https://oidc-provider.dev/changelog/ Release notes for node-oidc-provider en https://oidc-provider.dev/changelog/ All notable changes to this project will be documented in this file. See [commit-and-tag-version](https://github.com/absolute-version/commit-and-tag-version) for commit guidelines. https://oidc-provider.dev/changelog/ ### Fixes * await registration token policy ([6269602](https://github.com/panva/node-oidc-provider/commit/62696027a9c579576b0a55d9a899d4143973d809)) * pass ciba user code to verifier ([a340869](https://github.com/panva/node-oidc-provider/commit/a3408691fc9f4404a05ba16b9112d2ce6fbe8df6)) * reject malformed dpop htu with a clearer message ([1b6146c](https://github.com/panva/node-oidc-provider/commit/1b6146c82f9557a8db87e2f91b360b370a8fb14f)) https://oidc-provider.dev/changelog/ ### Fixes * html-escape debug data sent to development-only interactions ([924d25c](https://github.com/panva/node-oidc-provider/commit/924d25c2553ec5da103dc48708fa5f9f1bbcf402)), closes [#1414](https://github.com/panva/node-oidc-provider/issues/1414) https://oidc-provider.dev/changelog/ ### Refactor * relax native app custom URI scheme validation ([75be6ce](https://github.com/panva/node-oidc-provider/commit/75be6ce14449d5e59d6499d07bd667a8e1b1577c)), closes [#1411](https://github.com/panva/node-oidc-provider/issues/1411) https://oidc-provider.dev/changelog/ ### Features * promote rpMetadataChoices to stable ([cc8cfcc](https://github.com/panva/node-oidc-provider/commit/cc8cfcc39fcef4eef298bc295b614bcd7343f53d)) https://oidc-provider.dev/changelog/ ### Refactor * **CIMD:** filter unrecognized array members before validating ([969edba](https://github.com/panva/node-oidc-provider/commit/969edbaee66aae84bb50433c66efde774a261594)), closes [#1398](https://github.com/panva/node-oidc-provider/issues/1398) * fetch_body_check.js now returns early when limit is Infinite ([a794f51](https://github.com/panva/node-oidc-provider/commit/a794f518175b089b5f4ee483d7206180c5aeab0f)) * fixup grant_types and response_types mismatch instead of rejecting ([81538bf](https://github.com/panva/node-oidc-provider/commit/81538bf55ae3fc963f6d8cd4ed8f8c801ff48ee2)) https://oidc-provider.dev/changelog/ ### Features * add configuration for limiting external resource body limits ([0c424cd](https://github.com/panva/node-oidc-provider/commit/0c424cd852ac56b37127a0fae8d74c77c38903e4)) * experimental support for Client ID Metadata Document (CIMD) ([d5323f4](https://github.com/panva/node-oidc-provider/commit/d5323f4cf81200382dc0f374b80364c82f059f93)) * prevent fetching special-use IP address resources ([1548834](https://github.com/panva/node-oidc-provider/commit/1548834c5f93c546e940f6c5d75e3911696f1ad1)) https://oidc-provider.dev/changelog/ ### Refactor * extract NON_REJECTABLE_CLAIMS into shared constant ([2b7c025](https://github.com/panva/node-oidc-provider/commit/2b7c025b0e295ccb433928988b1e994a26d15ae2)) * extract shared grant handler helpers to reduce duplication ([f5eee9e](https://github.com/panva/node-oidc-provider/commit/f5eee9e0e5c11a80053401d3edebbdfe0078c6eb)) * extract shared token finder for introspection and revocation ([666c2b0](https://github.com/panva/node-oidc-provider/commit/666c2b09a394cdd154c6e40eb8ae7f1920403e46)) https://oidc-provider.dev/changelog/ ### Features * add RAR support to CIBA flows ([0fc5893](https://github.com/panva/node-oidc-provider/commit/0fc58937c4d1d1f80b0f36a07f8d63f85bd474cb)), closes [#1358](https://github.com/panva/node-oidc-provider/issues/1358) https://oidc-provider.dev/changelog/ ### Refactor * change new Debug() to debug() ([#1363](https://github.com/panva/node-oidc-provider/issues/1363)) ([b86b47c](https://github.com/panva/node-oidc-provider/commit/b86b47ca654d61bebff79d318bea42bec1e36c4b)) https://oidc-provider.dev/changelog/ ### Fixes * safeguard global navigator access ([1caae21](https://github.com/panva/node-oidc-provider/commit/1caae21008fb69eb3933354a705886c751876cdb)) https://oidc-provider.dev/changelog/ ### Features * support ML-DSA JWS algorithm identifiers ([f308b09](https://github.com/panva/node-oidc-provider/commit/f308b0930c665058c64b713438bf956c7af2449c)) https://oidc-provider.dev/changelog/ ### Fixes * check for native logout redirect allowed same way as during auth ([419f286](https://github.com/panva/node-oidc-provider/commit/419f286529fd66d0cb577ea64dd544867eb27b18)), closes [#1351](https://github.com/panva/node-oidc-provider/issues/1351) https://oidc-provider.dev/changelog/ ### Documentation * add an getAttestationSignaturePublicKey example ([3a7730c](https://github.com/panva/node-oidc-provider/commit/3a7730c451ac242122bf0105732c24fbfa460bef)) https://oidc-provider.dev/changelog/ ### Features * Experimental support for Attestation-Based Client Authentication ([d655ebd](https://github.com/panva/node-oidc-provider/commit/d655ebde6428d5b8a5d2f29ce2fc2a0203f442d7)) https://oidc-provider.dev/changelog/ ### Features * **revocation:** add an allowed token revocation policy helper ([a7e47e4](https://github.com/panva/node-oidc-provider/commit/a7e47e4cc700722ed826c2a86a3aabb4fd1846ee)) https://oidc-provider.dev/changelog/ ### Features * expose RFC8414 Authorization Server Metadata route ([c5bd90f](https://github.com/panva/node-oidc-provider/commit/c5bd90f2021e7614115873202482b46e36388b39)) https://oidc-provider.dev/changelog/ ### Fixes * ensure an account's accountId and claims().sub is the same ([9b89153](https://github.com/panva/node-oidc-provider/commit/9b89153c0ea2f2280a26e35f3b66d1900aed7c79)), closes [#1336](https://github.com/panva/node-oidc-provider/issues/1336) https://oidc-provider.dev/changelog/ ### Fixes * ignore allowOmittingSingleRegisteredRedirectUri when FAPI 2.0 is used ([e2de529](https://github.com/panva/node-oidc-provider/commit/e2de529bea57e9349bed54bda7f42f2e20ba8602)) https://oidc-provider.dev/changelog/ ### Refactor * oidc-provider now uses koa@3 ([3a83d32](https://github.com/panva/node-oidc-provider/commit/3a83d324f611e8f42e79f92f6f046721dcc5dba2))