Releases: ory/fosite
Releases · ory/fosite
v0.49.0
v0.48.0
What's Changed
- fix: require redirect_uri for OpenID Connect calls by @aeneasr in #814
- fix: pass JWK for singing so that KeyID is set in JWTs by @mitar in #799
- fix: do not store stacktrace in sentinel errors by @mitar in #823
- chore: minor improvements to readability and updated code style by @zepatrik in #827
- feat: add identity ID to password grant extra claims by @hperl in #831
- chore: update ory/x and ristretto by @aeneasr in #832
- fix: remove duplicated matcher split by @acynothia in #834
- revert: signature extraction in the HMAC strategy by @zepatrik in #835
- chore: make serialization error wrappable by @aeneasr in #837
New Contributors
- @acynothia made their first contribution in #834
Full Changelog: v0.47.0...v0.47.1
v0.47.0
BREAKING CHANGES: Going forward, please instantiate the HMACSHAStrategy using oauth2.NewHMACSHAStrategy()
:
-var hmacshaStrategy = oauth2.HMACSHAStrategy{
- Enigma: &hmac.HMACStrategy{Config: &fosite.Config{GlobalSecret: []byte("foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar")}},
- Config: &fosite.Config{
- AccessTokenLifespan: time.Hour * 24,
- AuthorizeCodeLifespan: time.Hour * 24,
- },
-}
+var hmacshaStrategy = oauth2.NewHMACSHAStrategy(
+ &hmac.HMACStrategy{Config: &fosite.Config{GlobalSecret: []byte("foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar")}},
+ &fosite.Config{
+ AccessTokenLifespan: time.Hour * 24,
+ AuthorizeCodeLifespan: time.Hour * 24,
+ },
+)
What's Changed
- chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.3 by @dependabot in #800
- chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @dependabot in #804
- chore(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in #811
- chore: remove unneeded dependency github.com/ecordell/optgen by @James-REANNZ in #810
- chore(deps): bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7 by @dependabot in #812
- chore(deps): bump golang.org/x/net from 0.13.0 to 0.23.0 by @dependabot in #808
- refactor: split HMAC SHA strategy by @aeneasr in #813
- fix: WriteIntrospectionResponse should always issue headers by @mitar in #802
- revert: splitting the HMAC SHA strategy (#813) by @aeneasr in #815
- refactor: improve dependency injection capabilities by @aeneasr in #816
New Contributors
- @James-REANNZ made their first contribution in #810
Full Changelog: v0.46.1...v0.47.0
0.46.1
0.46.0
What's Changed
- fix: fix broken link in History.md by @Suvink in #783
- fix: call DeleteOpenIDConnectSession during successful authcode exchange by @cfryanr in #793
- fix: do not list client_secret_jwt as supported by @mitar in #787
- fix: [#754] Requester ID fix by @vivshankar in #756
New Contributors
Full Changelog: v0.45.0...v0.46.0
0.45.0
What's Changed
- docs: update copyright by @james-d-elliott in #732
- chore(deps): bump golang.org/x/net from 0.0.0-20220722155237-a158d28d115b to 0.7.0 by @dependabot in #738
- chore(deps): bump golang.org/x/crypto from 0.0.0-20210921155107-089bfa567519 to 0.1.0 by @dependabot in #739
- feat: add the ability to set jwt header type by @mgyongyosi in #737
- chore(deps): bump github.com/ory/x to v0.0.559 (+ required dependencies) by @kralicky in #751
- chore: update dependencies by @hperl in #752
- feat: basic tracing instrumentation with OpenTelemetry by @alnr in #761
- feat: add support for OIDC VC by @hperl in #758
- fix: isloopback returns true incorrectly by @james-d-elliott in #765
- fix: remove redundant map access by @dtam-cybozu in #775
- feat: support multiple token URLs by @hperl in #780
- fix: quick start secret config by @n0izn0iz in #781
New Contributors
- @dependabot made their first contribution in #738
- @mgyongyosi made their first contribution in #737
- @kralicky made their first contribution in #751
- @hperl made their first contribution in #752
- @alnr made their first contribution in #761
- @dtam-cybozu made their first contribution in #775
- @n0izn0iz made their first contribution in #781
Full Changelog: v0.44.0...v0.45.0