-
-
Notifications
You must be signed in to change notification settings - Fork 14
/
ChangeLog
75 lines (58 loc) · 2.04 KB
/
ChangeLog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
08/22/2024
- change LICENSE to Apache 2.0
- depend on liboauth2 >= 2.0.0
- release 4.0.0
06/05/2024
- depend on liboauth2 >= 1.6.2
- release 3.4.0
10/25/2023
- correct documentation wrt. cache encryption passphrase; see #52; thanks @webermax
- depend on liboauth2 >= 1.5.1; see https://github.com/OpenIDC/liboauth2/issues/44
03/08/2023
- move repo to OpenIDC github organization
01/21/2023
- clean WWW-Authenticate header in main request as well if this is a subrequest; closes #42
this avoids the WWW-Authenticate header to be sent in HTTP 200 responses; thanks @ErmakovDmitriy
- depend on liboauth2 1.4.5.3
- release 3.3.1
12/06/2022
- change Makefile install procedure
- depend on liboauth2 1.4.5.2
- release 3.3.0
07/27/2022
- depend on liboauth2 1.4.5 with multi-treading fix for "OAuth2TokenVerify jwk <key>"
- release 3.2.3
07/01/2021
- change configure.ac to find Apache flags correctly
06/07/2021
- depend on liboauth2 1.4.2.1 with fixed iat slack validation defaults
- set WWW-Authenticate environment variable to allow for complex Require logic; see
https://github.com/zmartzone/mod_auth_openidc/discussions/572
example:
Header always append WWW-Authenticate %{OAUTH2_BEARER_SCOPE_ERROR}e "expr=(%{REQUEST_STATUS} == 401) && (-n reqenv('OAUTH2_BEARER_SCOPE_ERROR'))"
- release 3.2.2
02/01/2021
- depend on liboauth2 1.4.1 with support for RFC 8705 mTLS Client Certificate bound access tokens
- release 3.2.1
12/22/2020
- depend on liboauth2 1.4.0
- release 3.2.0
11/13/2020
- add OAuth2CryptoPassphrase
11/10/2020
- allow setting a cache with OAuth2Cache
11/07/2020
- change Require keyword from "claim" to "oauth2_claim" to avoid interference with mod_auth_openidc
- depend on liboauth2 >= 1.4.0 with new oauth2_token_verify (dpop) interface
- bump to 3.2.0-dev
09/12/2019
- depend on liboauth2 1.2.0 with new request header API
- bump to 3.1.0
07/04/2019
- depend on liboauth2 1.1.1 with log encapsulation changes
- bump to 3.0.2
05/20/2019
- add Apache Require claim authorization functions
- bump to 3.0.1
03/22/2019
- initial import of version 3.0.0