ory/hydra v2.2.0-pre.1

on GitHub

autogen: pin v2.2.0-pre.1 release commit

Bug Fixes

• Correct id token type in token exchange response (#3625) (d1f9ba8):

  Closes ory/client-go#2

• Dropped persistence/sql test errors (#3670) (22f0119)

• Handle logout double-submit gracefully (#3675) (5133cf9)

• Handle subject mismatch gracefully (#3619) (af0d477):

  We now redirect to the original request URL if the subjects between
  the remembered Hydra session and what was confirmed by the login
  screen does not match.

• Handle token hook auth config (#3677) (1a40833):

  • fix: handle token hook auth config
  • fix: bump golangci-lint

• Improved SSRF protection (#3669) (24c3be5)

• Incorrect down migration (#3708) (8812e0e), closes /github.com/ory/hydra/pull/3705#discussion_r1471514014

• Remove required mark (#3693) (3a764a0)

• Timeout in jwt-bearer grants when too many grants are available (#3692) (a748797)

• Verifiable credentials JWT format (#3614) (0176adc)

Code Generation

• Pin v2.2.0-pre.1 release commit (8168ee3)

Documentation

• Fix typo (#3649) (f0501d2)

Features

• Add --skip-logout-consent flag to CLI (#3709) (f502d6e)

• Add authentication options to hooks (#3633) (5c8e792)

• Add flag to export public keys (#3684) (62c006b)

• Add missing index for jwk table (#3691) (39ee5e1)

• Add prompt=registration (#3636) (19857d2):

  Ory Hydra now supports a registration value for the prompt parameter of
  the authorization request. When specifying prompt=registration, Ory Hydra
  will redirect the user to the URL found under urls.registration
  (instead of urls.login).

• Add skip_logout_consent option to clients (#3705) (2a653e6):

  Adds a special field which disables the logout consent screen when performing OIDC logout.

• Allow injecting extra fosite strategies (#3646) (88b0b7c)

• Re-enable legacy client IDs (#3628) (5dd7d30):

  This patch changes the primary key of the hydra_client table. We do not expect issues, as that table is probably not overly huge in any deployment. We do however highly recommend to test the migration performance on a staging environment with a similar database setup.

• Remove flow cookie (#3639) (cde3a30):

  This patch removes the flow cookie. All information is already tracked in the request query parameters as part of the {login|consent}_{challenge|verifier}.

• Remove login session cookie during consent flow (#3667) (5f41949)

• Support multiple token URLs (#3676) (95cc273)

Changelog

• b346f90 autogen(docs): generate and bump docs
• 01aeffc autogen(docs): regenerate and update changelog
• 3a65840 autogen(docs): regenerate and update changelog
• 2dc52b4 autogen(docs): regenerate and update changelog
• 7473259 autogen(docs): regenerate and update changelog
• 4b8c971 autogen(docs): regenerate and update changelog
• d0dfc0f autogen(docs): regenerate and update changelog
• 9e9be2d autogen(docs): regenerate and update changelog
• ada59a5 autogen(docs): regenerate and update changelog
• cdd2647 autogen(docs): regenerate and update changelog
• e4c160f autogen(docs): regenerate and update changelog
• 5121dba autogen(docs): regenerate and update changelog
• 21e0a9b autogen(docs): regenerate and update changelog
• 89b1b1b autogen(docs): regenerate and update changelog
• 0a5e043 autogen(docs): regenerate and update changelog
• 6cbe089 autogen(docs): regenerate and update changelog
• 7861702 autogen(docs): regenerate and update changelog
• c9f4b5f autogen(docs): regenerate and update changelog
• fe260d1 autogen(docs): regenerate and update changelog
• fbf39dd autogen(docs): regenerate and update changelog
• 9b33fc5 autogen(docs): regenerate and update changelog
• f9cee32 autogen(docs): regenerate and update changelog
• 841d58b autogen(docs): regenerate and update changelog
• 4a8e9a4 autogen(docs): regenerate and update changelog
• cdc0bec autogen(openapi): regenerate swagger spec and internal client
• 4a00e3e autogen(openapi): regenerate swagger spec and internal client
• dedcf5b autogen(openapi): regenerate swagger spec and internal client
• 92eb03a autogen(openapi): regenerate swagger spec and internal client
• f9a87d3 autogen(openapi): regenerate swagger spec and internal client
• 1ff8f20 autogen(openapi): regenerate swagger spec and internal client
• 11bf9df autogen(openapi): regenerate swagger spec and internal client
• e796893 autogen(openapi): regenerate swagger spec and internal client
• 27f2ef5 autogen(openapi): regenerate swagger spec and internal client
• 35d6295 autogen(openapi): regenerate swagger spec and internal client
• ce00a42 autogen(openapi): regenerate swagger spec and internal client
• db4fd7d autogen(openapi): regenerate swagger spec and internal client
• 146b162 autogen(openapi): regenerate swagger spec and internal client
• e1636d1 autogen(openapi): regenerate swagger spec and internal client
• 9389773 autogen(openapi): regenerate swagger spec and internal client
• af859fe autogen(openapi): regenerate swagger spec and internal client
• f1708f2 autogen(openapi): regenerate swagger spec and internal client
• 3e8413e autogen(openapi): regenerate swagger spec and internal client
• 11c8c72 autogen(openapi): regenerate swagger spec and internal client
• 800ce0a autogen: add v2.2.0-rc.3 to version.schema.json
• 8168ee3 autogen: pin v2.2.0-pre.1 release commit
• 0487217 autogen: render config schema
• a0c06ec chore(deps): bump @cypress/request and cypress (#3641)
• b177f81 chore(deps): bump axios and @openapitools/openapi-generator-cli (#3701)
• 23c8194 chore(deps): bump debug from 3.2.6 to 3.2.7 (#3640)
• 18d9793 chore(deps): bump follow-redirects in /test/e2e/oauth2-client (#3697)
• 4fa2889 chore(deps): bump github.com/docker/docker (#3707)
• 2ba3547 chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0 (#3680)
• efc00a8 chore(deps): bump golang.org/x/net from 0.14.0 to 0.17.0 (#3645)
• 083c90d chore: build tag (#3613)
• 3615e3d chore: bump docker base images (#3632)
• aa8a364 chore: bump openapi-generator (#3696)
• 2dc6606 chore: improve context (#3656)
• 8e94929 chore: update otel (#3686)
• f0501d2 docs: fix typo (#3649)
• f502d6e feat: add --skip-logout-consent flag to CLI (#3709)
• 5c8e792 feat: add authentication options to hooks (#3633)
• 62c006b feat: add flag to export public keys (#3684)
• 39ee5e1 feat: add missing index for jwk table (#3691)
• 19857d2 feat: add prompt=registration (#3636)
• 2a653e6 feat: add skip_logout_consent option to clients (#3705)
• 88b0b7c feat: allow injecting extra fosite strategies (#3646)
• 5dd7d30 feat: re-enable legacy client IDs (#3628)
• cde3a30 feat: remove flow cookie (#3639)
• 5f41949 feat: remove login session cookie during consent flow (#3667)
• 95cc273 feat: support multiple token URLs (#3676)
• d1f9ba8 fix: correct id token type in token exchange response (#3625)
• 22f0119 fix: dropped persistence/sql test errors (#3670)
• 5133cf9 fix: handle logout double-submit gracefully (#3675)
• af0d477 fix: handle subject mismatch gracefully (#3619)
• 1a40833 fix: handle token hook auth config (#3677)
• 24c3be5 fix: improved SSRF protection (#3669)
• 8812e0e fix: incorrect down migration (#3708)
• 3a764a0 fix: remove required mark (#3693)
• a748797 fix: timeout in jwt-bearer grants when too many grants are available (#3692)
• 0176adc fix: verifiable credentials JWT format (#3614)

Artifacts can be verified with cosign using this public key.