You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fixed non-spec errors restricted_response_type and restricted_grant_type to be UnauthorizedClient (unauthorized_client) instead as specified in RFC6749
fixed missing WWW-Authenticate response header in Bearer auth scheme endpoints when 401 is returned (was missing from registration_endpoint, registration_client_uri)
fixed #session.save() when cookies.*.maxAge is set to 0 to not add the exp claim - #289
fixed the remember=false option to apply to client session state cookies too
