Releases: erlef/oidcc
Releases · erlef/oidcc
v3.2.6
What's Changed
- Check if PKCE is supported when exchanging token by @maennchen in #399
Full Changelog: v3.2.5...v3.2.6
v3.2.5
What's Changed
- Update Security Policy by @maennchen in #380
- Implement Scorecard by @maennchen in #384
- fix: correct types in client_context.ex by @dustinfarris in #388
- Fix Config Worker Types by @maennchen in #395
New Contributors
- @dustinfarris made their first contribution in #388
Full Changelog: v3.2.4...v3.2.5
v3.2.4
What's Changed
- Fix Authorization Request Params by @maennchen in #378
Full Changelog: v3.2.3...v3.2.4
v3.2.3
What's Changed
- Fix JWT Authorization Query Parameters by @paulswartz in #375
Full Changelog: v3.2.2...v3.2.3
v3.2.2
What's Changed
- Update Erlang / Elixir for Dev / CI by @maennchen in #372
- Switch to attribute based documentation by @maennchen in #373
- token introspect remove client id constraint by @danj3 in #363
New Contributors
Full Changelog: v3.2.1...v3.2.2
v3.2.1
What's Changed
- Support
application/jwk-set+json
content-type by @caioaao in #352 - Specify that
max_clock_skew
is in seconds by @caioaao in #353 - Update to OTP 27 by @maennchen in #348
- Allow Clock Skew for Zitadel CT tests by @maennchen in #355
- Only export coverage for up to date OTP by @maennchen in #356
- fix: url_extension params also go in the request object by @paulswartz in #354
- Remove duplicate return type in create_redirect_url spec by @Nezteb in #358
- Prevent jwks_expired flood in worker by @maennchen in #361
- Cache Header max-age=0 fix by @maennchen in #371
- Prevent jwks_expired flood in worker 2nd try by @maennchen in #365
New Contributors
Full Changelog: v3.2.0...v3.2.1
v3.2.0
What's Changed
- two bugs with
request
param by @paulswartz in #299 - introspection improvements by @paulswartz in #300
- two fixes with client JWK signing by @paulswartz in #302
- Allow to pass url_extension for token retrieval by @maennchen in #303
- Introduce Quirks option to allow unsupported grant types by @maennchen in #304
- Allow to pass body_extension for token retrieval by @maennchen in #305
- feat:
document_overrides
quirk to patch invalid OIDD files by @paulswartz in #307 - Properly Validate & Cast Token Responses (#306) by @maennchen in #308
- Upgrade @actions/artifact actions by @maennchen in #311
- feat: include config params for PAR, JARM, and DPoP by @paulswartz in #312
- feat: Pushed Authorization Request (PAR) by @paulswartz in #313
- fix(PAR): ensure we don't send duplicate parameters by @paulswartz in #314
- feat: Demonstrating Proof of Posession (DPoP) by @paulswartz in #315
- FAPI2 profile support by @paulswartz in #317
- Update Test Elixir / OTP Versions by @maennchen in #323
- feat: JARM by @paulswartz in #321
- feat: support encrypted ID tokens and Userinfo responses by @paulswartz in #326
- fix(jarm): check encryption/signature before validating claims by @paulswartz in #329
tls_client_auth
by @paulswartz in #328- Fix typos by @kianmeng in #331
- fix: small fixes for DPoP by @paulswartz in #332
- feat: small features to support ConnectID.com.au profile by @paulswartz in #333
- Bump actions/cache from 3 to 4 by @dependabot in #335
- feat: function to locally validate a JWT by @paulswartz in #330
- feat: profile for mTLS sender-constrained tokens by @paulswartz in #336
- Implement backoff algorithm for configuration worker by @maennchen in #337
- Always refresh keys on empty JWK by @maennchen in #339
- Update README.md to include the SAFE audit by @mohamedalikhechine in #340
- Fix
-define
typo in oidcc.hrl by @matlaj in #344 - Document PAR Telemetry Events by @maennchen in #345
- Fix DPoP with JWK Set by @maennchen in #346
Security
- Patch of GHSA-mj35-2rgf-cv8p Atom Exhaustion DoS Vulnerability
New Contributors
- @kianmeng made their first contribution in #331
- @mohamedalikhechine made their first contribution in #340
- @matlaj made their first contribution in #344
Full Changelog: v3.1.2...v3.2.0
v3.2.0-beta.3
What's Changed
- two bugs with
request
param by @paulswartz in #299 - introspection improvements by @paulswartz in #300
- two fixes with client JWK signing by @paulswartz in #302
- Allow to pass url_extension for token retrieval by @maennchen in #303
- Introduce Quirks option to allow unsupported grant types by @maennchen in #304
- Allow to pass body_extension for token retrieval by @maennchen in #305
- feat:
document_overrides
quirk to patch invalid OIDD files by @paulswartz in #307 - Properly Validate & Cast Token Responses (#306) by @maennchen in #308
- Upgrade @actions/artifact actions by @maennchen in #311
- feat: include config params for PAR, JARM, and DPoP by @paulswartz in #312
- feat: Pushed Authorization Request (PAR) by @paulswartz in #313
- fix(PAR): ensure we don't send duplicate parameters by @paulswartz in #314
- feat: Demonstrating Proof of Posession (DPoP) by @paulswartz in #315
- FAPI2 profile support by @paulswartz in #317
- Update Test Elixir / OTP Versions by @maennchen in #323
- feat: JARM by @paulswartz in #321
- feat: support encrypted ID tokens and Userinfo responses by @paulswartz in #326
- fix(jarm): check encryption/signature before validating claims by @paulswartz in #329
tls_client_auth
by @paulswartz in #328- Fix typos by @kianmeng in #331
- fix: small fixes for DPoP by @paulswartz in #332
- feat: small features to support ConnectID.com.au profile by @paulswartz in #333
- Bump actions/cache from 3 to 4 by @dependabot in #335
- feat: function to locally validate a JWT by @paulswartz in #330
- feat: profile for mTLS sender-constrained tokens by @paulswartz in #336
- Implement backoff algorithm for configuration worker by @maennchen in #337
- Always refresh keys on empty JWK by @maennchen in #339
Security
- Patch of GHSA-mj35-2rgf-cv8p Atom Exhaustion DoS Vulnerability
New Contributors
Full Changelog: v3.1.2...v3.2.0-beta.3
v3.1.2
Patch of GHSA-mj35-2rgf-cv8p Atom Exhaustion DoS Vulnerability
Full Changelog: v3.1.1...v3.1.2
v3.0.2
Patch of GHSA-mj35-2rgf-cv8p Atom Exhaustion DoS Vulnerability
Full Changelog: v3.0.1...v3.0.2