Skip to content

release 1.7.1

Compare
Choose a tag to compare
@zandbelt zandbelt released this 18 Feb 06:00
· 142 commits to master since this release

Note that opts.secret and opts.redirect_uri_path are now deprecated and will be removed in a next release; a warning is issued in the log now.

Bugfixes

  • don't select one of the jwt token auth methods if the required key material is not present; see #238
  • fixed a bad error return value in certain setups of bearer_jwt_verify; see #234; thanks @JoshTheGoldfish
  • make sure opts.discovery is resolved when iss is returned as part of the authorization response; see #224 ; thanks @mijohansen

Features

  • added support for the client_secret_jwt authentication method; see #229
  • added support for the private_key_jwt authentication method; see #217; thanks @pamiel

Other

  • remove strict iss check in Discovery metadata document; see #219 (may help Azure AD setups)