v0.29.0

• OpenID Connect works! The plumbing for this has been in place for some time, but this release supports the /userinfo endpoint and enough parameters from the authorization endpoint to make it work the OIDC clients we've tested.
• The dev server now automatically generates a JWT private key when it's ran for the first time. This enables OpenID Connect to be used without further configuration.
• Auth.js / NextAuth.js support validated. Our implementation had a few bugs, and authjs also had some issues that the server now has workarounds in place for.
• Lots of documentatation fixes and additions. (Thank you @usrrname).
• Workaround for authjs incorrectly encoding colon in Basic Auth with percent-encoding.
• #590: When a OIDC client doesn't provide a nonce, the server encoded the nonce as 'null' in the id token. It should have simply been omitted and this was breaking authjs.
• Added OpenID Connect endpoints to home screen.
• Fixed validation bugs in the OAuth2 app update screen.
• Support for the OIDC /.well-known/openid-configuration endpoint.
• Added 'email', 'phone' and 'name' claims to OpenID id token.
• Support for OpenID Connect 'userinfo' endpoint.
• #596: Support for 'prompt' parameter in OIDC authorize request.
• Support for auth_time in OIDC id_token
• Force users to go through login process after changing their password. Before this change a change-password token was enough to complete login, but this could allow a user to circumvent other authentication factors such as TOTP.
• Added a small HAL form for easily obtaining developer access tokens.
• Added a /me endpoint that always redirects to the currently authenticated user or app.
• Add support for prefer: transclude=item header and ?embed=item query parameter on the /user collection, allowing clients to get the full representation of each user.
• A refresh of the home endpoint, with a few more links to OIDC endpoints.