This repository has been archived by the owner on Jun 23, 2023. It is now read-only.
v2.3.0
Release notes
- OIDC Certification and FAPI profile @peppelinux @rohe @nsklikas (#158)
- README: PAR @peppelinux (#152)
- docs: add prompt to refresh token requirements @melanger (#148)
- feat: add RawID to session manager @melanger (#149)
- chore: README badges @peppelinux (#146)
Changes that this PR accomplish:
- If response_type == id_token return userinfo that normally would be returned from the userinfo endpoint in the id_token.
- Don't run parse_cookie twice. One after the other.
- Allow for different claims release policies to be in effect simultaneously (typically id_token+userinfo).
- Error response when response_mode == form_post not handled correctly. return_uri needed.
- Use extra info in ValueError exception instance to return correct error code.
- Allow endpoints to have their own request verification error handler.
- Having session ID in ID Token instance simplifies things.
- Finding the last issued token of a specific type is useful.
- Should check if client session is revoked.
- Revoked all grants issued to a user/client pair.
- Merged the two ClaimsInterface versions.
- Removed tests using method that was removed and incomplete test.
- Client registration endpoint should return a 201 HTTP response code on successful registration.
- Default token lifetime should not be 0 (zero). Changed to be 30 minutes (1800 seconds).
- Authorization error response MUST contain 'state' if it is present in the request.
- Check cookie age.
- Revoke tokens that has been minted using a code that then is used once more.
- prompt==login forces re-authentication.
- prompt attribute is a list.
- FAPI OP example project
Full Changelog: v2.2.1...v2.3.0
Contributors
rohe, peppelinux, and 2 other contributors