Bot releases are visible (Hide)
impl Future
instead of Pin<Box<dyn Future>>
(#158)Full Changelog: https://github.com/ramosbugs/openidconnect-rs/compare/4.0.0-alpha.1...4.0.0-alpha.2
Published by ramosbugs 6 months ago
This is an API-unstable release intended for gathering feedback about breaking API changes in 4.0. It should be safe to use in applications, but further breaking API changes MAY occur before stabilizing the API for the 4.0.0 release.
Refer to the Upgrade Guide for tips on how to upgrade from 3.x.
oauth2
to 5.0.0-alpha.4
(19043b103b74f38137d2c0b563eadd4165d2f827)oauth2
to 5.0.0-alpha.3
along with http
, reqwest
, and base64
(7efc8943a8f699aff2db742827fc3d0fc2b3f34d)nightly
feature (c67ffe94af24b65dbb596a68b6623baecf080eb8)oauth2
to 5.0.0-alpha.2
(fd404985ef6c8e546f951191f4e1bc791615f5ca)jwk-alg
Cargo feature (73ee82f4243ef6e0e52896b97081c9b7b7226fa4)From<>
for unwrapping newtypesEq
for types that already derive PartialEq
(898ead2e849f9fd7b3afc506d0763d3c9000a6f7)oauth2
(1c9f77071dd29d8039e65cfeac4345584fdad56b)JsonCurveType
trait (ffde16ad678a8a1e2fda7ccd1d87e12eb4ccfee3)Display
output of ClientRegistrationError
(3a801c9666589450322b710ca2f38f2f99fb24f2)Cargo.toml
(06e9d6cd0218a9350252f8a6a6163b16cd142f60Full Changelog: https://github.com/ramosbugs/openidconnect-rs/compare/3.5.0...4.0.0-alpha.1
Published by ramosbugs 8 months ago
UserInfoRequest::set_response_type
by @FabianLars in https://github.com/ramosbugs/openidconnect-rs/pull/146
#[non_exhaustive]
from LogoutProviderMetadata
(#150)Full Changelog: https://github.com/ramosbugs/openidconnect-rs/compare/3.4.0...3.5.0
Published by ramosbugs about 1 year ago
alg
field into account during key selection (#131). This change is gated by a non-default jwk-alg
feature flag, which was added to avoid introducing breaking changes. During a future major version, this feature flag will be removed and the functionality will be included unconditionally.Full Changelog: https://github.com/ramosbugs/openidconnect-rs/compare/3.3.1...3.4.0
Published by ramosbugs about 1 year ago
wasmbind
feature to fix panic in WASM environments (#127)Published by ramosbugs over 1 year ago
This release increases the Minimum Supported Rust Version (MSRV) of this crate to 1.65.
birthdate
claim (#119). This crate supports a typo'ed birthday
claim, which continues to work as before. In addition, it now supports the standardized birthdate
claim.rsa
, p256
, p384
, serde_with
, and url
dependencies to their latest versions (#117)Eq
trait on structs and enums already implementing PartialEq
to address Clippy lintFull Changelog: https://github.com/ramosbugs/openidconnect-rs/compare/3.2.0...3.3.0
Published by ramosbugs over 1 year ago
oauth2
crate version to 4.4.1.cargo doc
warnings and rustdoc linksPublished by ramosbugs over 1 year ago
PostLogoutRedirectUrl
and LogoutHint
Published by ramosbugs over 1 year ago
Add support for OpenID Connect RP-Initiated Logout (#112).
Special thanks to @jsimonrichard for contributing this feature!
Published by ramosbugs over 1 year ago
🚀 WASM is now supported! 🚀
Don't set empty JWK signing algorithms in Client::new()
(#104). This fixes a bug introduced in 3.0.0-alpha.1/2.5.0 (#87) that caused clients constructed via Client::new()
not to allow any signature algorithms for ID tokens and user info JWTs unless they manually set the allowed algorithms on the IdTokenVerifier
. This patch restores the original behavior of defaulting to accepting only RS256
for clients constructed via Client::new()
, as indicated in the spec.
Clients constructed via Client::from_provider_metadata()
will continue to receive the signing algorithms specified in the provider metadata during OpenID Connect Discovery (as introduced in 3.0.0-alpha.1/2.5.0 via #87).
AuthorizationRequest::add_scopes
(#105)'static
bound from ProviderMetadata::discover_async
(#107)Replace ring
with RustCrypto crates (#96). This change increases the minimum supported Rust version (MSRV) to 1.57 and adds support for WASM targets.
Special thanks to @sbihel for contributing this change!
Establish new MSRV policy: this crate will maintain a policy of supporting Rust releases going back at least 6 months. Changes that break compatibility with Rust releases older than 6 months will no longer be considered SemVer breaking changes and will not result in a new major version number for this crate (f3dedb3c3e74802cdf0c20d7d87ce35ffa846eb1).
CoreRsaPrivateSigningKey
Send
and Sync
(bc09d22afc140e1d2d6caf8756dda4a17cc991fa).Published by ramosbugs over 1 year ago
Don't set empty JWK signing algorithms in Client::new()
(#104). This fixes a bug introduced in 2.5.0 (#87) that caused clients constructed via Client::new()
not to allow any signature algorithms for ID tokens and user info JWTs unless they manually set the allowed algorithms on the IdTokenVerifier
. This patch restores the original behavior of defaulting to accepting only RS256
for clients constructed via Client::new()
, as indicated in the spec.
Clients constructed via Client::from_provider_metadata()
will continue to receive the signing algorithms specified in the provider metadata during OpenID Connect Discovery (as introduced in 2.5.0 via #87).
Published by ramosbugs almost 2 years ago
Replace ring
with RustCrypto crates (#96). This change increases the minimum supported Rust version (MSRV) to 1.57 and adds support for WASM targets.
Special thanks to @sbihel for contributing this change!
Establish new MSRV policy: this crate will maintain a policy of supporting Rust releases going back at least 6 months. Changes that break compatibility with Rust releases older than 6 months will no longer be considered SemVer breaking changes and will not result in a new major version number for this crate (f3dedb3c3e74802cdf0c20d7d87ce35ffa846eb1).
CoreRsaPrivateSigningKey
Send
and Sync
(bc09d22afc140e1d2d6caf8756dda4a17cc991fa).Published by ramosbugs almost 2 years ago
Ignore unrecognized signature algorithms, encryption algorithms, and public keys when parsing provider metadata and JWK sets (#99).
Previously, this crate would return a deserialization error if it encountered any unrecognized signature/encryption algorithms or public keys in the ProviderMetadata
and JsonWebKeySet
. This release changes the behavior to instead ignore these unexpected values, with the aim of improving compatibility with OIDC providers that support other algorithms but don't necessarily use them to sign JWTs. The OIDC spec allows for new algorithms and key types to be used, so these OIDC providers are fully compliant with the spec.
Propagate signature algorithms from OIDC discovery to token verifier (#87). Previously, these had to be configured manually when instantiating the token verifier.
serde_plain
instead of the oauth2
crate's variant_name
helper to convert algorithm names and other values to strings. This should ensure compatibility with arbitrary Serialize
implementations for these types.ring
with subtle
in preparation for removing ring
entirely in 3.0 (#89).Published by ramosbugs almost 2 years ago
CoreJsonWebKeyUse::Other
variant to avoid JWK deserialization errors when unsupported keys are present in a provider's JWK set (c25eb06ba7e64e14cb94d34a564d77a4ff4e9d1b)accept-string-booleans
Cargo feature flag to interoperate with non-RFC-compliant Apple OAuth (#84)CoreRsaPrivateSigningKey
implement Send
(#93)Published by ramosbugs over 2 years ago
Published by ramosbugs over 2 years ago
oauth2
dependency to 4.2itertools
, serde-value
, and various dev dependencies. Remove untrusted
crate as a dependency. (#73)Published by ramosbugs over 2 years ago
new_insecure_without_verification()
to IdTokenVerifier
(#61)ClientRegistrationResponse
fields (#66)Published by ramosbugs almost 3 years ago
FromStr
for IdToken
(#59)Published by ramosbugs almost 3 years ago
n
) and public exponent (e
) values (#53)Published by ramosbugs almost 3 years ago
chrono
's oldtime
feature flag