CERBERUS/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-05-13 16:07:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
LibreChat/api/server/controllers
History
Exact
Artyom Bogachenko 5683706af5
🔐 feat: OIDC Bearer Token Authentication for Remote Agent API (#12450) 
* Remote Agent Auth middleware

* consider migration and update user

* fix eslint errors

* add scope validation

* fix codex review errors

* add filter for use: sig

* add jwks-rsa deps

* Fix remote agent OIDC auth review findings

* Polish remote agent OIDC timeout coverage

* Reject remote OIDC tokens without subject

* Use tenant context for remote agent auth config

* Harden remote agent OIDC scope handling

* Polish remote agent OIDC cache and scope tests

* Resolve remote agent auth review comments

* Reuse OpenID email claim resolver for remote auth

* Skip empty OpenID email fallback claims

* Use pre-auth tenant context for remote auth config

* Downgrade expected OIDC fallback logging

* Require secure remote OIDC endpoints

* Polish remote agent auth edge cases

* Enforce unique balance records

* Bind remote OpenID users to issuer

* Fix issuer-scoped OpenID indexes

* Avoid unique balance index requirement

* Fix remote OpenID issuer normalization boundaries

* Require issuer-bound OpenID lookups

* Enforce tenant API key policy after auth

* Fix remote auth tenant policy types

* Normalize remote OIDC discovery issuer

* Allow normalized remote OIDC issuer validation

* Enforce resolved tenant OIDC policy

* Polish OpenID issuer and scope validation

---------

Co-authored-by: Danny Avila <danny@librechat.ai>
2026-05-04 17:06:35 -04:00
..
__tests__ 🪟 feat: Add allowedAddresses Exemption List For SSRF-Guarded Targets (#12933) 2026-05-03 21:43:59 -04:00
agents 🧬 chore: Align LibreChat With Agents LangChain Upgrade (#12922) 2026-05-03 12:46:01 -04:00
assistants 💰 fix: Lazy-Initialize Balance Record at Check Time for Overrides (#12474) 2026-03-30 22:51:07 -04:00
auth 🛡️ fix: Add Origin Binding to Admin OAuth Exchange Codes (#12469) 2026-03-30 16:54:00 -04:00
AuthController.js 🔐 feat: OIDC Bearer Token Authentication for Remote Agent API (#12450) 2026-05-04 17:06:35 -04:00
AuthController.spec.js 🔐 feat: OIDC Bearer Token Authentication for Remote Agent API (#12450) 2026-05-04 17:06:35 -04:00
Balance.js 📦 refactor: Consolidate DB models, encapsulating Mongoose usage in data-schemas (#11830) 2026-03-21 14:28:53 -04:00
EndpointController.js
FavoritesController.js 📌 feat: Add Pin Support for Model Specs (#11219) 2026-04-09 18:37:25 -04:00
FavoritesController.spec.js 📌 feat: Add Pin Support for Model Specs (#11219) 2026-04-09 18:37:25 -04:00
mcp.js 🛡️ fix: Handle MCP Tool Cache Lookup Failures (#12910) 2026-05-02 09:21:28 +09:00
ModelController.js 🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466) 2026-03-30 16:49:48 -04:00
PermissionsController.js 🧹 chore: Move direct model usage from PermissionsController to data-schemas 2026-03-21 15:20:15 -04:00
PluginController.js 🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466) 2026-03-30 16:49:48 -04:00
PluginController.spec.js 🏗️ refactor: Remove Redundant Caching, Migrate Config Services to TypeScript (#12466) 2026-03-30 16:49:48 -04:00
SkillStatesController.js 🎚️ feat: Per-User Skill Active/Inactive Toggle with Ownership-Aware Defaults (#12692) 2026-04-25 04:02:00 -04:00
tools.js 🛂 fix: Skip Inherited / Mark Skill Files Read-Only in Code-Env Pipeline (#12866) 2026-04-29 08:26:25 +09:00
TwoFactorController.js 🔑 fix: Require OTP Verification for 2FA Re-Enrollment and Backup Code Regeneration (#12223) 2026-03-14 01:51:31 -04:00
UserController.js 🪟 feat: Add allowedAddresses Exemption List For SSRF-Guarded Targets (#12933) 2026-05-03 21:43:59 -04:00
UserController.spec.js 🧬 feat: Scaffold Skills CRUD with ACL Sharing and File Schema (#12613) 2026-04-25 04:01:59 -04:00