The official docker release for this release can be pulled from
ghcr.io/dexidp/dex:v2.28.0
Features:
- Add c_hash to id_token, issued on /auth endpoint, when in hybrid flow (#1773, @HEllRZA)
- Allow configuration of returned auth proxy header (#1839, @seuf)
- Allow to disable os.ExpandEnv for storage + connector configs by env variable DEX_EXPAND_ENV = false (#1902, @heidemn-faro)
- Added the possibility to activate lowercase for UPN-Strings (#1888, @VF-mbrauer)
- Add "Cache-control: no-store" and "Pragma: no-cache" headers to token responses (#1948, @nabokihms)
- Add gomplate to the docker image (#1893, @nabokihms)
- Graceful shutdown (#1963, @nabokihms)
- Allow public clients created with API to have no client_secret (#1871, @spohner)
Bugfixes:
- Fix the etcd PKCE AuthCode deserialization (#1908, @bnu0)
- Fix garbage collection logging of device codes and device request (#1918, @nabokihms)
- Discovery endpoint contains updated claims and auth methods (#1951, @nabokihms)
- Return invalid_grant error if auth code is invalid or expired (#1952, @nabokihms)
- Return an error to auth requests with the "request" parameter (#1956, @nabokihms)
Minor changes:
- Change default themes to light/dark (#1858, @nabokihms)
- Various developer experience improvements
- Dependency upgrades
- Tons of small fixes and changes