oic-auth-2.6
·
254 commits
to master
since this release
Various security enhancements and updating dependencies.
What's Changed
- Add config option to enable PKCE by @michael-doubez in #191
- Use a nonce by @jglick in #110
- Make nonce verification optional by @michael-doubez in #192
- Allow data containing groups from SSO server to be a List of Maps in addition to a List of Strings. by @bsmoyers in #198
- Reload wellknown configuration at regular interval by @michael-doubez in #194
- expires can be 0 so manage this case (easily for now) by @olamy in #212
📦 Dependency updates
- Bump maven-checkstyle-plugin from 3.2.0 to 3.2.1 by @dependabot in #195
- Bump git-changelist-maven-extension from 1.4 to 1.5 by @dependabot in #201
- Bump git-changelist-maven-extension from 1.5 to 1.6 by @dependabot in #204
- Bump google-http-client from 1.42.3 to 1.43.0 by @dependabot in #207
- Bump google-http-client-jackson2 from 1.42.3 to 1.43.0 by @dependabot in #208
- Bump google-http-client-jackson2 from 1.43.0 to 1.43.1 by @dependabot in #211
- Bump google-http-client from 1.43.0 to 1.43.1 by @dependabot in #209
- Bump maven-checkstyle-plugin from 3.2.2 to 3.3.0 by @dependabot in #231
- Bump google-http-client from 1.43.1 to 1.43.2 by @dependabot in #226
- Bump maven-checkstyle-plugin from 3.2.1 to 3.2.2 by @dependabot in #224
🚩 Known issues
- Regression(#236): group configuration not taken into account (see workaround in issue)
New Contributors
- @jglick made their first contribution in #110
- @bsmoyers made their first contribution in #198
- @olamy made their first contribution in #212
Full Changelog: oic-auth-2.5...oic-auth-2.6
Contributors
olamy, jglick, and 3 other contributors