github-actions[bot]
commented
2 weeks ago Code Coverage Report: Only Changed Files listed
| Package | Coverage |
|---|---|
| Overall Coverage | 🟢 85% |
Minimum allowed coverage is 0%, this run produced 85%
Closed renovate[bot] closed 1 week ago
github-actions[bot]
commented
2 weeks ago | Package | Coverage |
|---|---|
| Overall Coverage | 🟢 85% |
Minimum allowed coverage is 0%, this run produced 85%
This PR contains the following updates:
1.6.2->1.8.9Release Notes
doorkeeper-gem/doorkeeper-openid_connect (doorkeeper-openid_connect)
### [`v1.8.9`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v189-2024-05-07) - Support Doorkeeper 5.7 ### [`v1.8.8`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v188-2024-02-26) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.7...v1.8.8) - \[[#201](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/201)] Add back typ=JWT to header ### [`v1.8.7`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v187-2023-05-18) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.6...v1.8.7) - \[[#198](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/198)] Fully qualify `JWT::JWK::Thumbprint` constant with :: (thanks to [@stanhu](https://redirect.github.com/stanhu)) ### [`v1.8.6`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v186-2023-05-12) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.5...v1.8.6) - \[[#194](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/194)] Default to RFC 7638 kid fingerprint generation (thanks to [@stanhu](https://redirect.github.com/stanhu)). ### [`v1.8.5`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v185-2023-02-02) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.4...v1.8.5) - \[[#186](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/186)] Simplify gem configuration reusing Doorkeeper configuration option DSL (thanks to [@nbulaj](https://redirect.github.com/nbulaj)). - \[[#182](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/182)] Drop support for Ruby 2.6 and Rails 5 (thanks to [@sato11](https://redirect.github.com/sato11)). - \[[#188](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/188)] Fix dookeeper-jwt compatibility (thanks to [@zavan](https://redirect.github.com/zavan)). ### [`v1.8.4`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v184-2023-02-01) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.3...v1.8.4) Note that v1.8.4 changed the default kid fingerprint generation from RFC 7638 to a format based on the SHA256 digest of the key element. To restore the previous behavior, upgrade to v1.8.6. - \[[#177](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/177)] Replace `json-jwt` with `ruby-jwt` to align with doorkeeper-jwt (thanks to [@kristof-mattei](https://redirect.github.com/kristof-mattei)). - \[[#185](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/185)] Don't call active_record_options for Doorkeeper >= 5.6.3 (thanks to [@zavan](https://redirect.github.com/zavan)). - \[[#183](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/183)] Stop render consent screen when user is not logged-in (thanks to [@nov](https://redirect.github.com/nov)). ### [`v1.8.3`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v183-2022-12-02) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.2...v1.8.3) - \[[#180](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/180)] Add PKCE support to OpenID discovery endpoint (thanks to [@stanhu](https://redirect.github.com/stanhu)). ### [`v1.8.2`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v182-2022-07-13) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.1...v1.8.2) - \[[#168](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/168)] Allow to use custom doorkeeper access grant model (thanks [@nov](https://redirect.github.com/nov)). - \[[#170](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/170)] Controllers inherit `Doorkeeper::AppliactionMetalController` (thanks [@sato11](https://redirect.github.com/sato11)). - \[[#171](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/171)] Correctly override `AuthorizationsController` params (thanks to [@nbulaj](https://redirect.github.com/nbulaj)). ### [`v1.8.1`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v181-2022-02-09) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.8.0...v1.8.1) - \[[#153](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/153)] Fix ArgumentError caused by client credential validation introduced in Doorkeeper 5.5.1 (thanks to [@CircumnavigatingFlatEarther](https://redirect.github.com/CircumnavigatingFlatEarther)) - \[[#161](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/161)] Fix .well-known/openid-connect issuer (respond to block if provided) (thanks to [@fkowal](https://redirect.github.com/fkowal)). - \[[#152](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/152)] Expose oauth-authorization-server in routes (thanks to [@mitar](https://redirect.github.com/mitar)) ### [`v1.8.0`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v180-2021-05-11) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.7.5...v1.8.0) No changes from v1.8.0-rc1. ### [`v1.7.5`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v175-2020-12-15) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.7.4...v1.7.5) ##### Changes - \[[#126](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/126)] Add discovery_url_options option for discovery endpoints URL generation (thanks to [@phlegx](https://redirect.github.com/phlegx)) ##### Bugfixes - \[[#123](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/123)] Remove reference to ApplicationRecord (thanks to [@wheeyls](https://redirect.github.com/wheeyls)) - \[[#124](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/124)] Clone doorkeeper.grant_flows array before appending 'refresh_token' (thanks to [@davidbasalla](https://redirect.github.com/davidbasalla)) - \[[#129](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/129)] Avoid to use the config alias while supporting Doorkeeper 5.2 (thanks to [@kymmt90](https://redirect.github.com/kymmt90)) ### [`v1.7.4`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v174-2020-07-06) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.7.3...v1.7.4) - \[[#119](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/119)] Execute end_session_endpoint in the controllers context (thanks to [@joeljunstrom](https://redirect.github.com/joeljunstrom)) ### [`v1.7.3`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v173-2020-07-06) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.7.2...v1.7.3) - \[[#111](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/111)] Add configuration callback `select_account_for_resource_owner` to support the `prompt=select_account` param - \[[#112](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/112)] Add grant_types_supported to discovery response - \[[#114](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/114)] Fix user_info endpoint when used in api mode - \[[#116](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/116)] Support Doorkeeper API (> 5.4) for registering custom grant flows. - \[[#117](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/117)] Fix migration template to use Rails migrations DSL for association. - \[[#118](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/118)] Use fragment urls for implicit flow error redirects (thanks to [@joeljunstrom](https://redirect.github.com/joeljunstrom)) ### [`v1.7.2`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v172-2020-05-20) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.7.1...v1.7.2) ##### Changes - \[[#108](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/108)] Add support for Doorkeeper 5.4 - \[[#103](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/103)] Add support for end_session_endpoint - \[[#109](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/109)] Test against Ruby 2.7 & Rails 6.x ### [`v1.7.1`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v171-2020-02-07) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.7.0...v1.7.1) ##### Upgrading This version adds `on_delete: :cascade` to the migration template for the `oauth_openid_requests` table, in order to fix [#82](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/82). For existing installations, you should add a new migration in your application to drop the existing foreign key and replace it with a new one with `on_delete: :cascade` included. Depending on the database you're using and the size of your application this might bring up some concerns, but in most cases the following should be sufficient: ```ruby class UpdateOauthOpenIdRequestsForeignKeys < ActiveRecord::Migration[5.2] def up remove_foreign_key(:oauth_openid_requests, column: :access_grant_id) add_foreign_key(:oauth_openid_requests, :oauth_access_grants, column: :access_grant_id, on_delete: :cascade) end def down remove_foreign_key(:oauth_openid_requests, column: :access_grant_id) add_foreign_key(:oauth_openid_requests, :oauth_access_grants, column: :access_grant_id) end end ``` ##### Bugfixes - \[[#96](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/96)] Bump `json-jwt` because of CVE-2019-18848 (thanks to [@leleabhinav](https://redirect.github.com/leleabhinav)) - \[[#97](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/97)] Fixes for compatibility with Doorkeeper 5.2 (thanks to [@linhdangduy](https://redirect.github.com/linhdangduy)) - \[[#98](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/98)] Cascade deletes from `oauth_openid_requests` to `oauth_access_grants` (thanks to [@manojmj92](https://redirect.github.com/manojmj92)) - \[[#99](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/99)] Fix `audience` claim when application is not set on access token (thanks to [@ionut998](https://redirect.github.com/ionut998)) ### [`v1.7.0`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v170-2019-11-04) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.6.3...v1.7.0) ##### Changes - \[[#85](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/85)] This gem now requires Doorkeeper 5.2, Rails 5, and Ruby 2.4 ### [`v1.6.3`](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/blob/HEAD/CHANGELOG.md#v163-2019-09-24) [Compare Source](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/compare/v1.6.2...v1.6.3) ##### Changes - \[[#81](https://redirect.github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/81)] Allow silent authentication without user consent (thanks to [@jarosan](https://redirect.github.com/jarosan)) - Don't support Doorkeeper >= 5.2 due to breaking changesConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled because a matching PR was automerged previously.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.