Aydin Mercan
e0173496c6
I think that API key generation and revocation should be done by calling the binary. Also, nuking all keys should be accessible. Public identity regeneration can use `init` again for now. I am thinking about seperating between confidential and public clients in the structure that keeps track of them. The map keeping track of the confidential should use the client base url as well. Expecting to overhaul how its done after checking RFC 8725 and other JOSE damage reduction strategies more throughly. (ugh) |
||
---|---|---|
.. | ||
controller | ||
engine | ||
database.rs | ||
main.rs | ||
server.rs |