v5.4.0

Bug Fixes

• handle potentially unvalidated response mode in authz error handler (ee501d1)
• issue new session identifiers when session changes (56d04e6)
• omit saving an empty session on initial authorize request (d0b7069)

Features

• allow omitting redirect_uri in code exchange at the token endpoint when there is just one registered (8cdd407)
• update of draft-ietf-oauth-resource-indicators from 00 to 01 (1302a54), closes #385