Update to 2.4.14.4 #3

bester · 2023-11-15T20:02:13Z

No description provided.

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

@studersi

see OpenIDC#853; thanks @studersi; bump to 2.4.11.3rc0 Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

Use optionally provided sid and iss parameters by the OP during front channel logout as specified in "OpenID Connect Front-Channel Logout 1.0 - draft 05" at https://openid.net/specs/openid-connect-frontchannel-1_0.html. * src/mod_auth_openidc.c::oidc_save_in_session: Always save the sid in the session if present as it can be used in the front channel logout case as well. * src/mod_auth_openidc.c::oidc_cleanup_by_sid: New function to factor out some code from oidc_handle_logout_backchannel. * oidc_handle_logout_request::oidc_handle_logout_request In case of a front channel logout where no session was provided look for the optional request parameters sid and iss to retrieve the session from the cache and clean it up. As some OP's like MS Azure do not provide the iss parameter as the spec mandates try to use a possible static provider in this case. * oidc_handle_logout_request::oidc_handle_logout_backchannel: Make use of oidc_cleanup_by_sid. * src/mod_auth_openidc.h: New defines for OIDC_REDIRECT_URI_REQUEST_SID and OIDC_REDIRECT_URI_REQUEST_ISS.

@rpluem-vf

…hannel logout; see OpenIDC#855; thanks @rpluem-vf

Use optionally provided sid and iss request parameters during front channel logout

fix for ipv6 hosts if logout url is set

@codemaker219

thanks @@codemaker219; bump to 2.4.11.3rc1 Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

…umentation.

Escape periods in regular expressions for OIDCRedirectURLsAllowed documentation.

@smanolache

when used with array matching closes #902; thanks @smanolache; bump to 2.4.11.3rc4 Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

@smanolache

closes #903; thanks @smanolache Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

see OpenIDC#812 and OpenIDC#888; bump to 2.4.11.4rc1 Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

update cjose to 0.6.2

over the one returned in the frontchannel for "code token" and "code id_token token" flows; for certification purposes Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

for certification purposes Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

for substitution; closes #915; bump to 2.4.11.4rc2 Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

* ChangeLog: Document change * auth_openidc.conf Document the new directives OIDCMemCacheConnectionsMin OIDCMemCacheConnectionsSMax OIDCMemCacheConnectionsHMax OIDCMemCacheConnectionsTTL * src/cache/memcache.c oidc_cache_memcache_post_config: Use the new parameters or use defaults when calling apr_memcache_server_create * src/config.c oidc_set_uint32_slot: New function to set an apr_uint32_t value in the server config oidc_set_timeout_slot: New function to set an 32 bit uint timeout slot in the server config oidc_create_server_config: Init additional fields oidc_merge_server_config: Merge additional fields Declare the new directives OIDCMemCacheConnectionsMin OIDCMemCacheConnectionsSMax OIDCMemCacheConnectionsHMax OIDCMemCacheConnectionsTTL * src/mod_auth_openidc.h Add new fields to struct oidc_cfg * test/stub.c Add new stubs from httpd API: ap_mpm_query ap_timeout_parameter_parse

…tings Allow setting connection pool parameters for Memcache server connections

Add autom4te.cache to .gitignore

or pull keys from the JWKS URI; for certification purposes Signed-off-by: Hans Zandbelt <hans.zandbelt@zmartzone.eu>

see: OpenIDC#1096 bump to 2.4.14.3rc7 Signed-off-by: Hans Zandbelt <hans.zandbelt@openidc.com>