Skip to content

release 1.7.3
Compare
Choose a tag to compare
@zandbelt zandbelt released this 05 Feb 18:42
· 1437 commits to master since this release
v1.7.3
099433a

Bug fixes

  • fix symmetric key decryption of JWTs encrypted with A128CBC-HS256 and A256CBC-HS512
  • fix memory leak in RSA key conversion
  • Allow {... "error": null ...} in JSON responses (@fatlotus)
  • get rid of extraneous ; in Set-Cookie headers
  • fix configuration validation check where no config would be checked if OIDCProviderIssuer is set
    but both OIDRedirectURI and OIDCCryptoPassphrase are not set

Features

  • update to draft-bradley-oauth-jwt-encoded-state-03: change target_uri parameter name to target_link_uri

Other

  • add preliminary support for local JWT access token validation (contact the author for docs)
  • JWT code refactoring & extended test coverage
Assets 10