Skip to content

Version 2.1.0

Compare
Choose a tag to compare
@abompard abompard released this 09 Oct 10:12
· 103 commits to develop since this release
2.1.0
1bed41f

Fixed

  • Handle token expiration when there is no refresh_token or no token URL (#39)

Changed

  • Restore the OVERWRITE_REDIRECT_URI configuration option as OIDC_OVERWRITE_REDIRECT_URI.
  • The redirect_uri that is generated and sent to the ID provider is no longer forced to HTTPS, because the the OIDC spec is actually only a strong recommendation (#35). You can use OIDC_OVERWRITE_REDIRECT_URI if you want to force it to HTTPS (or any other URL).