2015/03/16: fixed the erronous 32 bit upload of mod_auth_openidc-1.8.0-1.el6.x86_64.rpm
Features
- more options for running as (only) an OAuth 2.0 Resource Server
- support for local JWT access token validation using
OIDCOAuthVerifyCertFiles
,OIDCOAuthVerifySharedKeys
andOIDCOAuthVerifyJwksUri
, see https://github.com/pingidentity/mod_auth_openidc/wiki/OAuth-2.0-Resource-Server - support configurable introspection HTTP method: can be
POST
(default) orGET
- support for local JWT access token validation using
- support configuration of a maximum session duration (
OIDCSessionMaxDuration
)
Bug Fixes
- avoid including line feeds in header values (@forkbomber and @ekanthi)
- this is a security fix to prevent passing crafted header values in a reverse proxy setup
- the response type must now strictly match the requested response type
- fix
free()
crash on simple-valued error printouts - fix returning keys without a
kid
- fix searching for keys with a
x5t
thumbprint - fix
oauth.introspection_endpoint_method
initialization
Other
- make Redis support conditional at compilation time using autoconf
- preliminary support for GET-style logout (under development in the OIDC WG)