Skip to content

v2.1.0

Latest
Latest
Compare
Choose a tag to compare
@edwardsph edwardsph released this 14 Mar 10:54
v2.1.0
259a567
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

New Feature

node and browser

  • OpenID Providers with multiple JWK in their JWKS are now supported. Thanks to
    @pavol-brunclik-compote for the original contribution.

node

  • Authorization code flow for statically registered clients is now supported. Statically registered
    clients previously defaulted to the Client Credentials flow, it is no longer an assumption.

Bugfix

browser

  • Fix non-DPoP bound tokens support in browser: a bug in the handling of non-DPoP-bound tokens was
    preventing the auth code grant to complete, with a 401 to the OpenId Provider Token Endpoint
    observed on redirect after the user authenticated. It is now possible to do
    session.login({/*...*/, tokenType: "Bearer"}) and get a successful result.

Contributors

pavol-brunclik-compote
Assets 2