github ramosbugs/openidconnect-rs 3.0.0
on GitHub

latest releases: 4.0.1, 4.0.0, 4.0.0-rc.1...
2 years ago

🚀 WASM is now supported! 🚀

Changes since 3.0.0-alpha.1

Bug Fixes

  • Don't set empty JWK signing algorithms in Client::new() (#104). This fixes a bug introduced in 3.0.0-alpha.1/2.5.0 (#87) that caused clients constructed via Client::new() not to allow any signature algorithms for ID tokens and user info JWTs unless they manually set the allowed algorithms on the IdTokenVerifier. This patch restores the original behavior of defaulting to accepting only RS256 for clients constructed via Client::new(), as indicated in the spec.

    Clients constructed via Client::from_provider_metadata() will continue to receive the signing algorithms specified in the provider metadata during OpenID Connect Discovery (as introduced in 3.0.0-alpha.1/2.5.0 via #87).

New Features

  • Add AuthorizationRequest::add_scopes (#105)

Other Changes

  • Remove unnecessary 'static bound from ProviderMetadata::discover_async (#107)

Summary of changes since 2.5.1

Breaking Changes

  • Replace ring with RustCrypto crates (#96). This change increases the minimum supported Rust version (MSRV) to 1.57 and adds support for WASM targets.

    Special thanks to @sbihel for contributing this change!

  • Establish new MSRV policy: this crate will maintain a policy of supporting Rust releases going back at least 6 months. Changes that break compatibility with Rust releases older than 6 months will no longer be considered SemVer breaking changes and will not result in a new major version number for this crate (f3dedb3).

Other Changes

  • Make CoreRsaPrivateSigningKey Send and Sync (bc09d22).
Check out latest releases or
releases around ramosbugs/openidconnect-rs 3.0.0

Don't miss a new openidconnect-rs release

NewReleases is sending notifications on new releases.

Get notifications