Jason Nutter
@jasonnutter.com
Freelance web developer in Seattle.
Previously: Identity @ $MSFT, frontend @ $PRCH.
nuttech.com
photos.jasonnutter.com
Previously: Identity @ $MSFT, frontend @ $PRCH.
nuttech.com
photos.jasonnutter.com
That doesn't look like a flag to me
December 11, 2024 at 4:46 AM
That doesn't look like a flag to me
Mobile apps should be public clients, not confidential clients, as they cannot keep secrets.
December 5, 2024 at 1:30 AM
Mobile apps should be public clients, not confidential clients, as they cannot keep secrets.
If you use PowerToys FancyZones (which you should), you can enable a setting disable rounded corners for a window when it is "snapped."
November 15, 2024 at 9:51 PM
If you use PowerToys FancyZones (which you should), you can enable a setting disable rounded corners for a window when it is "snapped."
I would also look at DPoP, a new standard for detecting replay attacks in OAuth2: datatracker.ietf.org/doc/html/rfc...
RFC 9449: OAuth 2.0 Demonstrating Proof of Possession (DPoP)
This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks wit...
datatracker.ietf.org
November 15, 2024 at 1:32 AM
I would also look at DPoP, a new standard for detecting replay attacks in OAuth2: datatracker.ietf.org/doc/html/rfc...
AAD returns a new RT each time an RT is used to get a new AT (and the client SDK removes the previous RT from the cache, which will also naturally expire). If there is a race condition where the user has multiple tabs open, you are simply replacing one new RT with a slightly newer RT.
November 15, 2024 at 1:22 AM
AAD returns a new RT each time an RT is used to get a new AT (and the client SDK removes the previous RT from the cache, which will also naturally expire). If there is a race condition where the user has multiple tabs open, you are simply replacing one new RT with a slightly newer RT.