Environment

• Ruby 2.4.5
• Rails 4.2.11
• Devise 4.6.1

Current behavior

Devise is sending the "Email Changed" email when a user first signs up. This email is unnecessary because they haven't confirmed this email yet.

GIF showing both "confirmation" email AND "email changed" email.

![Double Email Gif](https://user-images.githubusercontent.com/6728265/54702757-c90f

The quick start guide for version 1.0.0 suggests in the AuthController to apply the 'auth:api' middleware in the constructor in this manner:

public function __construct(){
        $this->middleware('auth:api', ['except' => ['login']]);
}

that means this route: Route::post('refresh', 'AuthController@refresh'); and this method:

public function refresh(){
        return $this-

Hey there!

I'm having some troubles implementing an oauth provider using PKCE flow for oauth.

I'm at the point where I receive the authorization_code back from the authorization server and I can exchange it for an access_token & refresh_token. But to get this authentication code I needed to generate a code_challenge.

As I understand it the code challenge is generate by generating

Hello 🙂

I am currently following the tutorial Getting started with Guardian and within the section Create Implementation Module is a broke link to the implementation module docs.
The correct one would be `https://github.com/ueberauth/guardian/blob/master/guides/introduction/

In FAB Security Views we can see some logic related to whitelists.

What we do not see in the Superset or FAB documentation is any mention on how to set them up and what effect they have.

Documentation on this would be useful.

I am trying to setup Strapi with a new auth provider (Login.gov). They use grant for auth. The issue I am currently having is that Login.gov wants state and nonce to be at least 32 characters in length. I know this is probably an edge case but is there any reason this 10 couldn't be changed to 32?

https://github.com/simov/grant/blob/c8e

• Instead of holding implementations for each logging, tracing, metrics providers, establish interfaces.
• Be clear about it in docs
• Store implementations in... nested go modules? Separate project? To agree.

The features section in the docs states that nodemon is available in the project, when it's clearly not. It's not added as a dependency or as a command in the project. Maybe remove this from the docs or actually add nodemon?

Thanks for the new release. However I've noticed that all the changes to the documentation included in 0.5.0 aren't yet visible on the website. In particular I'm thinking about the custom test_client, which is documented here in the repo but not here on th

Hello,

I see in https://github.com/microsoft/Git-Credential-Manager-for-Windows/blob/master/Docs/Environment.md honor http_proxy and https_proxy (both upper and lower case it seems), but it completely ignores no_proxy while git honor it.

So git is properly handling requests, but GCM can leaks informations through the proxy while it shouldn't.

Could GCM handle this environment v

By swapping the position of the hardware and software tokens, the ordering of the columns would mirror the degree of security each option generally provides (left:right, least:most). It currently seems arbitrary. Am I missing something?

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

This should be explained simply in terms a beginner can understand. I think a pro's, con's list would be a good format. I'll attempt one below, but I admit I'm uncertain about the deciding factors.

#14, #5, and #95 focus on clarifying the performance differences (which IS included in README), but don't expand on how one decides which to use.

bcrypt.js PROS

• 0 dependencies: el

There are mass assignment examples on the code but this is not allowed for Rails 4.1, there should be an specification or a sample for both with mass assignment and without.

I'm trying to migrate from v1 to v2 of redux-auth-wrapper. I'm sticking with RR3 for the moment since I'm using SSR and it will be a larger undertaking to migrate everything to RR4 (though I do want to migrate eventually).

That being said, I'm running into some issues with getting everything working like it was under v1. To summarize, I'm not sure how to get a FailureComponent working under v

In UserModel::editUserName($new_user_name) you use preg_match to validate the pattern.
wouldn't it be better to use:

if(!RegistrationModel::validateUserName($new_user_name)) {
    return false;
}

instead of retypeing the regular expression

This can apply for email and password too

If using a custom authentication token model, the related_name cannot be auth_token or that will clash with the default token model related name and the django project will fail to start.

The RegisterView returns an authentication token using user.auth_token. Since the related name for a custom token model had to be changed, user.auth_token does not actually exist.

As a workaround a

Describe the feature

Ideally the documentation should mention all the datastore models required by the OpenID Connect flows. The current documentation has this section for OAuth2.0 (https://oauthlib.readthedocs.io/en/latest/oauth2/server.html#create-your-datastore-models) but it is missing for OIDC.

For Twig it is ok, tell me please what if site used with API?

Everything build with json and JsonResponses, urls for UI we dont have, and do not know what is going on on UI, it can be some Andriod app written with Java, or some JS framewrok, or else.

What configurations should be set?
Any examples?
Docs?

Because there is example only for Twig.
There are not much examples.
https://gi

• Xcode version: Version 11.3.1 (11C505)
• Firebase SDK version: 6.13.0
• Firebase Component: Auth
• Component version: 6.4.0

When unpacking the claims dictionary after calling getIDTokenResult(forcingRefresh:completion:) on an instance of FIRUser we are getting unexpected behavior for the key user_id. We are using user_id in our additional claims of our custom auth token.