4.0 stabilization

[avtrujillo]

Hi,

What contributions or actions are needed in order to stabilize version 4.0 of this crate?

[ramosbugs]

Hey @avtrujillo, I'll probably stabilize 4.0 soon after stabilizing oauth2 5.0.

Since both of these versions had major breaking changes, I'd like to wait another couple of months to see if additional issues get filed that might require further breaking changes to fix. In the meantime, the latest alpha releases should be safe to use in production; they're just not guaranteed to be API stable.

See also https://github.com/ramosbugs/oauth2-rs/issues/260#issuecomment-2080178872

[erlend-sh]

As part of the stabilization effort I would humbly suggest testing openidconnect-rs with Rauthy by @sebadob.

We’ve been trying to connect our Rauthy-based OIDC provider with projects like Kitsune (by @aumetra) which uses your crate, but there’s an incompatibility.

I wish I could provide deeper insights but we haven’t gotten to the root of the issue yet. All we know so far is that other OIDC-compatible applications are working fine: https://github.com/commune-os/weird/issues/28

[sebadob]

@erlend-sh if there is an issue with Rauthy, please let me know.

[aumetra]

@erlend-sh if there is an issue with Rauthy, please let me know.

The UserInfo fetch won't work correctly. It errors out. Works correctly against keycloak. Not sure why

[sebadob]

Rauthy works with every client app I tested so far, so it would be nice to know what / where the actual problem is. Not sure if this is the right issue for this.

The /userinfo can only error in a few cases and Rauthy will give you a detailed description of the error. Can you tell me what its complaining about?

[ramosbugs]

4.0.0-rc.1 is now released, so the API is considered stable (i.e., no further breaking changes) for 4.x. If there are no further bugs filed in the next few weeks I'll promote this release to 4.0.0.