Skip to content

v2.3.1

Choose a tag to compare

@levahim levahim released this 01 Aug 13:54

This release includes the following changes:

  • The authentication object stored in the HTTP session under org.bsworks.oidc.authorization is now serializable.
  • RSA keys in JWK sets without "use" attribute can now be used for JWT signature verifications (just as if the "use" attribute is "sig").
  • RSA keys in JWK sets without "kid" attribute can now be used as default keys when the JWT header does not include the "kid".