oidc-agent 1.2.0
Features
Support for Authorization Code Flow
By supporting the Authorization Code Flow oidc-agent is now usable with almost
any OpenID Provider. Supported Providers are, among others: B2Access, EGI-Checkin, Elixir,
Google and The Human Brain Project (HBP).
Support for Device Flow
oidc-agent supports now the Device Flow. A second device can be used for the
client authorization. Does not require a web browser on the device where
oidc-agent is running.
Possibility to specify flow to be used
When using oidc-gen to generate a new account configuration the --flow option
can be used to specify the flow used to obtain the refresh token. Multiple
values can be given to express priorities.
Support for Scopes
When using oidc-gen to generate a new account configuration scopes can be
provided to adjust the default scopes. Scopes are checked with the OpenID
Provider; provided scopes that are not supported by the OpenID Provider are
automatically discarded
When using oidc-token the --scope
flag can be used to specify a non
default scope.
List Account Configurations
oidc-add and oidc-gen can print a list of available account configurations with
the -l flag.
List Client Configurations
oidc-add can print a list of available client configurations with the -c flag.
Print decrypted file content
oidc-add can print the decrypted account configuration with the -p flag.
oidc-gen can print decrypted account configuration and client configuration
files with the -p flag.
Colored Output
important output is colored
Dynamic Registration
When using dynamic client registration the user can now provide an access token
for authorization at the registration endpoint. This is needed if the endpoint
is not public but protected.
API
C-API
The function getAccessToken has an additional parameter scope. It can be used to
pass a space delimited list of scope values. To use the default scope values
pass NULL.
IPC-API
When performing a token request the field min_valid_period is now optional
instead of required. The default value is 0.
When performing a token request the new optional field scope
can be used
to provide a space delimited list of scope values.
Bugfixes
- fixed a number of bugs