Bump openid-client from 4.9.1 to 5.1.4

[dependabot[bot]]

Bumps openid-client from 4.9.1 to 5.1.4.

Release notes

Sourced from openid-client's releases.

v5.1.4

Fixes

• dpop: htu without querystring (f6fa149)

v5.1.3

Fixes

• add application/jwk-set+json to accept header for JWKS calls (#467) (f94d42b), closes #466

v5.1.2

Fixes

• passing null as checks.nonce should not disable it (5120a07)

v5.1.1

Fixes

• allow setting timeout to 0 to disable it (32b28b5), closes #443

v5.1.0

Features

• support OAuth 2.0 Authorization Server Issuer Identification (fb6a141)
• support server-provided DPoP nonces (update DPoP to draft-04) (a84950a)

Fixes

• reject oauthCallback when id_token is detected (92ffee5)
• typescript: ts-ignore missing AbortSignal global (d975c11), closes #433

v5.0.2

Bug Fixes

• explicitly set content-length again (956c34b), closes #420

v5.0.1

Bug Fixes

• explicitly set accept: application/json again (89cdbe2)

v5.0.0

⚠ BREAKING CHANGES

• The 'query' way of passing access token to userinfo was removed.
• Access Token is now asserted to be present for userinfo and requestResource calls.
• The registry export was removed.
• FAPIClient is renamed to FAPI1Client
• FAPI1Client has default algorithms set to PS256 rather than RS256

... (truncated)

Changelog

Sourced from openid-client's changelog.

5.1.4 (2022-03-04)

Fixes

• dpop: htu without querystring (f6fa149)

5.1.3 (2022-02-03)

Fixes

• add application/jwk-set+json to accept header for JWKS calls (#467) (f94d42b), closes #466

5.1.2 (2022-01-13)

Fixes

• passing null as checks.nonce should not disable it (5120a07)

5.1.1 (2021-12-20)

Fixes

• allow setting timeout to 0 to disable it (32b28b5), closes #443

5.1.0 (2021-12-03)

Features

• support OAuth 2.0 Authorization Server Issuer Identification (fb6a141)
• support server-provided DPoP nonces (update DPoP to draft-04) (a84950a)

Bug Fixes

• reject oauthCallback when id_token is detected (92ffee5)
• typescript: ts-ignore missing AbortSignal global (d975c11), closes #433

5.0.2 (2021-10-28)

Bug Fixes

• explicitly set content-length again (956c34b), closes #420

5.0.1 (2021-10-27)

... (truncated)

Commits

• 674b7ed chore(release): 5.1.4
• f6fa149 fix(dpop): htu without querystring
• 9cfd910 ci: fix hashFiles
• 444e770 ci: no need for a secret gitlab token
• 4b7b96a ci: always use latest conformance suite
• dc362bf chore(release): 5.1.3
• f94d42b fix: add application/jwk-set+json to accept header for JWKS calls (#467)
• 8732257 ci: bump conformance suite
• ae2e3ff chore(release): 5.1.2
• 5120a07 fix: passing null as checks.nonce should not disable it
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #67.