Skip to content

oidc-agent 1.2.0

Compare
Choose a tag to compare
@zachmann zachmann released this 09 Feb 10:48
· 2357 commits to master since this release
b8a4b90

Features

Support for Authorization Code Flow

By supporting the Authorization Code Flow oidc-agent is now usable with almost
any OpenID Provider. Supported Providers are, among others: B2Access, EGI-Checkin, Elixir,
Google and The Human Brain Project (HBP).

Support for Device Flow

oidc-agent supports now the Device Flow. A second device can be used for the
client authorization. Does not require a web browser on the device where
oidc-agent is running.

Possibility to specify flow to be used

When using oidc-gen to generate a new account configuration the --flow option
can be used to specify the flow used to obtain the refresh token. Multiple
values can be given to express priorities.

Support for Scopes

When using oidc-gen to generate a new account configuration scopes can be
provided to adjust the default scopes. Scopes are checked with the OpenID
Provider; provided scopes that are not supported by the OpenID Provider are
automatically discarded

When using oidc-token the --scope flag can be used to specify a non
default scope.

List Account Configurations

oidc-add and oidc-gen can print a list of available account configurations with
the -l flag.

List Client Configurations

oidc-add can print a list of available client configurations with the -c flag.

Print decrypted file content

oidc-add can print the decrypted account configuration with the -p flag.
oidc-gen can print decrypted account configuration and client configuration
files with the -p flag.

Colored Output

important output is colored

Dynamic Registration

When using dynamic client registration the user can now provide an access token
for authorization at the registration endpoint. This is needed if the endpoint
is not public but protected.

API

C-API

The function getAccessToken has an additional parameter scope. It can be used to
pass a space delimited list of scope values. To use the default scope values
pass NULL.

IPC-API

When performing a token request the field min_valid_period is now optional
instead of required. The default value is 0.

When performing a token request the new optional field scope can be used
to provide a space delimited list of scope values.

Bugfixes

  • fixed a number of bugs