Note: 2.3.10.1 fixes a bug in 2.3.10 wrt. query parameter duplication in the URL, see #420
This release was made possible thanks to sustaining sponsor GLUU.
Bugfixes
- retain the unparsed URL path in current/original URL determination, thereby preserving and support URL-encoded characters in paths when redirecting back to the original URL; thanks Michael Furman
- fix encryption buffer tag length mismatch
Features
- optionally delete the oldest state cookie(s) using
OIDCStateMaxNumberOfCookies <number> truesee #399 - add state to code exchange token requests only in multi-provider setups; see #402; thanks @ecattez
- add support for refreshing an access token associated with an OIDC session using
OIDCRefreshAccessTokenBeforeExpiry; thanks Andreas Hanisch
Packaging
- the libcjose >= 0.5.1 binaries that this module depends on are available from the release 2.3.0 "Assets" section
- Ubuntu Xenial packages can also be used on Ubuntu Yakkety, Zesty and Artful; the Debian Wheezy package can be used on Ubuntu Precise
- Windows 64bit builds (and builds for various other platforms) are available under a commercial agreement via support@zmartzone.eu