- Add
send_stateparameter to disable sending of state (#182)
- Fix handling of JWKS response (#157)
- Update openid_connect to 2.2 (#153)
- Drop Ruby 2.5 and 2.6 CI support (#154)
- Improvements to README (#152, #151)
- Add option
logout_path(#143)
- Fix uninitialized constant error (#147)
- Support verification of HS256-signed JWTs (#134)
- Support the "nonce" parameter forwarding without a session #130
- Fetch key from JWKS URI if available #133
- Make the state parameter verification optional #122
- Add email_verified claim in user info #131
- Add PKCE verification support #128
- Support dynamic parameters to the authorize URI #90
- Upgrade Faker and replace Travis with Github Actions #102
- Make
omniauth_openid_connectgem compatible withomniauth v2.0#95 - Fall back to the discovered jwks when no key specified #97
- Allow updating to omniauth v2 #88
- bugfix: Info from decoded id_token is not exposed into
request.env['omniauth.auth']#61 - bugfix: NoMethodError (
undefined method 'count' for #<OpenIDConnect::ResponseObject::IdToken>) #60
- Try to verify id_token when response_type is code #44
- Provide more information on error #49
- Update configuration documentation #53
- Add documentation about the send_scope_to_token_endpoint config property #52
- refactor: take uid_field from raw_attributes #54
- chore(ci): add 2.7, ruby-head and jruby-head #55
- Pass
acr_valuesto authorize url #43 - Add raw info for id token #42
- Fixed
id_tokenverification whenid_tokenis not used #41 - Cast
response_typeto string when checking if it is set in params #36 - Support both symbol and string version of
response_typeoption #35 - Fix gemspec homepage #33
- Add support for
response_typeid_token#32
- Use response_mode in
authorize_uriif the option is defined #30 - Move verification of
id_tokento before accessing tokens #28 - Update omniauth dependency #26
- Set default OmniAuth name to openid_connect #23