v0.5.0

What's Changed

• FEATURE: Token Renewal by @sevensolutions in #28
• DOCS: add pocket-id lightweight IDP by @cdanis in #31
• FEATURE: Add support for tokens in upstream headers by @sevensolutions in #37
• TESTS: Prepared a first e2e test by @sevensolutions in #39
• MAINT: Bump the dependencies group in /website with 26 updates by @dependabot in #41
• FEATURE: optional static domain for callback & allow setting statecookie.domain by @cdanis in #30
• FEATURE: Custom token sources by @sevensolutions in #44

Breaking Changes

This Release contains some breaking changes.

1. The StateCookie-configuration option has been renamed to SessionCookie.
Old:

traefik-oidc-auth:
  StateCookie:
    Name: "Authorization"

New:

traefik-oidc-auth:
  SessionCookie:
    Name: "Authorization"

2. Header Configuration (MapClaims) has been changed.
Old:

Headers:
  MapClaims:
    - Header: "X-Oidc-Username"
      Claim: "preferred_username"      

New:

Headers:
  - Name: "Authorization"
    Value: "{{`Bearer {{ .accessToken }}`}}"
  - Name: "X-Oidc-Username"
    Value: "{{`{{ .claims.preferred_username }}`}}"

Please see the docs for more details. As you can see, this now also supports templating.

New Contributors

• @cdanis made their first contribution in #31
• @dependabot made their first contribution in #41

Full Changelog: v0.4.1...v0.5.0

v0.4.1

Full Changelog: v0.4.0...v0.4.1

FIX: #25: Logout didn't work anymore.

v0.4.0

What's Changed

• Minor improvements by @philipp-meier in #20
• CHG: Improve Cookie Handling by @sevensolutions in #22
  Note: This is a breaking change!
  The authorization cookie is now encrypted and split into multiple chunks because they may get too big.
  If you get an internal server error, please delete all Authorization cookies and try again.
• ADD: It is now possible to change whether you want to validate the access_token or id_token. When using EntraID, it automatically selects id_token which should now make EntraID working.
• ADD: Re-added support for token introspection. Please note that this still doesn't support Hashicorp Vault for some reasons.

New Contributors

• @philipp-meier made their first contribution in #20

Full Changelog: v0.3.2...v0.4.0

v0.3.2

What's Changed

• [#16] Fix race condition when fetching OIDC document by @ieugen in #18

New Contributors

• @ieugen made their first contribution in #18

Full Changelog: v0.3.1...v0.3.2

v0.3.1

What's Changed

• Fix: It wasn't possible to configure scopes other than the default ones. #14

Full Changelog: v0.3.0...v0.3.1

v0.3.0

What's Changed

• Feature/pkce by @sevensolutions in #10
• Add support for array and nested object assertions by @WhySoBad in #9

New Contributors

• @WhySoBad made their first contribution in #9

Full Changelog: v0.2.0...v0.3.0

v0.2.0

Add basic support for authorization by asserting claims in the access token.

Full Changelog: v0.1.1...v0.2.0

v0.1.1

Another potential fix

v0.1.0

Initial Release

Full Changelog: https://github.com/sevensolutions/traefik-oidc-auth/commits/v0.1.0