx context.Context, requestID string) (err e
|
||||||
return s.provider.DeactivateOAuth2SessionByRequestID(ctx, storage.OAuth2SessionTypeRefreshToken, requestID)
|
return s.provider.DeactivateOAuth2SessionByRequestID(ctx, storage.OAuth2SessionTypeRefreshToken, requestID)
|
||||||
}
|
}
|
||||||
|
|
||||||
// RevokeRefreshTokenMaybeGracePeriod revokes an access token as specified in: https://tools.ietf.org/html/rfc7009#section-2.1
|
// RevokeRefreshTokenMaybeGracePeriod revokes an access token as specified in: https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
|
||||||
// If the token passed to the request is an access token, the server MAY revoke the respective refresh token as well.
|
// If the token passed to the request is an access token, the server MAY revoke the respective refresh token as well.
|
||||||
// This implements a portion of oauth2.TokenRevocationStorage.
|
// This implements a portion of oauth2.TokenRevocationStorage.
|
||||||
func (s *Store) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) (err error) {
|
func (s *Store) RevokeRefreshTokenMaybeGracePeriod(ctx context.Context, requestID string, signature string) (err error) {
|
||||||
|
|
|
@ -25,7 +25,7 @@ const (
|
||||||
CharSetSymbolic = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
|
CharSetSymbolic = "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"
|
||||||
|
|
||||||
// CharSetSymbolicRFC3986Unreserved are RFC3986 unreserved symbol characters.
|
// CharSetSymbolicRFC3986Unreserved are RFC3986 unreserved symbol characters.
|
||||||
// See https://www.rfc-editor.org/rfc/rfc3986#section-2.3.
|
// See https://datatracker.ietf.org/doc/html/rfc3986#section-2.3.
|
||||||
CharSetSymbolicRFC3986Unreserved = "-._~"
|
CharSetSymbolicRFC3986Unreserved = "-._~"
|
||||||
|
|
||||||
// CharSetAlphaNumeric are literally just valid alphanumeric printable ASCII chars.
|
// CharSetAlphaNumeric are literally just valid alphanumeric printable ASCII chars.
|
||||||
|
@ -35,7 +35,7 @@ const (
|
||||||
CharSetASCII = CharSetAlphabetic + CharSetNumeric + CharSetSymbolic
|
CharSetASCII = CharSetAlphabetic + CharSetNumeric + CharSetSymbolic
|
||||||
|
|
||||||
// CharSetRFC3986Unreserved are RFC3986 unreserved characters.
|
// CharSetRFC3986Unreserved are RFC3986 unreserved characters.
|
||||||
// See https://www.rfc-editor.org/rfc/rfc3986#section-2.3.
|
// See https://datatracker.ietf.org/doc/html/rfc3986#section-2.3.
|
||||||
CharSetRFC3986Unreserved = CharSetAlphabetic + CharSetNumeric + CharSetSymbolicRFC3986Unreserved
|
CharSetRFC3986Unreserved = CharSetAlphabetic + CharSetNumeric + CharSetSymbolicRFC3986Unreserved
|
||||||
|
|
||||||
// CharSetUnambiguousUpper are a set of unambiguous uppercase characters.
|
// CharSetUnambiguousUpper are a set of unambiguous uppercase characters.
|
||||||
|
|
|
@ -18,11 +18,7 @@ func (r *Cryptographical) Read(p []byte) (n int, err error) {
|
||||||
// BytesErr returns random data as bytes with the standard random.DefaultN length and can contain any byte values
|
// BytesErr returns random data as bytes with the standard random.DefaultN length and can contain any byte values
|
||||||
// (including unreadable byte values). If an error is returned from the random read this function returns it.
|
// (including unreadable byte values). If an error is returned from the random read this function returns it.
|
||||||
func (r *Cryptographical) BytesErr() (data []byte, err error) {
|
func (r *Cryptographical) BytesErr() (data []byte, err error) {
|
||||||
data = make([]byte, DefaultN)
|
return r.BytesCustomErr(0, nil)
|
||||||
|
|
||||||
_, err = rand.Read(data)
|
|
||||||
|
|
||||||
return data, err
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Bytes returns random data as bytes with the standard random.DefaultN length and can contain any byte values
|
// Bytes returns random data as bytes with the standard random.DefaultN length and can contain any byte values
|
||||||
|
@ -49,8 +45,10 @@ func (r *Cryptographical) BytesCustomErr(n int, charset []byte) (data []byte, er
|
||||||
|
|
||||||
t := len(charset)
|
t := len(charset)
|
||||||
|
|
||||||
for i := 0; i < n; i++ {
|
if t > 0 {
|
||||||
data[i] = charset[data[i]%byte(t)]
|
for i := 0; i < n; i++ {
|
||||||
|
data[i] = charset[data[i]%byte(t)]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return data, nil
|
return data, nil
|
||||||
|
@ -81,6 +79,36 @@ func (r *Cryptographical) StringCustom(n int, characters string) (data string) {
|
||||||
return string(r.BytesCustom(n, []byte(characters)))
|
return string(r.BytesCustom(n, []byte(characters)))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// IntnErr returns a random int error combination with a maximum of n.
|
||||||
|
func (r *Cryptographical) IntnErr(n int) (value int, err error) {
|
||||||
|
if n <= 0 {
|
||||||
|
return 0, fmt.Errorf("n must be more than 0")
|
||||||
|
}
|
||||||
|
|
||||||
|
max := big.NewInt(int64(n))
|
||||||
|
|
||||||
|
var result *big.Int
|
||||||
|
|
||||||
|
if result, err = r.IntErr(max); err != nil {
|
||||||
|
return 0, err
|
||||||
|
}
|
||||||
|
|
||||||
|
value = int(result.Int64())
|
||||||
|
|
||||||
|
if value < 0 {
|
||||||
|
return 0, fmt.Errorf("generated number is too big for int")
|
||||||
|
}
|
||||||
|
|
||||||
|
return value, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// Intn returns a random int with a maximum of n.
|
||||||
|
func (r *Cryptographical) Intn(n int) (value int) {
|
||||||
|
value, _ = r.IntnErr(n)
|
||||||
|
|
||||||
|
return value
|
||||||
|
}
|
||||||
|
|
||||||
// IntErr returns a random *big.Int error combination with a maximum of max.
|
// IntErr returns a random *big.Int error combination with a maximum of max.
|
||||||
func (r *Cryptographical) IntErr(max *big.Int) (value *big.Int, err error) {
|
func (r *Cryptographical) IntErr(max *big.Int) (value *big.Int, err error) {
|
||||||
if max == nil {
|
if max == nil {
|
||||||
|
@ -105,32 +133,8 @@ func (r *Cryptographical) Int(max *big.Int) (value *big.Int) {
|
||||||
return value
|
return value
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntegerErr returns a random int error combination with a maximum of n.
|
// Prime returns a number of the given bit length that is prime with high probability. Prime will return error for any
|
||||||
func (r *Cryptographical) IntegerErr(n int) (value int, err error) {
|
// error returned by rand.Read or if bits < 2.
|
||||||
if n <= 0 {
|
func (r *Cryptographical) Prime(bits int) (prime *big.Int, err error) {
|
||||||
return 0, fmt.Errorf("n must be more than 0")
|
return rand.Prime(rand.Reader, bits)
|
||||||
}
|
|
||||||
|
|
||||||
max := big.NewInt(int64(n))
|
|
||||||
|
|
||||||
var result *big.Int
|
|
||||||
|
|
||||||
if result, err = r.IntErr(max); err != nil {
|
|
||||||
return 0, err
|
|
||||||
}
|
|
||||||
|
|
||||||
value = int(result.Int64())
|
|
||||||
|
|
||||||
if value < 0 {
|
|
||||||
return 0, fmt.Errorf("generated number is too big for int")
|
|
||||||
}
|
|
||||||
|
|
||||||
return value, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
// Integer returns a random int with a maximum of n.
|
|
||||||
func (r *Cryptographical) Integer(n int) (value int) {
|
|
||||||
value, _ = r.IntegerErr(n)
|
|
||||||
|
|
||||||
return value
|
|
||||||
}
|
}
|
|
@ -1,26 +1,36 @@
|
||||||
package random
|
package random
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
crand "crypto/rand"
|
||||||
"fmt"
|
"fmt"
|
||||||
"math/big"
|
"math/big"
|
||||||
"math/rand"
|
"math/rand"
|
||||||
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
)
|
)
|
||||||
|
|
||||||
// NewMathematical runs rand.Seed with the current time and returns a random.Provider, specifically *random.Mathematical.
|
// NewMathematical runs rand.Seed with the current time and returns a random.Provider, specifically *random.Mathematical.
|
||||||
func NewMathematical() *Mathematical {
|
func NewMathematical() *Mathematical {
|
||||||
rand.Seed(time.Now().UnixNano())
|
return &Mathematical{
|
||||||
|
rand: rand.New(rand.NewSource(time.Now().UnixNano())), //nolint:gosec
|
||||||
return &Mathematical{}
|
lock: &sync.Mutex{},
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Mathematical is the random.Provider which uses math/rand and is COMPLETELY UNSAFE FOR PRODUCTION IN MOST SITUATIONS.
|
// Mathematical is the random.Provider which uses math/rand and is COMPLETELY UNSAFE FOR PRODUCTION IN MOST SITUATIONS.
|
||||||
// Use random.Cryptographical instead.
|
// Use random.Cryptographical instead.
|
||||||
type Mathematical struct{}
|
type Mathematical struct {
|
||||||
|
rand *rand.Rand
|
||||||
|
lock *sync.Mutex
|
||||||
|
}
|
||||||
|
|
||||||
// Read implements the io.Reader interface.
|
// Read implements the io.Reader interface.
|
||||||
func (r *Mathematical) Read(p []byte) (n int, err error) {
|
func (r *Mathematical) Read(p []byte) (n int, err error) {
|
||||||
return rand.Read(p) //nolint:gosec
|
r.lock.Lock()
|
||||||
|
|
||||||
|
defer r.lock.Unlock()
|
||||||
|
|
||||||
|
return r.rand.Read(p)
|
||||||
}
|
}
|
||||||
|
|
||||||
// BytesErr returns random data as bytes with the standard random.DefaultN length and can contain any byte values
|
// BytesErr returns random data as bytes with the standard random.DefaultN length and can contain any byte values
|
||||||
|
@ -28,7 +38,7 @@ func (r *Mathematical) Read(p []byte) (n int, err error) {
|
||||||
func (r *Mathematical) BytesErr() (data []byte, err error) {
|
func (r *Mathematical) BytesErr() (data []byte, err error) {
|
||||||
data = make([]byte, DefaultN)
|
data = make([]byte, DefaultN)
|
||||||
|
|
||||||
if _, err = rand.Read(data); err != nil { //nolint:gosec
|
if _, err = r.Read(data); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -53,7 +63,7 @@ func (r *Mathematical) BytesCustomErr(n int, charset []byte) (data []byte, err e
|
||||||
|
|
||||||
data = make([]byte, n)
|
data = make([]byte, n)
|
||||||
|
|
||||||
if _, err = rand.Read(data); err != nil { //nolint:gosec
|
if _, err = r.Read(data); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -91,17 +101,18 @@ func (r *Mathematical) StringCustom(n int, characters string) (data string) {
|
||||||
return string(r.BytesCustom(n, []byte(characters)))
|
return string(r.BytesCustom(n, []byte(characters)))
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntErr returns a random *big.Int error combination with a maximum of max.
|
// Intn returns a random int with a maximum of n.
|
||||||
func (r *Mathematical) IntErr(max *big.Int) (value *big.Int, err error) {
|
func (r *Mathematical) Intn(n int) int {
|
||||||
if max == nil {
|
r.lock.Lock()
|
||||||
return nil, fmt.Errorf("max is required")
|
|
||||||
}
|
|
||||||
|
|
||||||
if max.Sign() <= 0 {
|
defer r.lock.Unlock()
|
||||||
return nil, fmt.Errorf("max must be 1 or more")
|
|
||||||
}
|
|
||||||
|
|
||||||
return big.NewInt(int64(rand.Intn(max.Sign()))), nil //nolint:gosec
|
return r.rand.Intn(n)
|
||||||
|
}
|
||||||
|
|
||||||
|
// IntnErr returns a random int error combination with a maximum of n.
|
||||||
|
func (r *Mathematical) IntnErr(n int) (output int, err error) {
|
||||||
|
return r.Intn(n), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Int returns a random *big.Int with a maximum of max.
|
// Int returns a random *big.Int with a maximum of max.
|
||||||
|
@ -115,12 +126,25 @@ func (r *Mathematical) Int(max *big.Int) (value *big.Int) {
|
||||||
return value
|
return value
|
||||||
}
|
}
|
||||||
|
|
||||||
// IntegerErr returns a random int error combination with a maximum of n.
|
// IntErr returns a random *big.Int error combination with a maximum of max.
|
||||||
func (r *Mathematical) IntegerErr(n int) (output int, err error) {
|
func (r *Mathematical) IntErr(max *big.Int) (value *big.Int, err error) {
|
||||||
return r.Integer(n), nil
|
if max == nil {
|
||||||
|
return nil, fmt.Errorf("max is required")
|
||||||
|
}
|
||||||
|
|
||||||
|
if max.Sign() <= 0 {
|
||||||
|
return nil, fmt.Errorf("max must be 1 or more")
|
||||||
|
}
|
||||||
|
|
||||||
|
r.lock.Lock()
|
||||||
|
|
||||||
|
defer r.lock.Unlock()
|
||||||
|
|
||||||
|
return big.NewInt(int64(r.Intn(max.Sign()))), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Integer returns a random int with a maximum of n.
|
// Prime returns a number of the given bit length that is prime with high probability. Prime will return error for any
|
||||||
func (r *Mathematical) Integer(n int) int {
|
// error returned by rand.Read or if bits < 2.
|
||||||
return rand.Intn(n) //nolint:gosec
|
func (r *Mathematical) Prime(bits int) (prime *big.Int, err error) {
|
||||||
|
return crand.Prime(r, bits)
|
||||||
}
|
}
|
|
@ -32,15 +32,19 @@ type Provider interface {
|
||||||
// StringCustom is an overload of GenerateCustom which takes a characters string and returns a string.
|
// StringCustom is an overload of GenerateCustom which takes a characters string and returns a string.
|
||||||
StringCustom(n int, characters string) (data string)
|
StringCustom(n int, characters string) (data string)
|
||||||
|
|
||||||
|
// Intn returns a random integer with a maximum of n.
|
||||||
|
Intn(n int) (value int)
|
||||||
|
|
||||||
|
// IntnErr returns a random int error combination with a maximum of n.
|
||||||
|
IntnErr(n int) (value int, err error)
|
||||||
|
|
||||||
// IntErr returns a random *big.Int error combination with a maximum of max.
|
// IntErr returns a random *big.Int error combination with a maximum of max.
|
||||||
IntErr(max *big.Int) (value *big.Int, err error)
|
IntErr(max *big.Int) (value *big.Int, err error)
|
||||||
|
|
||||||
// Int returns a random *big.Int with a maximum of max.
|
// Int returns a random *big.Int with a maximum of max.
|
||||||
Int(max *big.Int) (value *big.Int)
|
Int(max *big.Int) (value *big.Int)
|
||||||
|
|
||||||
// IntegerErr returns a random int error combination with a maximum of n.
|
// Prime returns a number of the given bit length that is prime with high probability. Prime will return error for any
|
||||||
IntegerErr(n int) (value int, err error)
|
// error returned by rand.Read or if bits < 2.
|
||||||
|
Prime(bits int) (prime *big.Int, err error)
|
||||||
// Integer returns a random integer with a maximum of n.
|
|
||||||
Integer(n int) (value int)
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -752,9 +752,9 @@ M.base64 = {}
|
||||||
--- URL safe base64 encoder
|
--- URL safe base64 encoder
|
||||||
--
|
--
|
||||||
-- Padding ('=') is omited, as permited per RFC
|
-- Padding ('=') is omited, as permited per RFC
|
||||||
-- https://tools.ietf.org/html/rfc4648
|
-- https://datatracker.ietf.org/doc/html/rfc4648
|
||||||
-- in order to follow JSON Web Signature RFC
|
-- in order to follow JSON Web Signature RFC
|
||||||
-- https://tools.ietf.org/html/rfc7515
|
-- https://datatracker.ietf.org/doc/html/rfc7515
|
||||||
--
|
--
|
||||||
-- @param s String (can be binary data) to encode
|
-- @param s String (can be binary data) to encode
|
||||||
-- @param enc Function which implements base64 encoder (e.g. HAProxy base64 fetch)
|
-- @param enc Function which implements base64 encoder (e.g. HAProxy base64 fetch)
|
||||||
|
|
|
@ -1617,7 +1617,7 @@ notify-keyspace-events ""
|
||||||
############################### GOPHER SERVER #################################
|
############################### GOPHER SERVER #################################
|
||||||
|
|
||||||
# Redis contains an implementation of the Gopher protocol, as specified in
|
# Redis contains an implementation of the Gopher protocol, as specified in
|
||||||
# the RFC 1436 (https://www.ietf.org/rfc/rfc1436.txt).
|
# the RFC 1436 (https://datatracker.ietf.org/doc/html/rfc1436).
|
||||||
#
|
#
|
||||||
# The Gopher protocol was very popular in the late '90s. It is an alternative
|
# The Gopher protocol was very popular in the late '90s. It is an alternative
|
||||||
# to the web, and the implementation both server and client side is so simple
|
# to the web, and the implementation both server and client side is so simple
|
||||||
|
|
|
@ -1617,7 +1617,7 @@ notify-keyspace-events ""
|
||||||
############################### GOPHER SERVER #################################
|
############################### GOPHER SERVER #################################
|
||||||
|
|
||||||
# Redis contains an implementation of the Gopher protocol, as specified in
|
# Redis contains an implementation of the Gopher protocol, as specified in
|
||||||
# the RFC 1436 (https://www.ietf.org/rfc/rfc1436.txt).
|
# the RFC 1436 (https://datatracker.ietf.org/doc/html/rfc1436).
|
||||||
#
|
#
|
||||||
# The Gopher protocol was very popular in the late '90s. It is an alternative
|
# The Gopher protocol was very popular in the late '90s. It is an alternative
|
||||||
# to the web, and the implementation both server and client side is so simple
|
# to the web, and the implementation both server and client side is so simple
|
||||||
|
|
Loading…
Reference in New Issue