Skip to content

Releases: panva/node-oidc-provider

v6.4.2

18 Aug 11:05
@panva panva
v6.4.2
a48b2cd
Compare
Choose a tag to compare
v6.4.2

Bug Fixes

  • make structured token's end-user "sub" pairwise if configured (24a08c2)
  • use correct postLogoutRedirectUri for resume's logout when mounted (a72b27d)
Assets 2
Loading

v6.4.1

13 Aug 07:12
@panva panva
v6.4.1
43f7d38
Compare
Choose a tag to compare
v6.4.1

Bug Fixes

  • bring paseto token claims inline with jwt-ietf (265e400)
Assets 2
Loading

v6.4.0

07 Aug 14:52
@panva panva
v6.4.0
42b8b12
Compare
Choose a tag to compare
v6.4.0

Bug Fixes

  • paseto formatted access token audience is a single string (1fd45f5)
  • properly check if resourceIndicators is enabled (bbcdca2)

Features

  • added a helper for validating provided resource indicator values (a97ffdc), closes #487
  • allow audiences helper to return a single string audience (4c7a3a8)
  • draft implementation of IETF JWT Access Token profile (e690462)
Assets 2
Loading

v6.3.0

04 Aug 09:54
@panva panva
v6.3.0
7b010f4
Compare
Choose a tag to compare
v6.3.0

Features

  • new option for resolving JWT Access Token signing algorithm (28e85ef)
Assets 2
Loading

v6.2.2

02 Aug 10:28
@panva panva
v6.2.2
e933704
Compare
Choose a tag to compare
v6.2.2

Bug Fixes

  • do not assign the defaulted to response_mode to params (18867ad)
  • dynamic format gets a ctx as a first argument as documented (f62eb4b)
Assets 2
Loading

v6.2.1

25 Jul 11:12
@panva panva
v6.2.1
5ff5660
Compare
Choose a tag to compare
v6.2.1

Bug Fixes

  • revert missing mTLS cert errors to invalid_grant (afac459)

Chores

  • bump dependencies and compatible draft versions
Assets 2
Loading

v6.2.0

21 Jul 12:24
@panva panva
v6.2.0
4e28623
Compare
Choose a tag to compare
v6.2.0

Features

  • mTLS stable release candidate (a999452)

Notes

Mutual TLS related draft features and configuration was refactored to enable mTLS with various other deployment setups.

  1. the SAN based tls_client_auth_* client properties are now supported
  2. features.certificateBoundAccessTokens is now enabled via features.mTLS
  3. self_signed_tls_client_auth is now enabled via features.mTLS but still whitelisted via *EndpointAuthMethods
  4. tls_client_auth is now enabled via features.mTLS but still whitelisted via *EndpointAuthMethods
  5. three helper methods now must be configured in the features.mTLS namespace - getCertificate to get the PEM certificate value, certificateAuthorized to determine if the client certificate is verified and comes from a trusted CA and certificateSubjectMatches for matching a registered client value with whats in the certificate.
Assets 2
Loading

v6.1.2

12 Jul 12:02
@panva panva
v6.1.2
b2c6895
Compare
Choose a tag to compare
v6.1.2

Bug Fixes

  • acknowledging tls client auth draft fixed (02df82a)
Assets 2
Loading

v6.1.1

12 Jul 11:40
@panva panva
v6.1.1
161a52a
Compare
Choose a tag to compare
v6.1.1

Bug Fixes

  • bump acknowledgable draft versions that don't need code changes (55b4770)
  • lodash dependency updated
Assets 2
Loading

v6.1.0

10 Jul 07:26
@panva panva
v6.1.0
2905e78
Compare
Choose a tag to compare
v6.1.0

Bug Fixes

  • authorization header scheme is checked case-insensitive (773ec52)
  • block static client registration read action (edgiest of cases) (18db430)
  • update dependencies, plug reported lodash vulnerability (a2cdfd0)

Features

  • add experimental support for DPoP (61edb8c)
Assets 2
Loading