Releases: panva/oauth4webapi
Releases · panva/oauth4webapi
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.1
v2.0.0
⚠ BREAKING CHANGES
- Use the TLS server validation in
processAuthorizationCodeOpenIDResponse
to validate the issuer instead of checking the ID Token's signature. The function'soptions
argument was removed. - Use the TLS server validation in
processDeviceCodeResponse
to validate the issuer instead of checking the optional ID Token's signature. The function'soptions
argument was removed. - Use the TLS server validation in
processIntrospectionResponse
to validate the issuer instead of checking the optional JWT Introspection Response signature. The function'soptions
argument was removed. - Use the TLS server validation in
processRefreshTokenResponse
to validate the issuer instead of checking the optional ID Token's signature. The function'soptions
argument was removed. - Use the TLS server validation in
processUserInfoResponse
to validate the issuer instead of checking the optional JWT UserInfo Response signature. The function'soptions
argument was removed. - PAR w/ DPoP no longer automatically adds
dpop_jkt
to the authorization request. - Removed
calculateJwkThumbprint
function export. - Removed
jwksRequest
function export. - Removed
processJwksResponse
function export.