Features
- add support for Session Management based on
http://openid.net/specs/openid-connect-session-1_0.html (draft 21) - support static provider configuration from a metadata URL (
OIDCProviderMetadataURL
) - add config option to POST extra parameters to the token endpoint (
OIDCProviderTokenEndpointParams
/token_endpoint_params
) - support for passing runtime determined authentication request parameters in the discovery response (
auth_request_params
) - support for "x5c" JWK representation
Bugs
- fix set_slot functions for algorithm/url used as default for dynamic registration (
OIDCClientJwksUri
/OIDCIDTokenSignedResponseAlg
) - fix JSON array memory leak in OAuth 2.0 access token validation flow
- set expiry on state cookies
- return JWKS on jwks_uri with content-type "application/json"
- HTML-encode error descriptions before displaying them
Other
- be less strict about issuer validation in metadata
- check that endpoints in metadata are URLs
- various minor logging improvements
- various minor documentation improvements
- improve error handling on direct browser access to redirect uri