OpenIDC/mod_auth_openidc v1.8.10

release 1.8.10

on GitHub

Features

• add per-path configurable token introspection result cache expiry with OIDCOAuthTokenIntrospectionInterval
• add support for JWT based client authentication to the token endpoint (client_secret_jwt, private_key_jwt)
• allow setting OIDCRemoteUserClaim with values obtained from the userinfo endpoint; thanks @steve-dave

Bugfixes

• fix OIDCUnAuthAction pass mode for Apache 2.4 and in case Require claim primitives used for 2.4 and 2.2; thanks @steve-dave
• don't use local port setting for current URL determination when X-Forwarded-Host has been set

Other

• avoid compilation errors with OpenSSL 1.1.0 and use EVP_CIPHER_CTX_new/EVP_CIPHER_CTX_free