Nextcloud OpenID Connect Provider App - 1.17.0

This is the an OIDC App for Nextcloud. This application allows to use your Nextcloud Login at other services supporting OpenID Connect.

Provided features:

Support for OpenID Connect Code (response_type = code) and Implicit (response_type = id_token) Flow - Implicite Flow must be activated per client
Support for PKCE
Public and confidential types of clients are supported
Creation of ID Token with claims based on requested scope (Currently supported scopes: openid, profile, email, roles, groups, and offline_access)
Supported signing algorithms RS256 (default) and HS256
Group memberships are passed as roles in ID token
Clients can be assigned to dedicated user groups - Only users in the configured group are allowed to retrieve an access token to fetch the ID token
Support for RFC9068 JWT Access Tokens (must be activated per client)
Discovery & WebFinger endpoint provided
Logout endpoint
Dynamic Client Registration
Client Configuration Management (RFC 7592)
Token Introspection (RFC 7662)
Support for resource url (RFC 9728) at introspection
User Consent Management
Support for custom claims
Administration of clients via CLI
Generation and validation of access tokens using events
User specific settings to define which data is passed to clients in ID token and via userinfo endpoint

Changes:

Full documentation can be found at:

What's Changed

Build(deps): Bump fast-uri from 3.1.0 to 3.1.2 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #646
Build(deps-dev): Bump @babel/plugin-transform-modules-systemjs from 7.29.0 to 7.29.4 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #647
Build(deps-dev): Bump webpack-dev-server from 5.2.3 to 5.2.4 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #649
Build(deps-dev): Bump nextcloud/coding-standard from 1.4.0 to 1.5.0 by @dependabot[bot] in #650
Extended claims in JWT access token by @H2CK in #653

Full Changelog: 1.16.6...1.17.0