v3.0.0
3.0.0 (2023-10-13)
Bug Fixes
- modify ACRValues parameter type to space separated strings (#388) (e43ac6d)
- Only set GrantType once (#353) (#367) (312c2a0), closes #352
chore
-
replace gorilla/mux with go-chi/chi (#332) (57fb9f7), closes #301
-
Merge pull request #456 from zitadel/next-main (976b406), closes #456
Features
- add context to all client calls (#345) (6af94fd), closes #309
- add slog logging (#432) (0879c88)
- Allow modifying request to device authorization endpoint (#356) (c778e83), closes #354
- generic Userinfo and Introspect functions (#389) (d5a9bd6)
- merge the verifier types (#336) (33c716d)
- op: Server interface (#447) (0f8a058)
- rp: return oidc.Tokens on token refresh (#423) (6708ef4), closes #364
BREAKING CHANGES
-
- Just making sure v3 release is triggered.
- rp: - rename RefreshAccessToken to RefreshToken
- RefreshToken returns *oidc.Tokens instead of *oauth2.Token
This change allows the return of the id_token in an explicit manner,
as part of the oidc.Tokens struct.
The return type is now consistent with the CodeExchange function.
When an id_token is returned, it is verified.
In case no id_token was received,
RefreshTokens will not return an error.
As per specifictation:
https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse
Upon successful validation of the Refresh Token,
the response body is the Token Response of Section 3.1.3.3
except that it might not contain an id_token.
- rp.Userinfo and rs.Introspect now require
a type parameter. -
- The various verifier types are merged into a oidc.Verifir.
- oidc.Verfier became a struct with exported fields
- use type aliases for oidc.Verifier
this binds the correct contstructor to each verifier usecase.
-
fix: handle the zero cases for oidc.Time
-
add unit tests to oidc verifier
-
fix: correct returned field for JWTTokenRequest
JWTTokenRequest.GetIssuedAt() was returning the ExpiresAt field.
This change corrects that by returning IssuedAt instead.
- The returned router from
op.CreateRouter()is now achi.Router