Sha256: 42fc08689c30603ea6564c6579e6fbf08cbdaec0e141592971994ec452c87214
Contents?: true
Size: 1.69 KB
Versions: 9
Compression:
Stored size: 1.69 KB
Contents
## 1.2.0 (13/02/2023) ### Features #### Pushed Authorization Requests (PAR) RFC: https://datatracker.ietf.org/doc/html/rfc9126 `rodauth-oauth` supports Pushed Authorization Requests, via the `:oauth_pushed_authorization_request` feature. More info about the feature [in the wiki](https://gitlab.com/os85/rodauth-oauth/-/wikis/Pushed-Authorization-Requests). #### mTLS Client Auth (+ certificate-bound access tokens) RFC: https://www.rfc-editor.org/rfc/rfc8705 The `:oauth_tls_client_auth` feature adds support for the variants of mTLS Client Authentication "PKI Mutual-TLS Method" and 2Self-Signed Certificate Mutual-TLS Method". It also supports client certificate bound access tokens. More about it [in the wiki](https://gitlab.com/os85/rodauth-oauth/-/wikis/mTLS-Client-Authentication). #### Dynamic Client Registration management RFC: https://www.rfc-editor.org/rfc/rfc7592 Support for dynamci client registration management was added to the `:oauth_dynamic_client_registration` feature. More info about it [in the wiki](https://gitlab.com/os85/rodauth-oauth/-/wikis/Dynamic-Client-Registration#getputdelete-registerclient_id). ### Improvements * Support for 3rd-party initiated login was added, by including support for the `initiate_login_uri` attribute in the register route from the `:oauth_dynamic_client_registration` feature. * Support for multitenant resource ownership was added, here's a [description from the wiki](https://gitlab.com/os85/rodauth-oauth/-/wikis/How-to#scoping-grants-from-the-same-resource-owner). ### Bugfixes * oidc: userinfo claims were not including claims with value `false`, such as `"email_verified"`. This behaviour has been fixed, and only claims of value `null` are omitted.
Version data entries
9 entries across 9 versions & 1 rubygems