cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
zitadel-oidc/pkg
History
Tim Möhlmann f8b00daa1a fix: allow expired ID token hint to end sessions 
This change adds a specific error for expired ID Token hints, including too old "issued at" and "max auth age".
The error is returned VerifyIDTokenHint so that the end session handler can choose to ignore this error.

This fixes the behavior to be in line with [OpenID Connect RP-Initiated Logout 1.0, section 4](https://openid.net/specs/openid-connect-rpinitiated-1_0.html#ValidationAndErrorHandling).
2024-01-19 11:57:11 +02:00
..
client feat(rp): Add UnauthorizedHandler (#503) 2024-01-09 17:24:05 +02:00
crypto fix(crypto): nil pointer dereference in crypto.BytesToPrivateKey (#491) (#493) 2023-12-05 17:15:59 +02:00
http Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
oidc fix: allow expired ID token hint to end sessions 2024-01-19 11:57:11 +02:00
op fix: allow expired ID token hint to end sessions 2024-01-19 11:57:11 +02:00
strings feat: Token Revocation, Request Object and OP Certification (#130) 2021-11-02 13:21:35 +01:00