Loading workspace insights... Statistics interval
7 days30 daysLatest CI Pipeline Executions
8289a9db feat(devtools): add agnostic OIDC network intelligence layer
Decouple the extension from SDK-specific bridges into a network-first
OIDC/OAuth2 debugger that works standalone with any OIDC provider.
Network intelligence:
- Well-known discovery (parses .well-known/openid-configuration)
- OIDC semantic annotation (authorize, token, userinfo, etc.)
- DPoP proof detection (RFC 9449)
- PAR flow detection (RFC 9126)
- OIDC flow tracker (cross-event correlation)
- Shared JWT utils extracted from diagnosis engine
Diagnosis engine:
- 15 new rules across oidc-flow, dpop, and par categories
- Flow-level PKCE check (warns once per flow, not per event)
- Static asset filter prevents false positives on JS module loads
- URL patterns anchored to avoid matching filenames
Learn tab:
- Flow-aware layout detection (DaVinci, Journey, OIDC Code/DPoP/PAR)
- Journey-specific cards (Client -> AM Server -> Callbacks -> Result)
- OIDC cards populated from phase-specific network events
- Rail deduplicates network OIDC events by phase
Panel fixes:
- JWT decoding moved to pure Elm (base64url decoder + JSON parser)
- Response bodies captured via entry.getContent() (was missing)
- /access_token endpoint pattern added for PingAM
- Inspector OIDC tab shows phase, PKCE, DPoP, tokens, errors
- Timeline shows OIDC phase badges on network rows
- Toolbar shows connection status (SDK connected / OIDC detected)
Infra:
- Fix typedoc failing on devtools-extension (no public API entry points)
- OidcSemanticsSchema added to devtools-types
- ExtendedFlowState with oidcConfig and lastOidcEventId