Sha256: bb6c55e1449d9fc4861e4d0ae9d6e4b4827c185d387c4d028f7bbb33c2a3f820
Contents?: true
Size: 1.71 KB
Versions: 11
Compression:
Stored size: 1.71 KB
Contents
### 0.8.0 (12/03/2022) #### Features * Device code grant `rodauth-oauth` now supports the [Device code grant RFC](https://gitlab.com/os85/rodauth-oauth/-/wikis/Device-Grant), via the `oauth_device_grant` feature. * OAuth Tokens Management An OAuth Tokens Management Dashboard is now provided (via `r.oauth_tokens` call to enable the routes). It allows the logged in account to list and revoke OAuth Tokens which have been issued for its resources. * Assertion Framework (+ SAML and JWT Bearer Grant) A new plugin, `oauth_assertion_base`, was introduced to provide a baseline for implementing custom Bearer Assertion as per the [OAuth Client Assertion Framework RFC](https://gitlab.com/os85/rodauth-oauth/-/wikis/Client-Assertion-Framework). This in turn was used to refactor and reintroduce the [oauth_saml_bearer_grant](https://gitlab.com/os85/rodauth-oauth/-/wikis/SAML-Bearer-Assertions) and the [oauth_jwt_bearer_grant](https://gitlab.com/os85/rodauth-oauth/-/wikis/JWT-Bearer-Assertions) features, which implement the respective and most recent version of the assertion RFCs. (as a result, `oauth_saml` was removed, which implemented a very old draft version of the SAML Bearer spec). #### Improvements The OAuth functionality was refactored from 1 big feature, into several features: * `oauth_base` * `oauth_authorization_code_grant` * `oauth_implicit_grant` * `oauth_device_grant` * `oauth_token_introspection` * `oauth_token_revocation` * `oauth_application_management` * `oauth_token_management` * `oauth_pkce` They're still loaded together via the `oauth` feature for backwards compatibility. This will change in a major version. #### Bugfixes * `oauth_jwt` integration with the `json-jwt` gem does proper claims validation now;
Version data entries
11 entries across 11 versions & 1 rubygems