Sha256: eea8735bb2dd87b5bc0b1c628ab0bb93455d6588988c34aa6cbf97dea61aee83
Contents?: true
Size: 801 Bytes
Versions: 2
Compression:
Stored size: 801 Bytes
Contents
### 0.9.2 (30/05/2022)
#### Bugfixes
* `oauth_jwt`: new access tokens generated via the `"refresh_token"` grant type are now JWT (it was falling back to non JWT behaviour);
* `oidc`: a new `id_token` is now generated via the `"refresh_token"` grant type with "rotation" policy (it was being omitted from the response);
* `oidc`: fixing calculation of `"auth_time"` claim, which (as per RFC) needs to stay the same across first authentication and subsequent `"refresh_token"` requests;
* it requires a new db column (default: `"auth_time"`, datetime) in the `"oauth_tokens"` database;
* hash-column `"refresh_token"` will now expose the refresh token (instead of the hash column version) in the `"refresh_token"` grant type response payload (only happened in "non-rotation" refresh token mode).
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| rodauth-oauth-0.10.0 | doc/release_notes/0_9_3.md |
| rodauth-oauth-0.9.3 | doc/release_notes/0_9_3.md |