key-cape/src/internal
Bernd Worsch a6af43b332 fix(authelia): use adapter's own client_id/redirect_uri in AuthorizeURL
The adapter was forwarding the downstream client's client_id and
redirect_uri to Authelia, which would always be rejected — Authelia
only recognises client_id=keycape and its registered callback URI.
Also removed downstream PKCE forwarding: KeyCape is a confidential
OIDC client to Authelia and authenticates via client_secret instead.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-25 03:15:36 +00:00
..
adapters fix(authelia): use adapter's own client_id/redirect_uri in AuthorizeURL 2026-03-25 03:15:36 +00:00
config feat: implement T22, T18, T23 — dev stack, profile tests, server binary 2026-03-13 02:18:36 +01:00
domain feat: implement T09, T15, T21 — userinfo endpoint, LLDAP export, negative tests 2026-03-13 02:08:03 +01:00
errors feat: implement T01-T04 — Go module, canonical model, LDAP validator, error taxonomy 2026-03-13 01:27:54 +01:00
migration feat: implement T16, T17 — Keycloak realm import transformer, LDIF generator 2026-03-13 02:13:04 +01:00
server feat: implement T09, T15, T21 — userinfo endpoint, LLDAP export, negative tests 2026-03-13 02:08:03 +01:00
validator feat: implement T01-T04 — Go module, canonical model, LDAP validator, error taxonomy 2026-03-13 01:27:54 +01:00