Merge branch 'zmartzone:master' into master

zmartzone · Sep 13, 2024 · 0a025db · 0a025db
2 parents 773f763 + 4702769
commit 0a025db
Show file tree

Hide file tree

Showing 15 changed files with 243 additions and 123 deletions.
diff --git a/.github/issue_template.md b/.github/issue_template.md
@@ -7,7 +7,7 @@ A new issue about a bug should be verified with a minimized example.
 
 ###### Environment
 
-- lua-resty-openidc version (e.g. 1.7.6)
+- lua-resty-openidc version (e.g. 1.8.0)
 - OpenID Connect provider (e.g. Keycloak, Azure AD)
 
 ###### Expected behaviour

diff --git a/AUTHORS b/AUTHORS
@@ -2,6 +2,7 @@ The primary authors of lua-resty-openidc are:
 
 	Hans Zandbelt <https://github.com/zandbelt>
 	Stefan Bodewig <https://github.com/bodewig>
+	Oldřich Jedlička <https://github.com/oldium>
 
 Thanks to the following people for contributing to lua-resty-openidc by
 reporting bugs, providing fixes, suggesting useful features or other:
@@ -37,4 +38,8 @@ reporting bugs, providing fixes, suggesting useful features or other:
 	Thorsten Fleischmann <https://github.com/thorstenfleischmann>
 	Tilmann Hars <https://github.com/usysrc>
 	Junlong Li <https://github.com/zhuizhuhaomeng>
+	Nate <https://github.com/realnate>
+	Balaji Vijayakumar <https://github.com/balajiv113>
+
+
 
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,18 @@
+09/13/204
+- cross-tenant requests are fixed with lua-resty session 4.0.x; closes #526
+- release 1.8.0
+
+09/09/2024
+- merge support for lua-resty-session 4.x; see #489; closes #464 #480 #503; thanks @oldium @balajiv113
+- add @oldium to the primary AUTHORS
+
+08/25/2024
+- don't return a zero-pixel image in logout for Firefox 128 and later
+  see #521
+
+03/11/2024
+- handle the userinfo response as JWT; closes ##345; thanks @NatePlumm
+
 03/10/2023
 - when looking for a bearer token an exception occured if the
   Authorization header didn't contain any space character;

diff --git a/README.md b/README.md
@@ -206,7 +206,9 @@ h2JHukolz9xf6qN61QMLSd83+kwoBr2drp6xg3eGDLIkQCQLrkY=
              -- }
              --
              -- where `handle_created`, `handle_authenticated`, `handle_regenerated` and `handle_logout` are callables
-             -- accepting a single argument `session`
+             -- accepting argument `session`. `handle_created` accepts also second argument `params` which is a table
+             -- containing the query parameters of the authorization request used to redirect the user to the OpenID
+             -- Connect provider endpoint.
              --
              --  -- `on_created` hook is invoked *after* a session has been created in
              --     `openidc_authorize` immediately prior to saving the session