- Fix handling of JWKS response (omniauth#157)
- Update openid_connect to 2.2 (omniauth#153)
- Drop Ruby 2.5 and 2.6 CI support (omniauth#154)
- Improvements to README (omniauth#152, omniauth#151)
- Add option
logout_path(omniauth#143)
- Fix uninitialized constant error (omniauth#147)
- Support verification of HS256-signed JWTs (omniauth#134)
- Support the "nonce" parameter forwarding without a session #130
- Fetch key from JWKS URI if available #133
- Make the state parameter verification optional #122
- Add email_verified claim in user info #131
- Add PKCE verification support #128
- Support dynamic parameters to the authorize URI #90
- Upgrade Faker and replace Travis with Github Actions #102
- Make
omniauth_openid_connectgem compatible withomniauth v2.0#95 - Fall back to the discovered jwks when no key specified #97
- Allow updating to omniauth v2 #88
- bugfix: Info from decoded id_token is not exposed into
request.env['omniauth.auth']#61 - bugfix: NoMethodError (
undefined method 'count' for #<OpenIDConnect::ResponseObject::IdToken>) #60
- Try to verify id_token when response_type is code #44
- Provide more information on error #49
- Update configuration documentation #53
- Add documentation about the send_scope_to_token_endpoint config property #52
- refactor: take uid_field from raw_attributes #54
- chore(ci): add 2.7, ruby-head and jruby-head #55
- Pass
acr_valuesto authorize url #43 - Add raw info for id token #42
- Fixed
id_tokenverification whenid_tokenis not used #41 - Cast
response_typeto string when checking if it is set in params #36 - Support both symbol and string version of
response_typeoption #35 - Fix gemspec homepage #33
- Add support for
response_typeid_token#32
- Use response_mode in
authorize_uriif the option is defined #30 - Move verification of
id_tokento before accessing tokens #28 - Update omniauth dependency #26
- Set default OmniAuth name to openid_connect #23