rspace-online

Commit Graph

Author	SHA1	Message	Date
Jeff Emmett	8efe18280c	feat: consolidate domains, install deps, fix EncryptID types - TASK-24: Install h3-js, @xterm/xterm, @xterm/addon-fit - TASK-51.3: Remove app switcher external link arrows, update ridentity.online UI links to /rids paths - TASK-51.4: Prune allowedOrigins (~30 → 16), simplify JWT aud to 'rspace.online', remove standalone domains from webauthn, update EncryptID HTML template links. Keep ridentity.online as canonical EncryptID/OIDC domain. - Fix EncryptIDClaims type: add username, did fields; update aud type to string \| string[] — resolves pre-existing TS error - TASK-12: Update backlog status (80% code-complete, blocked on security audit) - Backlog task updates for TASK-25/37/40/44, new TASK-110 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-03-11 21:55:39 -07:00
Jeff Emmett	9f39e2393b	fix: change WebAuthn RP ID from jeffemmett.com to rspace.online The RP ID jeffemmett.com caused "relying party ID is not a registrable domain suffix" errors on .rspace.online subdomains. Related Origins also exceeded the 5 eTLD+1 browser limit with 18+ domains listed. Now rspace.online is the RP ID, so all .rspace.online subdomains (including cca.rspace.online) are valid automatically. The Related Origins file only lists non-rspace.online r* ecosystem domains. Also points rspace-header auth URL to auth.rspace.online. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-02-18 14:32:57 -07:00
Jeff Emmett	72192007e6	feat: Add EncryptID unified identity system Implements the EncryptID identity system for the r-ecosystem: - WebAuthn/Passkey authentication with PRF extension for key derivation - Client-side cryptographic key derivation (AES-256, ECDSA P-256, Ed25519) - Social recovery system with guardians (no seed phrases!) - Session management with authentication levels - Cross-app SSO via Related Origin Requests - Web components: login button and guardian setup panel - Hono server for authentication endpoints - Docker deployment configuration Domain: encryptid.jeffemmett.com RP ID: jeffemmett.com (for cross-subdomain passkey usage) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-05 16:48:19 +00:00

Author

SHA1

Message

Date

Jeff Emmett

8efe18280c

feat: consolidate domains, install deps, fix EncryptID types

- TASK-24: Install h3-js, @xterm/xterm, @xterm/addon-fit
- TASK-51.3: Remove app switcher external link arrows, update
  ridentity.online UI links to /rids paths
- TASK-51.4: Prune allowedOrigins (~30 → 16), simplify JWT aud
  to 'rspace.online', remove standalone domains from webauthn,
  update EncryptID HTML template links. Keep ridentity.online as
  canonical EncryptID/OIDC domain.
- Fix EncryptIDClaims type: add username, did fields; update aud
  type to string | string[] — resolves pre-existing TS error
- TASK-12: Update backlog status (80% code-complete, blocked on
  security audit)
- Backlog task updates for TASK-25/37/40/44, new TASK-110

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-03-11 21:55:39 -07:00

Jeff Emmett

9f39e2393b

fix: change WebAuthn RP ID from jeffemmett.com to rspace.online

The RP ID jeffemmett.com caused "relying party ID is not a registrable
domain suffix" errors on *.rspace.online subdomains. Related Origins
also exceeded the 5 eTLD+1 browser limit with 18+ domains listed.

Now rspace.online is the RP ID, so all *.rspace.online subdomains
(including cca.rspace.online) are valid automatically. The Related
Origins file only lists non-rspace.online r* ecosystem domains.

Also points rspace-header auth URL to auth.rspace.online.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

2026-02-18 14:32:57 -07:00

Jeff Emmett

72192007e6

feat: Add EncryptID unified identity system

Implements the EncryptID identity system for the r-ecosystem:

- WebAuthn/Passkey authentication with PRF extension for key derivation
- Client-side cryptographic key derivation (AES-256, ECDSA P-256, Ed25519)
- Social recovery system with guardians (no seed phrases!)
- Session management with authentication levels
- Cross-app SSO via Related Origin Requests
- Web components: login button and guardian setup panel
- Hono server for authentication endpoints
- Docker deployment configuration

Domain: encryptid.jeffemmett.com
RP ID: jeffemmett.com (for cross-subdomain passkey usage)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-05 16:48:19 +00:00

3 Commits