Bump oidc-provider from 6.31.1 to 8.4.4

[dependabot[bot]]

Bumps oidc-provider from 6.31.1 to 8.4.4.

Release notes

Sourced from oidc-provider's releases.

v8.4.4

Refactor

• test decoded basic auth tokens for their VSCHAR pattern (3f86cc0)

Fixes

• DPoP,PAR,JAR: validate DPoP before invalidating JAR during PAR (ca0f999)

v8.4.3

This release contains only code refactoring, dependency, or documentation updates.

v8.4.2

Fixes

• reject client JSON Web Key Set null value (#1237) (cce6d43)

v8.4.1

This release contains only code refactoring, dependency, or documentation updates.

v8.4.0

Features

• DPoP: remove experimental flag, DPoP is now RFC9449 (89d133e)

v8.3.2

Fixes

• assign extraTokenClaims return to the model (e296dc7)

v8.3.1

Fixes

• DPoP: compare htu scheme and hostname case independent (b72d668)

v8.3.0

Features

• allow specifying the user-agent header for outgoing requests (95f24ef)

v8.2.2

Fixes

• ignore non-existent resource scopes during refresh (#1222) (bdf23ba)

v8.2.1

Fixes

... (truncated)

Changelog

Sourced from oidc-provider's changelog.

8.4.4 (2024-01-08)

Refactor

• test decoded basic auth tokens for their VSCHAR pattern (3f86cc0)

Fixes

• DPoP,PAR,JAR: validate DPoP before invalidating JAR during PAR (ca0f999)

8.4.3 (2023-12-14)

8.4.2 (2023-12-02)

Fixes

• reject client JSON Web Key Set null value (#1237) (cce6d43)

8.4.1 (2023-10-25)

8.4.0 (2023-09-08)

Features

• DPoP: remove experimental flag, DPoP is now RFC9449 (89d133e)

8.3.2 (2023-09-02)

Fixes

• assign extraTokenClaims return to the model (e296dc7)

8.3.1 (2023-08-30)

Fixes

• DPoP: compare htu scheme and hostname case independent (b72d668)

8.3.0 (2023-08-27)

Features

• allow specifying the user-agent header for outgoing requests (95f24ef)

... (truncated)

Commits

• 81c683d chore(release): 8.4.4
• 29b9667 chore: add documentation updates and refactors to future changelogs
• ca0f999 fix(DPoP,PAR,JAR): validate DPoP before invalidating JAR during PAR
• 3f86cc0 refactor: test decoded basic auth tokens for their VSCHAR pattern
• 391885c chore: bump upload-artifact
• b583993 Revert "build(deps): bump actions/upload-artifact from 3 to 4" (#1243)
• 1111362 build(deps): bump github/codeql-action from 2 to 3 (#1241)
• 68112d3 build(deps): bump actions/upload-artifact from 3 to 4 (#1242)
• 55f4fb7 chore(release): 8.4.3
• 6904545 chore: bump deps
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #93.