RubygemsResearch

Sha256: 28f78a9874b5ecda5e772571ede0f44c5fe77b7c352ee19fef1e8c1a71b278a6

Contents?: true

Size: 1.99 KB

Versions: 8

Compression:

Stored size: 1.99 KB

## 1.3.0 (02/04/2023)

## Features

### Self-Signed Issued Tokens

`rodauth-oauth` supports self-signed issued tokens, via the `oidc_self_issued` feature.

More info about the feature [in the docs](https://gitlab.com/os85/rodauth-oauth/-/wikis/Self-Issued-OpenID).

#### JARM

`rodauth-oauth` supports JWT-secured Authorization Response Mode, also known as JARM, via the `oauth_jwt_secured_authorization_response_mode`.

More info about the feature [in the docs](https://gitlab.com/os85/rodauth-oauth/-/wikis/JWT-Secured-Authorization-Response-Mode).

## Improvements

### `fill_with_account_claims` auth method

`fill_with_account_claims` is now exposed as an auth method. This allows one to override to be able to cover certain requirements, such as aggregated and distributed claims. Here's a [link to the docs](https://gitlab.com/os85/rodauth-oauth/-/wikis/Id-Token-Authentication#claim-types) explaining how to do it.

### oidc: only generate refresh token when `offline_access` scope is used.

When the `oidc` feature is used, refresh tokens won't be generated anymore by default; in order to do so, the `offline_access` needs to be requested for in the respective authorization request, [as the spec mandates](https://openid.net/specs/openid-connect-core-1_0.html#OfflineAccess).

### oidc: implicit grant loaded by default

The `oidc` feature now loads the `oauth_implicit_grant` feature by default. This hadn't been done before due to the wish to ship a secure integration by default, but since then, spec compliance became more prioritary, and this is a requirement.

## Bugfixes

* rails integration: activerecord migrations fixes:
* use `bigint` for foreign keys;
* index creation instruction with the wrong syntax;
* set precision 6 for default timestamps, to comply with AR defaults;
* add missing `code` column to the `oauth_pushed_requests` table;
* oidc: when using the `id_token` , or any composite response type including `id_token`, using any response mode other than `fragment` will result in an invalid request.

Version data entries

8 entries across 8 versions & 1 rubygems

Version	Path
rodauth-oauth-1.6.3	doc/release_notes/1_3_0.md
rodauth-oauth-1.6.2	doc/release_notes/1_3_0.md
rodauth-oauth-1.6.0	doc/release_notes/1_3_0.md
rodauth-oauth-1.5.0	doc/release_notes/1_3_0.md
rodauth-oauth-1.4.0	doc/release_notes/1_3_0.md
rodauth-oauth-1.3.2	doc/release_notes/1_3_0.md
rodauth-oauth-1.3.1	doc/release_notes/1_3_0.md
rodauth-oauth-1.3.0	doc/release_notes/1_3_0.md