Skip to content

Releases: indigo-dc/oidc-agent

oidc-agent 4.4.4

16 Dec 11:54
@zachmann zachmann
v4.4.4
6aeed90
Compare
Choose a tag to compare
oidc-agent 4.4.4

Bugfixes

  • Fixed a bug where the --issuer option of oidc-gen was ignored when a mytoken server was used.
Assets 2
Loading

oidc-agent 4.4.3

05 Dec 15:26
@zachmann zachmann
v4.4.3
720c8b8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.4.3
  • Fixed a packaging bug on rpms
  • Fixed a packaging / build bug on MacOS
  • No changes for debs / windows
Assets 2
Loading

oidc-agent 4.4.2

30 Nov 11:00
@zachmann zachmann
v4.4.2
1831815
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.4.2

Enhancements

  • Added a retry for curl requests
  • Reduced the (read) timeout to curl requests from 180 seconds to 10.
  • Reduced the connect timeout of curl from 120 seconds to 5.
Assets 2
Loading

oidc-agent 4.4.1

30 Nov 10:41
@zachmann zachmann
v4.4.1
898ca0a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.4.1

Enhancements

  • Added a (read) timeout to curl requests (180 seconds).
  • Reduced the (default) connect timeout of curl from 300 seconds to 120.

Bugfixes

  • Fixed a bug where device code flow did not work correctly with public clients when OP requires client id in request
    body.

OpenID Provider

  • Removed decommissioned MITREid-based EGI OPs
Assets 2
Loading

oidc-agent 4.4.0

05 Oct 10:42
@zachmann zachmann
v4.4.0
a306737
This commit was signed with the committer’s verified signature.
zachmann Gabriel Zachmann
GPG key ID: E762A2528990CF3C
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.4.0

oidc-agent 4.4.0

Features

  • Added mytoken support:
    • Can use oidc-gen to create account configurations based on mytokens instead of refresh tokens. These account configuration can be used as usual to obtain ATs.
    • Additionally, mytoken based account configs can be used to obtain (sub-)mytokens.
    • Also includes support for mytoken profiles.

Enhancements

  • Added "oidc-agent " user agent header to all http requests done by the agent.
  • Now can write more data to a pipe

Bugfixes

  • Fixed a bug where cli prompting for consent used the wrong default action (no instead of yes)
  • Fixed the error message when trying to connect to a "non-existing" host
  • Fixed a bug in liboidc-agent where error messages obtained through oidc_errno were not correct.
  • Fixed a bug where the openid scope was always request in the oauth2 mode when using the --only-at option of oidc-gen, even tough it should not be used.
Assets 2
Loading

oidc-agent 4.3.2

22 Jul 09:25
@zachmann zachmann
v4.3.2
156e1db
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.3.2

oidc-agent 4.3.2

Enhancements

  • Improved the GUI check on MacOS, so that the device flow won't be used on default if GUI is available.
  • Improved error message in case OP does not answer with json but json is expected.

Bugfixes

  • In oidc-agent-service use the correct path were oidc-agent is located after installation as default for the
    oidc-agent binary instead of /usr/bin/oidc-agent.
  • Fixed a bug that lead to imprecise error message when something goes wrong during http
  • Fixed a bug where the config files under /etc/oidc-agent could not be found in MacOS when they were placed into
    another directy as it is the case when installed via homebrew
Assets 2
Loading

oidc-agent 4.3.1

23 Jun 13:45
@zachmann zachmann
v4.3.1
ed33dcd
This commit was signed with the committer’s verified signature.
zachmann Gabriel Zachmann
GPG key ID: E762A2528990CF3C
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.3.1

oidc-agent 4.3.1

Bugfixes

  • Fixed a bug where the oidc-prompt window displayed not as expected on tiling window managers.
Assets 2
Loading

oidc-agent 4.3.0

23 Jun 08:49
@zachmann zachmann
v4.3.0
ba0a036
This commit was signed with the committer’s verified signature.
zachmann Gabriel Zachmann
GPG key ID: E762A2528990CF3C
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.3.0

oidc-agent 4.3.0

oidc-agent 4.3.0 is a bigger release with some major changes and smaller fixes and enhancements.

Windows

This is the first release with official support for Windows. We provide an installer that installs all needed tools and
libraries. While the windows version of oidc-agent works fine and can be used as a daily driver it is not as major as
the unix versions.
The windows installer can be downloaded from http://repo.data.kit.edu/windows/oidc-agent

oidc-prompt

The oidc-prompt tool was rewritten. The new tool now provides are more modern and consistent interface across
platforms. It also enables more advanced prompts which will be utilized in future versions.

Seccomp

  • Support for seccomp was dropped with this version.

Other Features

  • OAuth2 support:
    • oidc-agent does not only check /.well-known/openid-configuration but
      also /.well-known/oauth-authorization-server for server's metadata
    • For oauth2 account configurations openid is not a required scope
  • Custom discovery/configuration endpoint
    • The --config-endpoint option of oidc-gen can be used to pass the uri of the server's configuration endpoint
    • This can be used for providers that do not advertise their metadata at one of the well-known location or not at
      all
    • A local file can be used by using an uri of the form file:///path/to/file
    • If a configuration endpoint is given the issuer url is no longer mandatory (since it can be read from the
      configuration endpoint)

Enhancements

  • Improved some build options, so oidc-agent should build with musl libc.
  • Improved handling of the --only-at option.
  • The oidc-add -l and -a option and the oidc-gen -l option now print the header line only if connected to a
    tty.
  • oidc-add now checks if an account is already loaded before loading it (and prompting the user for a password).
    The -f option can be used to force a load even if the account is already loaded.
  • oidc-agent-service now respects environment variables over values set in an oidc-agent-service.options file.
  • oidc-keychain was rewritten to utilize oidc-agent-service
  • Removed a superfluous error log message on the first account config generated.

Bugfixes

  • Fixed a bug where the --only-at option of oidc-gen was not working correctly and no AT was obtained if the OP did
    not send an RT, but only the AT
  • Fixed a bug where an account configuration became unusable when the auto-reauthentication flow was triggered with the
    device flow, but not completed.
  • Fixed a bug where oidc-add -l would print Error: success when the oidc-agent directory does not exist yet.

OpenID Provider

  • Issuer urls of some providers in the issuer.config were not correct (difference in a trailing slash) and have been
    fixed. This change only applies to the issuer url stored in /etc/oidc-agent/issuer.config. Issuer urls in
    the issuer.config file in the oidc-agent directory have to be updated by the user (this is optional, but
    recommended).
  • Added the production, instance of the EGI-Checking keycloak based OP as issuers
  • Added public client for production instance of the EGI-Checking keycloak based OP
  • Replaced the demo and development instances of the EGI-Checking OP with the keycloak based one
  • Replaced public clients for demo and development instances of the EGI-Checking with the keycloak based OP

Dependencies

  • oidc-prompt (oidc-agent-desktop packages) no longer depends on yad (pashua on MacOS), instead gtk3
    and gtk-webkit2 are needed on linux)
Assets 2
Loading

oidc-agent 4.2.6

13 Jan 18:05
@zachmann zachmann
v4.2.6
0cb82ae
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
oidc-agent 4.2.6

oidc-agent 4.2.6

Bugfixes

  • Fixed a bug where in the base64 decoding the wrong number was passed to the library function which on some platforms
    could lead to errors
Assets 2
Loading

oidc-agent 4.2.5

30 Dec 17:55
@marcvs marcvs
v4.2.5
2e7e798
Compare
Choose a tag to compare
oidc-agent 4.2.5

oidc-agent 4.2.5

Updates

  • Minor in packaging
  • Minor reformatting in documentation
Assets 2
Loading