forked from jumbojett/OpenID-Connect-PHP
-
Notifications
You must be signed in to change notification settings - Fork 2
Progress on fixing upstream issues
JuliusPC edited this page Apr 30, 2021
·
5 revisions
Since jumbojett seems not be able or willing to fix problems with jumbojett/OpenID-Connect-PHP anymore, I forked the repo and fixed some issues. Below table shows the progress on some issues:
| Issue (or PR) | resolved in this repo | resolved in upstream repo? | comment |
|---|---|---|---|
| 174 | ✓ | added httpUpgradeInsecureRequests() for this |
|
| 255 and PR 251 | ✓ | ||
| PR 178 and PR 127 | ✓ | ||
| PR 179 | ✓ | ||
| 206 and PR 245 | |||
| 169 | |||
| 120 | |||
| 194 and PR 195 | |||
| PR 225 | ✓ | This needs to be checked against the spec, should the openid scope be added in every case? Regardless of the flow in which the refresh token was obtained in Authorization Code Grant with openid scope or Resource Owner Password Credentials Grant? Rare edge case. Maybe the ROPCG should be removed from the library.
|
|
| 206 and PR 245 | Check if this should be applied to every token request routine. |