Sha256: 09b57862f9aa11c886dfe901d6922f5b267a2401f7d821dc4c0282b43fa632f7
Contents?: true
Size: 1.75 KB
Versions: 12
Compression:
Stored size: 1.75 KB
Contents
### 0.8.0 (12/03/2022) #### Features * Device code grant `rodauth-oauth` now supports the [Device code grant RFC](https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/Device-Grant), via the `oauth_device_grant` feature. * OAuth Tokens Management An OAuth Tokens Management Dashboard is now provided (via `r.oauth_tokens` call to enable the routes). It allows the logged in account to list and revoke OAuth Tokens which have been issued for its resources. * Assertion Framework (+ SAML and JWT Bearer Grant) A new plugin, `oauth_assertion_base`, was introduced to provide a baseline for implementing custom Bearer Assertion as per the [OAuth Client Assertion Framework RFC](https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/Client-Assertion-Framework). This in turn was used to refactor and reintroduce the [oauth_saml_bearer_grant](https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/SAML-Bearer-Assertions) and the [oauth_jwt_bearer_grant](https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/JWT-Bearer-Assertions) features, which implement the respective and most recent version of the assertion RFCs. (as a result, `oauth_saml` was removed, which implemented a very old draft version of the SAML Bearer spec). #### Improvements The OAuth functionality was refactored from 1 big feature, into several features: * `oauth_base` * `oauth_authorization_code_grant` * `oauth_implicit_grant` * `oauth_device_grant` * `oauth_token_introspection` * `oauth_token_revocation` * `oauth_application_management` * `oauth_token_management` * `oauth_pkce` They're still loaded together via the `oauth` feature for backwards compatibility. This will change in a major version. #### Bugfixes * `oauth_jwt` integration with the `json-jwt` gem does proper claims validation now;
Version data entries
12 entries across 12 versions & 1 rubygems