finos
diff --git a/‎.github/workflows/dependency-review.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/dependency-review.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎config.schema.json
Lines changed: 7 additions & 0 deletions b/‎config.schema.json
Lines changed: 7 additions & 0 deletions
diff --git a/‎package-lock.json
Lines changed: 175 additions & 16 deletions b/‎package-lock.json
Lines changed: 175 additions & 16 deletions
diff --git a/‎package.json
Lines changed: 3 additions & 1 deletion b/‎package.json
Lines changed: 3 additions & 1 deletion
diff --git a/‎proxy.config.json
Lines changed: 10 additions & 0 deletions b/‎proxy.config.json
Lines changed: 10 additions & 0 deletions
@@ -21,6 +21,6 @@ jobs:
         with:
           comment-summary-in-pr: always
           fail-on-severity: high
-          allow-licenses: MIT, MIT-0, Apache-2.0, BSD-3-Clause, BSD-3-Clause-Clear, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, Zlib
+          allow-licenses: MIT, MIT-0, Apache-2.0, BSD-3-Clause, BSD-3-Clause-Clear, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, OFL-1.1, Zlib
           fail-on-scopes: development, runtime
           allow-dependencies-licenses: 'pkg:npm/caniuse-lite'
@@ -103,6 +103,13 @@
         }
       }
     },
+    "apiAuthentication": {
+      "description": "List of authentication sources for API endpoints. May be empty, in which case all endpoints are public.",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/authentication"
+      }
+    },
     "tls": {
       "description": "TLS configuration for secure connections",
       "type": "object",
 
@@ -58,13 +58,15 @@
     "history": "5.3.0",
     "isomorphic-git": "^1.27.1",
     "jsonschema": "^1.4.1",
+    "jsonwebtoken": "^9.0.2",
+    "jwk-to-pem": "^2.0.7",
     "load-plugin": "^6.0.0",
     "lodash": "^4.17.21",
     "lusca": "^1.7.0",
     "moment": "^2.29.4",
     "mongodb": "^5.0.0",
     "nodemailer": "^6.6.1",
-    "openid-client": "^6.2.0",
+    "openid-client": "^6.3.1",
     "parse-diff": "^0.11.1",
     "passport": "^0.7.0",
     "passport-activedirectory": "^1.0.4",
 
@@ -146,6 +146,16 @@
   "contactEmail": "",
   "csrfProtection": true,
   "plugins": [],
+  "apiAuthentication": [
+    {
+      "type": "jwt",
+      "enabled": false,
+      "jwtConfig": {
+        "clientID": "",
+        "authorityURL": ""
+      }
+    }
+  ],
   "tls": {
     "enabled": false,
     "key": "certs/key.pem",
Original file line number	Diff line number	Diff line change
`@@ -103,6 +103,13 @@`
`103`	`103`	`}`
`104`	`104`	`}`
`105`	`105`	`},`
	`106`	`+ "apiAuthentication": {`
	`107`	`+ "description": "List of authentication sources for API endpoints. May be empty, in which case all endpoints are public.",`
	`108`	`+ "type": "array",`
	`109`	`+ "items": {`
	`110`	`+ "$ref": "#/definitions/authentication"`
	`111`	`+ }`
	`112`	`+ },`
`106`	`113`	`"tls": {`
`107`	`114`	`"description": "TLS configuration for secure connections",`
`108`	`115`	`"type": "object",`