v6.7.0

Bug Fixes

• correct ssl offloading proxy documentation url in console warning (b871e99)
• handle server_error on expired unsigned request objects (7172a85)
• ignore secret and expiration timestamp on dynamic create (edge case) (d532fb2)

Features

• allow authorization requests with only a Request Object (e3fa143)
• allow structured access token customizations (4be3bb2), closes #520
• experimental support for pushed request objects (4ac3905)
• strategies for parameter merging Request Object <> OAuth 2.0 (3ad1744)
• support non-0 expiring client secrets (client_secret_expires_at) (02877f6)