LittleSheep
74a9ca98ad
- Added GenerateCodeVerifier() and GenerateCodeChallenge() methods to base OidcService - Implemented PKCE (Proof Key for Code Exchange) for Google OAuth flow: * Generate cryptographically secure code verifier (256-bit random) * Create SHA-256 code challenge for authorization request * Cache code verifier with 15-minute expiration for token exchange * Validate and remove code verifier during callback to prevent replay attacks - Enhances security by protecting against authorization code interception attacks - Uses S256 (SHA-256) code challenge method as per RFC 7636
The Dyson Network
The Dyson Network is the backend of the Solar Network. We’ve open-sourced it here to ensure full transparency and accessibility for everyone.
However, it is not designed for self-hosted due to several limitations:
- Embedded Branding: Variables, classes, and function names are explicitly tied to the Solar Network. You likely wouldn’t want Solar Network branding appearing on your own instance.
- Hardcoded URLs: Certain services rely on Solsynth LLC’s infrastructure, with URLs hardcoded directly into the code. This means your instance must remain connected to our services and the internet.
- No documentation: We do not provide documentation for self-hosting or local deployment.
- No support: We offer no support for self-hosted deployments.
That said, self-hosting remains technically possible if you choose to proceed.
Please note that according to the APGL v3 license, if you host a modified version of the software, you must open-source it under the same license.
Documentation
While we don’t support self-hosting, we encourage developers to build applications on this foundation.
Check out the OpenAPI Documentation at /swagger path on any instance.
Or visit our official instance: Solar Network.
License
The source code is under the APGL v3 license.