0.9.0 (18/04/2022)

Features

Dynamic client registration

rodauth-oauth now supports the Oauth Dynamic client registration RFC, via the oauth_dynamic_client_registration feature; it also supports the OpenID variant, via the oidc_dynamic_client_registration feature.

With it, you now have the option to enable API-driven client application registration.

Client Credentials grant

rodauth-oauth now supports the Client Credentials grant, via the oauth_client_credentials_grant feature.

Improvements

OAuth Applications & Tokens paginated list pages

The management dashboards for OAuth Applications & Tokens were loading the full dataset into the HTML view. They’ll now only show 20 records by default, and present pagination links to navigate across pages (for the default templates).

More Oauth Application properties

As a result of implementing “OAuth Dynamic client registration”, new functionality is unlocked when the following database columns are set on the oauth applications table:

TTL Store has finer grained lock

The TTL Store, used for the JWKs cache rotation p.ex., had a lock around the section which would involve the HTTP request for the JWKs, which would block the process for the duration of it. The lock has been removed around that area, and if two requests happen for the same URL, first one wins.

Deprecations and breaking changes