Skip to content

Releases: panva/node-oidc-provider

v9.4.2

23 Aug 08:06
@github-actions github-actions
v9.4.2
653e42b
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.4.2 Latest
Latest

Fixes

  • check for native logout redirect allowed same way as during auth (419f286), closes #1351
Assets 2
Loading
0 Join discussion

v9.4.1

11 Aug 07:20
@github-actions github-actions
v9.4.1
362a724
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.4.1

Documentation

  • add an getAttestationSignaturePublicKey example (3a7730c)

Refactor

  • avoid code generation from strings by pre-compiling eta views (f997073)
  • drop the default implementation of pairwiseIdentifier (6a2338a)
  • remove oidc-token-hash dependency (b607491)
Loading
0 Join discussion

v9.4.0

17 Jul 20:37
@github-actions github-actions
v9.4.0
e310d4a
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.4.0

Features

  • Experimental support for Attestation-Based Client Authentication (d655ebd)

Refactor

  • consistently lowercase header names and use req/res aliases (1748a54)
  • cors: update default client-based cors helper (77e06eb)
  • reconcile dpop and attestation challenge implementations (e31f639)

Documentation

  • updated documentation for configuration options (5710d61)
Loading
0 Join discussion

v9.3.0

16 Jul 10:53
@github-actions github-actions
v9.3.0
8ec58b2
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.3.0

Features

  • revocation: add an allowed token revocation policy helper (a7e47e4)

Documentation

Fixes

  • introspection: use unsupported_token_type to indicate structured jwt tokens cannot be introspected (c9001be)
  • revocation: use unsupported_token_type to indicate structured jwt tokens cannot be revoked (b45b00c)

Refactor

  • pull structured token rejection to a shared middleware (30367af)
Loading
0 Join discussion

v9.2.0

24 Jun 09:09
@github-actions github-actions
v9.2.0
5f94ca7
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.2.0

Features

  • expose RFC8414 Authorization Server Metadata route (c5bd90f)
Loading
0 Join discussion

v9.1.3

02 Jun 08:27
@github-actions github-actions
v9.1.3
3189449
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.1.3

Fixes

  • ensure an account's accountId and claims().sub is the same (9b89153), closes #1336
Loading
0 Join discussion

v9.1.2

28 May 15:03
@github-actions github-actions
v9.1.2
661734b
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.1.2

Fixes

  • ignore allowOmittingSingleRegisteredRedirectUri when FAPI 2.0 is used (e2de529)
Loading
0 Join discussion

v9.1.1

28 Apr 06:37
@github-actions github-actions
v9.1.1
2f2f7a1
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.1.1

Refactor

  • oidc-provider now uses koa@3 (3a83d32)
Loading
0 Join discussion

v9.1.0

26 Apr 08:59
@github-actions github-actions
v9.1.0
edbc431
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.1.0

Features

  • experimental support for OIDC RP Metadata Choices (f3550da)

Fixes

  • only include DPoP-Nonce in Access-Control-Expose-Headers when DPoP is enabled (e769aa8)

Refactor

  • avoid assignment operators in conditional expressions (b7ed877)
  • improve static find performance (106f94a)
  • update some default helpers for readability (0818c36)

Documentation

  • more clarity for features.dPoP.allowReplay (779a141)
Loading
0 Join discussion

v9.0.1

17 Apr 08:31
@github-actions github-actions
v9.0.1
f3e302d
This commit was signed with the committer’s verified signature.
panva Filip Skokan
SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v9.0.1

Documentation

  • mark experimental features more distinctly (986adc5)
  • update references and styling of spec links (a4787b8)

Fixes

  • DCR endpoints only include www-authenticate for non-registration related errors (9a864d6)

Refactor

  • client schema defaults and static props (843943d)
  • handle frame-ancestors in wmrm without a regexp (4f85585)
  • push multiple elements to the recognized array in client_schema (d478a8b)
  • simpler DCR validate registration access token (5f01eda)
Loading
0 Join discussion