Features
- return HTTP 401 on specific paths instead of redirecting for authentication with
OIDCReturn401 On - add configurable JSON parameters to Dynamic Client Registration requests with
OIDCProviderRegistrationEndpointJson/registration_endpoint_json - make shared memory cache entry maximum size configurable with
OIDCCacheShmEntrySizeMax - pass error codes back to the caller when the
refreshhook fails - pass cookies specified in
OIDCPassCookiesfrom browser on to OP/AS calls (for loadbalancing purposes)
Bugfixes
- reconnect to the Redis server after I/O failure as raised in #43
- allow OIDCRedirectURI's with an empty path and fix crash
- require the expiring access_token on the
refreshhook for XSRF protection
Other
- improve handling of non-string (=non-compliant) error responses
- return http 500 when detecting requests that will loop on return