[prev in list] [next in list] [prev in thread] [next in thread]
List: ruby-talk
Subject: [ruby-talk:443111] [ANN] rodauth-oauth 1.0.0.pre.beta2 released
From: Tiago Cardoso <honeyryderchuck () gmail ! com>
Date: 2022-11-09 23:30:44
Message-ID: CAD489_w1rJqrLOZX4PKXhpO6oMuSKo-AVekRsPo4c49Kx-W2Sw () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
rodauth-oauth 1.0.0.pre.beta2 has been released.
rodauth-oauth is a rack-compatible toolkit for building OAuth 2.0
authorization servers, as well as OpenID Authentication Providers.
# as simple as
rodauth do
enable :oauth_authorization_code_grant
# or
enable :oidc
end
Among its features, it supports:
* Authorization Code Grant
* Refresh Token Grant
* Implicit Grant
* Client Credentials Grant
* Device Code Grant
* Token Revocation
* Token Introspection
* Auth Server Metadata
* PKCE
* Resource Indicators
* JWT Access Tokens
* Assertion Framework
* SAML 2.0 Bearer Assertion Grant
* JWT Bearer Assertion Grant
* JWT Secured authorization (JAR) requests
* Dynamic Client Registration
* OpenID
* OpenID Discovery
* OpenID Multiple Response types
* OpenID Connect Dynamic Client Registration
* OpenID Relying Party Initiated Logout
It can also be used with Rails (via the "rodauth-rails" gem).
Website: https://honeyryderchuck.gitlab.io/rodauth-oauth/
Documentation: https://honeyryderchuck.gitlab.io/rodauth-oauth/rdoc/
Wiki: https://gitlab.com/honeyryderchuck/rodauth-oauth/wikis/home
CI: https://gitlab.com/honeyryderchuck/rodauth-oauth/pipeline
This is the second beta release of v1. Most of the accompanying resources
are still control-versioned, among them:
## Wiki
In order to access the wiki for v1, you can do the following:
> git clone git@gitlab.com:honeyryderchuck/rodauth-oauth.wiki.git
> cd rodauth-oauth.wiki
> git checkout -b issue-28
and follow the remainder of the instructions [here](
https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/git_access)
## Example apps
Repo examples: https://gitlab.com/honeyryderchuck/rodauth-oauth/-/tree/issue-28/examples
Rodauth Oauth Rails example:
https://gitlab.com/honeyryderchuck/rodauth-oauth-demo-rails/-/tree/issue-28
Rodauth OAuth Rails Devise example:
https://gitlab.com/honeyryderchuck/rodauth-oauth-devise-demo/-/tree/issue-28
## Changelog
These are the release notes since the last update:
This version passes the conformance tests for the following OpenID Connect
certification profiles:
* Basic certification
* Form-post basic certification
* Config certification
* Dynamic Config certification (`response_type=code`)
## Breaking Changes
* homepage url is no longer a client application required property.
* OIDC RP-initiated logout extracted into `oidc_rp_initiated_logout`
feature.
## Features
* `oauth_jwt_secured_authorization_request` now supports a `request_uri`
query param as well.
* `oidc` supports essential claims, via the `claims` authorization request
query parameter.
## Improvements
* exposing `acr_values_supported` in the openid configuration.
* `oauth_request_object_signing_alg_allow_none` enables `"none"` as an
accepted request object signing alg when `true` (`false` by default).
* OIDC `offline_access` supported.
## Bugfixes
* JWT: "sub" is now always a string.
* `response_type` is now an authorization request required parameter (as
per the RFC).
* `state` is now passed along when redirecting from authorization requeests
with `error`;
* access token can now be read from POST body or GET quety params (as per
the RFC).
* id token no longer shipping with claims with `null` value;
* id token no longer encoding claims by default (only when
`response_type=id_token`, as per the RFC).
* support "JWT without kid" when doing jwt decoding for JWT tokens not
generated in the provider (such as request objects).
* Set `iss` and `aud` claims in the Userinfo JWT response.
* Make sure errors are also delivered via form POST, when
`response_mode=form_post`.
[Attachment #5 (text/html)]
<div dir="ltr"><span>rodauth-<span>oauth</span> 1.0.0.pre.beta2 has been \
released.<br></span><div><div><span><br></span></div><div><span><span>rodauth</span></span>-<span><span>oauth</span></span> \
is a rack-compatible toolkit for building <span><span>OAuth</span></span> 2.0 \
authorization servers, as well as OpenID Authentication \
Providers.</div><div><br></div><div># as simple \
as<br></div><div><span><span>rodauth</span></span> do</div><div> enable \
:<span><span>oauth_authorization_code_grant</span></span></div><div><span><span> # \
or</span></span></div><div><span><span> enable \
:oidc</span></span><br></div><div>end</div><div><br></div><div>Among its features, it \
supports:</div><div><br></div><div>* Authorization Code Grant</div><div>* Refresh \
Token Grant</div><div>* Implicit Grant</div><div>* Client Credentials \
Grant</div><div>* Device Code Grant</div><div>* Token Revocation</div><div>* Token \
Introspection</div><div>* Auth Server Metadata</div><div>* PKCE</div><div>* Resource \
Indicators<br></div><div>* JWT Access Tokens</div><div>* Assertion \
Framework</div><div>* SAML 2.0 Bearer Assertion Grant</div><div>* JWT Bearer \
Assertion Grant</div><div>* JWT Secured authorization (JAR) requests</div><div>* \
Dynamic Client Registration</div><div>* OpenID</div><div>* OpenID \
Discovery</div><div>* OpenID Multiple Response types</div><div>* OpenID Connect \
Dynamic Client Registration</div><div>* OpenID Relying Party Initiated \
Logout</div><div><br></div><div><div><br></div><div>It can also be used with Rails \
(via the "<span>rodauth</span>-rails" \
gem).<br></div><div><br></div><div>Website: <a \
href="https://honeyryderchuck.gitlab.io/rodauth-oauth/" \
target="_blank">https://honeyryderchuck.gitlab.io/<span>rodauth</span>-<span>oauth</span>/</a><br>Documentation: \
<a href="https://honeyryderchuck.gitlab.io/rodauth-oauth/rdoc/" \
target="_blank">https://honeyryderchuck.gitlab.io/<span>rodauth</span>-<span>oauth</span>/rdoc/</a><br>Wiki: \
<a href="https://gitlab.com/honeyryderchuck/rodauth-oauth/wikis/home" \
target="_blank">https://gitlab.com/honeyryderchuck/<span>rodauth</span>-<span>oauth</span>/wikis/home</a><br>CI: \
<a href="https://gitlab.com/honeyryderchuck/rodauth-oauth/pipeline" \
target="_blank">https://gitlab.com/honeyryderchuck/<span>rodauth</span>-<span>oauth</span>/pipeline</a></div><div><br></div><div><div>This \
is the second beta release of v1. Most of the accompanying resources are still \
control-versioned, among them:</div><div><br></div><div>## \
Wiki</div><div><br></div><div>In order to access the wiki for v1, you can do the \
following:</div><br><div>> git clone \
<span>git@gitlab.com:honeyryderchuck/rodauth-oauth.wiki.git</span></div><div>> cd \
rodauth-oauth.wiki</div><div>> git checkout -b issue-28 \
<br></div><div><br></div><div>and follow the remainder of the instructions [here](<a \
href="https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/git_access" \
target="_blank">https://gitlab.com/honeyryderchuck/rodauth-oauth/-/wikis/git_access</a>)</div><div><pre><span \
style="font-family:arial,sans-serif">## Example apps<br><br>Repo examples: <a \
href="https://gitlab.com/honeyryderchuck/rodauth-oauth/-/tree/issue-28/examples" \
target="_blank">https://gitlab.com/honeyryderchuck/rodauth-oauth/-/tree/issue-28/examples</a><br>Rodauth \
Oauth Rails example: <a \
href="https://gitlab.com/honeyryderchuck/rodauth-oauth-demo-rails/-/tree/issue-28" \
target="_blank">https://gitlab.com/honeyryderchuck/rodauth-oauth-demo-rails/-/tree/issue-28</a><br>Rodauth \
OAuth Rails Devise example: <a \
href="https://gitlab.com/honeyryderchuck/rodauth-oauth-devise-demo/-/tree/issue-28" \
target="_blank">https://gitlab.com/honeyryderchuck/rodauth-oauth-devise-demo/-/tree/issue-28</a></span></pre><pre><span \
style="font-family:arial,sans-serif">#<span style="font-family:arial,sans-serif"># \
Changelog<br><br></span><span style="font-family:arial,sans-serif">These are the \
release notes since the last update:</span></span></pre></div></div><div>This version \
passes the conformance tests for the following OpenID Connect certification \
profiles:<br><br>* Basic certification<br>* Form-post basic certification<br>* Config \
certification<br>* Dynamic Config certification (`response_type=code`)<br><br>## \
Breaking Changes<br><br>* homepage url is no longer a client application required \
property.<br>* OIDC RP-initiated logout extracted into `oidc_rp_initiated_logout` \
feature.<br><br>## Features<br><br>* `oauth_jwt_secured_authorization_request` now \
supports a `request_uri` query param as well.<br>* `oidc` supports essential claims, \
via the `claims` authorization request query parameter.<br><br>## \
Improvements<br><br>* exposing `acr_values_supported` in the openid \
configuration.<br>* `oauth_request_object_signing_alg_allow_none` enables \
`"none"` as an accepted request object signing alg when `true` (`false` by \
default).<br>* OIDC `offline_access` supported.<br><br>## Bugfixes<br><br>* JWT: \
"sub" is now always a string.<br>* `response_type` is now an authorization \
request required parameter (as per the RFC).<br>* `state` is now passed along when \
redirecting from authorization requeests with `error`;<br>* access token can now be \
read from POST body or GET quety params (as per the RFC).<br>* id token no longer \
shipping with claims with `null` value;<br>* id token no longer encoding claims by \
default (only when `response_type=id_token`, as per the RFC).<br>* support "JWT \
without kid" when doing jwt decoding for JWT tokens not generated in the \
provider (such as request objects).<br>* Set `iss` and `aud` claims in the Userinfo \
JWT response.<br>* Make sure errors are also delivered via form POST, when \
`response_mode=form_post`.</div></div></div></div>
[Attachment #6 (text/plain)]
Unsubscribe: <mailto:ruby-talk-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-talk>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic