This repository was archived by the owner on Oct 20, 2024. It is now read-only.
Release 2.3.0
·
1396 commits
to master
since this release
e5188b3
This commit was signed with the committer’s verified signature.
babelouest
Nicolas Mora
The "Saint-Jean-Baptiste Release"
- Replace libjwt with Rhonabwy
- Allow messages encryption (incoming and outcoming)
- Allow OIDC plugin to use multiple signing or encryption keys via a JWKS
- Add support for CRYPT hash in ldap modules, closes #114
- Add Session Management for OIDC plugin
- Update access token claims to fit JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens - draft 05
- Add JWT Response for OAuth Token Introspection
- Adapt client registration
redirect_uricheck to make Glewlwyd OIDC plugin conform to OAuth 2.0 for Native Apps specification - Add OAuth 2.0 Device Grant
- Add
id_tokenin response typepasswordwhen the scopeopenidis added - Disable response type
passwordby default for OIDC plugin config - Scope
openidis assumed to be always granted to clients for OIDC plugin - Add
one-time-userefresh token option - Add OAuth 2.0 Dynamic Client Registration Management Protocol for OIDC plugin
- Breaking change since 2.2: Client Registration input parameters are now conform to OAuth 2.0 Dynamic Client Registration Protocol
- Add OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens
- Allow multi-languages e-mails in e-mail scheme and registration plugin
- Multiple bugfixes in UI and API