The changes in 0.9.0 introduce a behavioral change and arguably a regression. We were previously always signing a response if asked even if the response was not a Success, however after we were only signing Success responses. This was causing some of our api responses to show error messaging indicating that the response could not be parsed instead of that it had failed, and this could potentially result in breaking SPs using FusionAuth as the IDP if they were expecting us to always have signed responses.
I didn't refactor the code back much, just a oneline fix and a test.
The changes in 0.9.0 introduce a behavioral change and arguably a regression. We were previously always signing a response if asked even if the response was not a
Success
, however after we were only signingSuccess
responses. This was causing some of our api responses to show error messaging indicating that the response could not be parsed instead of that it had failed, and this could potentially result in breaking SPs using FusionAuth as the IDP if they were expecting us to always have signed responses.I didn't refactor the code back much, just a oneline fix and a test.