### 1.3.1 (27/06/2023)

#### Bugfixes

* Set 401 error response when `client_id` parameter is invalid, or from an unexisting client application, instead of failing with a 500 (@igor-alexandrov).
* update rails authorize form to use roda request params instead, as plain params was breaking JAR and PAR-based authorize forms in rails applications.

#### Chore

* set `:padding` to `false` in `Base64.urlsafe_encode64` calls (@felipe.zavan)