github OpenIDC/mod_auth_openidc v1.8.5
release 1.8.5

latest releases: v2.4.16.5, v2.4.16.4, v2.4.16.3...
9 years ago

Features

  • authentication option for Redis cache server using OIDCRedisCachePassword
  • OIDCUnAuthAction primitive that defines how to act on unauthenticated requests; deprecates OIDCReturn401
  • JWT encryption support for RSA-OAEP and A128GCM, A192GCM, A256GCM
  • support encrypted JWTs using A192KW and A192CBC-HS384
  • graceful handling of browser-back on authorization response, issue #89
  • graceful handling of invalid (expired) authorization response state, issue #86
  • support (non-sid-based) HTTP logout spec: http://openid.net/specs/openid-connect-logout-1_0.html

Bugfixes

  • fix parsing of OIDCOAuthTokenExpiryClaim, PR #90, thanks @bester
  • improve logging on metadata parsing failures, issue #94

Security

Don't miss a new mod_auth_openidc release

NewReleases is sending notifications on new releases.