Skip to content

release 2.3.3
Compare
Choose a tag to compare
@zandbelt zandbelt released this 16 Nov 14:58
· 939 commits to master since this release
v2.3.3
56955b5

Features

  • add support for passing claims resolved from the UserInfo endpoint as a JSON object or (when available) as a JWT with OIDCPassUserInfoAs; closes #311
  • add support for authentication to the introspection endpoint with a bearer token using OIDCOAuthIntrospectionClientAuthBearerToken; thanks @cristichiru (works in OAuth 2.0 mode only, does not mix with OIDC setups because of a bug in 2.3.3)

Bugfixes

  • avoid crash when no scheme is set on OIDCProviderMetadataURL; closes #303; thanks @iconoeugen
  • avoid crash when no OIDCOAuthClientID is set for remote access token validation
  • don't enforce iat checks on locally validated JWT access tokens (e.g. as issued by Keycloak)

Other

  • the Github repository is transferred to ZmartZone IAM
  • a number of compiler/static/runtime code analysis issues were addressed

Packaging

  • the libcjose 0.5.1 binaries that this module depends on are available from the release 2.3.0 "Assets" section
  • Ubuntu Xenial packages can also be used on Ubuntu Yakkety, Zesty and Artful; the Debian Wheezy package can be used on Ubuntu Precise

Contributors

iconoeugen and cristichiru
Assets 8