Added
- Fix and polish upsert and delete commands @eneiluj #338
- Remove redundant and time consuming userinfo validation @eneiluj #334
- Cache provider public keys @eneiluj #337
- Move to IBootstrap @juliushaertl #385
- New system config to disable SelfEncodedValidator bearer token validator @eneiluj #372
- Dispatch new event when a bearer token is validated @eneiluj #381
- Add new provider setting to request extra claims @eneiluj #407
- Implement single logout @eneiluj #373
Fixed
- Avoid claiming 'sub', display code response error @eneiluj #329
- Optionally keep userinfo validator for api calls only, use all providers @eneiluj #335
- Let .nextcloudignore skip defined paths only in root @juliushaertl #353
- Avoid empty session on certain redirect situations in Safari @juliushaertl #358
- Cache discovery endpoint results @juliushaertl #367
- Fix a small php 8 compatibility issue @CarlSchwan #406
- Cache user object when checking existance @CarlSchwan #412
- Ensure that a remember me cookie is created @juliushaertl #425
Notes for admins
Single logout is now enabled by default. This means the session on the OIDC provider side will be ended when the users log out.
You can disable that behavior with a config switch in config.php:
'user_oidc' => [
'single_logout' => false,
],