Skip to content

Releases: rarebit-one/standard_id-provider

v0.3.0

Choose a tag to compare

@github-actions github-actions released this 12 Jul 13:32
d46eb80

Added

  • Per-IP rate limiting on the token introspection (RFC 7662) and revocation
    (RFC 7009) endpoints.
    Both are credential-guessable; the throttle runs
    before client authentication (30/15min by IP, override with
    RATE_LIMIT_INTROSPECT_PER_IP / RATE_LIMIT_REVOKE_PER_IP). Reuses the
    standard_id engine's rate-limit store and JSON 429 handler.

v0.2.0

Choose a tag to compare

@github-actions github-actions released this 29 Apr 03:47
34e2c78

Added

  • .editorconfig for consistent indentation and whitespace across editors.
  • AGENTS.md describing the OIDC engine surface (ConsentGrant + RevokedToken models, ID token service, extension flows) for AI coding agents and new contributors.
  • lefthook.yml plus .lefthook/ scripts for pre-push checks (whitespace, signed commits, RuboCop, Brakeman, RSpec) and post-checkout/rewrite/merge bundle install sync. Install via brew install lefthook && lefthook install; skip with LEFTHOOK=0.
  • SimpleCov branch coverage reporting wired into spec/spec_helper.rb. Reports are emitted to coverage/ (gitignored). No minimum threshold is enforced — this enables visibility today, with a threshold to follow once the spec suite is reconciled with upstream standard_id.
  • Brakeman static analysis and bundler-audit dependency scanning now run on every CI build, surfacing security issues before they reach a release.

Changed

  • CI workflow migrated to the shared rarebit-one/.github reusable workflow (reusable-gem-ci.yml@v1); .github/workflows/ci.yml is now a thin shim. The lint job runs RuboCop plus Brakeman and bundler-audit security scans via extra-lint-commands. The test matrix is intentionally empty (ruby-versions: '[]') — the dummy app still references the legacy StandardConfig constant that was removed upstream, so RSpec cannot boot. Re-enabling the matrix is tracked as follow-up work. The previous bespoke RuboCop result cache is dropped because hashFiles cannot be evaluated when resolving reusable-workflow inputs; lint runs on this gem are short enough that the cache is not worth the extra plumbing.
  • Release workflow migrated to the shared rarebit-one/.github reusable workflow (reusable-gem-release.yml@v1); .github/workflows/release.yml is now a thin shim.

Removed

  • BREAKING: Dropped support for Ruby < 4.0. The gem now requires Ruby 4.0+, matching the upstream standard_id gem (standard_id#195).

v0.1.0

Choose a tag to compare

@github-actions github-actions released this 21 Apr 11:57
3253889

Added

  • Initial release of OpenID Connect Identity Provider addon for StandardId
  • ID token issuance, consent management, token introspection, and token revocation
  • OIDC discovery endpoint