Releases: panva/node-oidc-provider
Releases · panva/node-oidc-provider
v7.5.0
v7.4.1
v7.4.0
⚠ BREAKING CHANGES
- fapi: Draft feature
fapiRWwas replaced by a stablefapifeature. - fapi: The default profile for the new
fapifeature is Financial-grade API Security Profile 1.0 - Part 2: Advanced (Final) rather than Financial-grade API - Part 2: Read and Write API Security Profile (ID2). ID2 albeit being an Implementer's Draft remains a possiblefeatures.fapi.profileoption
Features
- fapi: FAPI (Final and ID2) is now a stable feature (4f52a4c)
- resourceIndicators: allow omitting resource parameter at the token endpoint (0309ec0), closes #989
- Client Initiated Backchannel Authentication (CIBA) and FAPI-CIBA-ID1 (a217484)
Bug Fixes
- deviceFlow: ensure pairwise device flow clients prove ownership of their jwks_uri (ec99201)
- remove default got user-agent (d65187c)
- skip validating client redirect_uris presence when not required (90965bb)
Note: Updates to draft specification versions are released as MINOR library versions, if you utilize these specification implementations consider using the tilde ~ operator in your package.json since breaking changes may be introduced as part of these version updates. Alternatively, acknowledge the version and be notified of breaking changes as part of your CI.
v7.3.2
v7.3.1
v7.3.0
⚠ BREAKING CHANGES
- DPoP implementation updated to draft-ietf-oauth-dpop-03
Features
- update DPoP implementation to ietf draft 03 (d08126f)
Note: Updates to draft specification versions are released as MINOR library versions, if you utilize these specification implementations consider using the tilde ~ operator in your package.json since breaking changes may be introduced as part of these version updates. Alternatively, acknowledge the version and be notified of breaking changes as part of your CI.