Features
- support
410
option onOIDCUnAuthAction
; closes #141 - return
WWW-Authenticate
header on OAuth 2.0 protected paths to conform better to the spec; closes #124; thanks @spinto - improve support for public clients; closes #130
Bugfixes
- improve
X-Forwarded-Host
handling overHost
- always make claims from the
id_token
available for authorization; closes #129 apr_jwe_decrypt_content_aesgcm()
null terminate string, #127, thanks @jdennis- fix unit test on Apache 2.4 and error description
- fix segfault if
OIDCRedirectURI
is empty; fixes #138; thanks @brianwcook - avoid parsing previous refresh timestamp if that failed earlier
fix get_current_url
(proxy) case wherer->parsed_uri.path
would be null