0.0.5 (26/6/2020)

Features

Resource Server mode

rodauth-oauth can now be used in a resource server, i.e. only for authorizing access to resources:

plugin :rodauth do
  enable :oauth

  is_authorization_server? false
  authorization_server_url "https://auth-server"
end

It requires the authorization to implement the server metadata endpoint (/.well-known/oauth-authorization-server), and if using JWS, the JWKs URI endpoint (unless oauth_jwt_public_key is defined).

Improvements

Bugfixes

Chore