Skip to content

Releases: ory/fosite

v0.47.0

16 Jul 08:29
3ec8db8
Compare
Choose a tag to compare

BREAKING CHANGES: Going forward, please instantiate the HMACSHAStrategy using oauth2.NewHMACSHAStrategy():

-var hmacshaStrategy = oauth2.HMACSHAStrategy{
-	Enigma: &hmac.HMACStrategy{Config: &fosite.Config{GlobalSecret: []byte("foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar")}},
-	Config: &fosite.Config{
-		AccessTokenLifespan:   time.Hour * 24,
-		AuthorizeCodeLifespan: time.Hour * 24,
-	},
-}

+var hmacshaStrategy = oauth2.NewHMACSHAStrategy(
+	&hmac.HMACStrategy{Config: &fosite.Config{GlobalSecret: []byte("foobarfoobarfoobarfoobarfoobarfoobarfoobarfoobar")}},
+	&fosite.Config{
+		AccessTokenLifespan:   time.Hour * 24,
+		AuthorizeCodeLifespan: time.Hour * 24,
+	},
+)

What's Changed

  • chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.3 by @dependabot in #800
  • chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 by @dependabot in #804
  • chore(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in #811
  • chore: remove unneeded dependency github.com/ecordell/optgen by @James-REANNZ in #810
  • chore(deps): bump github.com/hashicorp/go-retryablehttp from 0.7.4 to 0.7.7 by @dependabot in #812
  • chore(deps): bump golang.org/x/net from 0.13.0 to 0.23.0 by @dependabot in #808
  • refactor: split HMAC SHA strategy by @aeneasr in #813
  • fix: WriteIntrospectionResponse should always issue headers by @mitar in #802
  • revert: splitting the HMAC SHA strategy (#813) by @aeneasr in #815
  • refactor: improve dependency injection capabilities by @aeneasr in #816

New Contributors

Full Changelog: v0.46.1...v0.47.0

0.46.1

01 Mar 09:29
1f27af4
Compare
Choose a tag to compare
v0.46.1

fix: use stdlib to check loopback address (#795)

0.46.0

13 Feb 08:20
9b98b55
Compare
Choose a tag to compare

What's Changed

  • fix: fix broken link in History.md by @Suvink in #783
  • fix: call DeleteOpenIDConnectSession during successful authcode exchange by @cfryanr in #793
  • fix: do not list client_secret_jwt as supported by @mitar in #787
  • fix: [#754] Requester ID fix by @vivshankar in #756

New Contributors

Full Changelog: v0.45.0...v0.46.0

0.45.0

03 Jan 12:07
2c69fd8
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: v0.44.0...v0.45.0

0.44.0

07 Dec 12:20
e570564
Compare
Choose a tag to compare
refactor: allow secret configuration to return errors (#726)

BREAKING CHANGE: `GetGlobalSecret` and `GetRotatedGlobalSecrets` signatures changed and it is now possible to add an error.

0.43.0

10 Oct 07:01
Compare
Choose a tag to compare
v0.43.0

chore: update repository templates to https://github.com/ory/meta/com…

v0.42.2

17 Apr 17:27
Compare
Choose a tag to compare
autogen(docs): regenerate and update changelog

v0.42.1

04 Feb 18:33
Compare
Choose a tag to compare
autogen(docs): regenerate and update changelog

v0.42.0

11 Jan 16:08
Compare
Choose a tag to compare

What's Changed

  • feat: add new function to TokenRevocationStorage to support refresh token grace-period by @bill-robbins-ss in #635

New Contributors

Full Changelog: v0.41.0...v0.42.0

v0.41.0

07 Dec 08:00
Compare
Choose a tag to compare
autogen(docs): regenerate and update changelog