zitadel-oidc

History

Tim Möhlmann b8e520afd0 fix: allow expired ID token hint to end sessions (#522 ) * fix: allow expired ID token hint to end sessions This change adds a specific error for expired ID Token hints, including too old "issued at" and "max auth age". The error is returned VerifyIDTokenHint so that the end session handler can choose to ignore this error. This fixes the behavior to be in line with [OpenID Connect RP-Initiated Logout 1.0, section 4](https://openid.net/specs/openid-connect-rpinitiated-1_0.html#ValidationAndErrorHandling). * Tes IDTokenHintExpiredError		2024-01-19 11:30:51 +01:00
..
client	feat(rp): Add UnauthorizedHandler (#503 )	2024-01-09 17:24:05 +02:00
crypto	fix(crypto): nil pointer dereference in crypto.BytesToPrivateKey (#491 ) (#493 )	2023-12-05 17:15:59 +02:00
http	Merge branch 'next' into next-main	2023-10-12 16:07:49 +03:00
oidc	fix: allow expired ID token hint to end sessions (#522 )	2024-01-19 11:30:51 +01:00
op	fix: allow expired ID token hint to end sessions (#522 )	2024-01-19 11:30:51 +01:00
strings	feat: Token Revocation, Request Object and OP Certification (#130 )	2021-11-02 13:21:35 +01:00