Skip to content

v0.10.0

Latest
Latest
Compare
Choose a tag to compare
@dtsiflit dtsiflit released this 16 Dec 08:52
v0.10.0
276778d
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

What's Changed

Breaking changes

The following protocols and their implementations have been updated to use a nonce (dpop nonce) and a boolean (retry) in their signatures:

  • IssuanceRequesterType
  • IssuerType
  • AuthorizationServerClientType
  • NotifyIssuerType

The IssuanceRequesterType protocol now accepts an additional retry boolean parameter.

Important Notes on dpop Nonce Handling

These changes are relevant if your authorization or resource server responds with a DPoP nonce. For more details, refer to the RFC9449 (https://datatracker.ietf.org/doc/html/rfc9449#name-resource-server-provided-no, https://datatracker.ietf.org/doc/html/rfc9449#name-authorization-server-provid) specification on authorization server-provided nonce and resource server-provided nonce.

Examples of how this is implemented can be found in:

testWithOfferSdJwtDPoP()
testWithOfferMultipleSdJwtDPoP()

Note:
Using Regular Bearer Tokens
If you are not utilizing DPoP but instead rely on regular bearer tokens:
Set dpopnonce to nil.
Set retry to false in all cases.
This ensures compatibility without adopting DPoP-specific functionality.

Full Changelog: v0.9.3...v0.10.0

Contributors

dtsiflit
Assets 2
Loading