github OpenIDC/mod_auth_openidc v1.6.0
release 1.6.0
on GitHub

latest releases: v2.4.15.7, v2.4.15.6, v2.4.15.5...
9 years ago

Features

  • add support for Session Management based on
    http://openid.net/specs/openid-connect-session-1_0.html (draft 21)
  • support static provider configuration from a metadata URL (OIDCProviderMetadataURL)
  • add config option to POST extra parameters to the token endpoint (OIDCProviderTokenEndpointParams / token_endpoint_params)
  • support for passing runtime determined authentication request parameters in the discovery response (auth_request_params)
  • support for "x5c" JWK representation

Bugs

  • fix set_slot functions for algorithm/url used as default for dynamic registration (OIDCClientJwksUri / OIDCIDTokenSignedResponseAlg)
  • fix JSON array memory leak in OAuth 2.0 access token validation flow
  • set expiry on state cookies
  • return JWKS on jwks_uri with content-type "application/json"
  • HTML-encode error descriptions before displaying them

Other

  • be less strict about issuer validation in metadata
  • check that endpoints in metadata are URLs
  • various minor logging improvements
  • various minor documentation improvements
  • improve error handling on direct browser access to redirect uri
Check out latest releases or
releases around OpenIDC/mod_auth_openidc v1.6.0

Don't miss a new mod_auth_openidc release

NewReleases is sending notifications on new releases.

Get notifications