- Enhancements:
- Add support for
allow_create
param in the authorization url.
- Add support for
- Deprecations:
- Remove
whitelisted_clients
support.
- Remove
- Enhancements:
- Add support for
username
claim.
- Add support for
-
Enhancements:
- Verify access token using introspect endpoint instead userinfo.
- Add
introspect_cache_expires_in
config to avoid hitting the IDP every request. Default value is0.seconds
. - New default value for
userinfo_cache_expires_in
config. Now, the default value is1.minute
. - Add
whitelisted_clients
config to accept access tokens ONLY from trusted clients. Default value is the same client.
-
Breaking changes:
- If your application is accepting access tokens from other IDP
clients you must set the
whitelisted_clients
config with the client ids that are whitelisted. Otherwise, the application is gonna accept access tokens ONLY from the same client id.
- If your application is accepting access tokens from other IDP
clients you must set the
- Enhancements:
- Add support for
roles
claim.
- Add support for
- Enhancements:
- Add support for
email_verified
andphone_number_verified
claims.
- Add support for
- Enhancements:
- Improve gem strucure and fix rubocop warnings.
- Enhancements:
- Allow oauth versions greater than 2.0.
- Enhancements:
- Add
userinfo_cache_expires_in
config to avoid hitting the IDP every request. (Default set to 0.seconds)
- Add
- Features:
- Add logout endpoint to remove access/refresh tokens and get redirected to the IDP again.
- Enhancements:
- Add support for
branding
param in the authorization url.
- Add support for
- Enhancements:
- Add support for
theme
param in the authorization url.
- Add support for
- Initial release