Releases · OpenIDC/liboauth2

06 Jan 04:59

zandbelt

v2.2.0

12571b6

release 2.2.0 Latest

Latest

Features

http: add support for HTTP retries (default 1) and HTTP retry interval (300 ms default)
api: return HTTP status code from oauth2_token_verify
add oauth2_ipc_thread_mutex_t and use it for Redis, cURL and global lists to improve performance across multiple processes running on the same host
add Trixie packages

Assets 35

liboauth2-2.2.0-1.el10.x86_64.rpm

sha256:26b8430e734c5216b1dc515c7d7fb737e170bc85176d4defa636823bc3424ee8

83 KB 2026-01-06T05:05:26Z
liboauth2-2.2.0-1.el8.x86_64.rpm

sha256:dd34fb1b5c75d6ecb8dd5d2bb5c4f8e1937a235c97686dc43bd5392fa908d42c

81.5 KB 2026-01-06T05:05:27Z
liboauth2-2.2.0-1.el9.x86_64.rpm

sha256:406570d3dc5c3ba7494a9ecca0606b00e272d8b8bb2c78d5df88733999497718

82.9 KB 2026-01-06T05:05:28Z
liboauth2-2.2.0.tar.gz

sha256:97934be46e8a186bafa89ed57af91cbe7b4a517cdb39817bddf1b6287964c3a1

510 KB 2026-01-06T05:05:32Z
liboauth2-apache-2.2.0-1.el10.x86_64.rpm

sha256:a055eb41e4ba28c8f098252aa79adbd0145467cc52a100eb3b4f95506c79891e

18.7 KB 2026-01-06T05:05:37Z
liboauth2-apache-2.2.0-1.el8.x86_64.rpm

sha256:39c2b83c4c4d39132f3d12ecb555405c90173ad99439fae49cf6cd1abceb8631

18.1 KB 2026-01-06T05:05:38Z
liboauth2-apache-2.2.0-1.el9.x86_64.rpm

sha256:790fa7bbf1094f15a4a79410f8d67eecc02c726b3daaa3fbc5c6783fefae0ec8

18 KB 2026-01-06T05:05:39Z
liboauth2-apache_2.2.0-1.bookworm_amd64.deb

sha256:cc8b44fa2a4cf5bf1f53a90e092401a06e72a99f0868ee3556a53439ee9da2f4

14.2 KB 2026-01-06T05:05:35Z
liboauth2-apache_2.2.0-1.bullseye_amd64.deb

sha256:0d30ad6f1f8d31a320eb8350ebeadd1fdc32ab6ce1404150d2cc01d2287ea313

14.3 KB 2026-01-06T05:05:36Z
liboauth2-apache_2.2.0-1.jammy_amd64.deb

sha256:4f0a3a317a5d5b20c8b92ddab94f608dc90f37ffbca2e74aa007464e0457c462

11.3 KB 2026-01-06T05:05:40Z
Source code (zip)

2026-01-06T04:59:06Z
Source code (tar.gz)

2026-01-06T04:59:06Z

08 Aug 09:06

zandbelt

v2.1.1

defdfeb

release 2.1.1

Bugfixes

fix URL decoding of HTTP request query parameters; see OpenIDC/ngx_openidc_module#24; thanks @drzraf
test: add a space after the status code in the HTTP responses; see curl/curl#16692 ; thanks @charles2910 and @bagder

Other

support compilation against NGINX 1.26.3 by adding include paths for quic and http/v3
add RHEL 10 packages

Contributors

bagder, drzraf, and charles2910

Assets 31

12 Feb 08:22

zandbelt

v2.1.0

e9f7e92

release 2.1.0

Features

add updated AWS ALB JWKs retrieval supporting new "signer"/"region" logic and key rotation
closes: OpenIDC/mod_oauth2#73; thanks @drwmrrs
add support for introspection.token_param_name; closes #57
add (optional compile-time) JQ support with caching in oauth2_jq_filter
add json_payload_claim claim option to oauth2_cfg_target_pass_t

Bugfixes

nginx: fix memory leak in _oauth2_nginx_ssl_cert_set

Contributors

drwmrrs

Assets 27

22 Aug 11:22

zandbelt

v2.0.0

4af820f

release 2.0.0

change LICENSE to Apache 2.0

Bugfixes

correct error log upon mismatch in iss claim: id_token->JWT

Features

allow to use local file through file:// protocol for metadata or jwks; see #51; thanks @pladen

Contributors

pladen

Assets 31

24 Jun 08:24

zandbelt

v1.6.3

c94b26f

release 1.6.3

Features

nginx: add nginx_oauth2_set_require to be used with OAuth2Require etc.
see OpenIDC/ngx_oauth2_module#7; thanks @smanolache and @pladen
nginx: add NGINX macros/functions for setting claim variables in the request context
see OpenIDC/ngx_oauth2_module#7; thanks @smanolache and @pladen

Bugfixes

allow NGINX primitives in an if block within a location block in the http block

Contributors

smanolache and pladen

Assets 39

05 Jun 18:50

zandbelt

v1.6.2

533301e

release 1.6.2

Bugfixes

fix NGINX local port detection so it works with NGINX >= 1.27.0; closes #49; thanks @anpin

Other

add PCRE2_CFLAGS to cache/server object linking

Packaging

add Ubuntu Noble packages

Contributors

anpin

Assets 39

11 Mar 16:01

zandbelt

v1.6.1

17df45d

release 1.6.1

Features

add support for RFC 8705 OAuth 2.0 Mutual-TLS Certificate-Bound Access Tokens to the NGINX binding
add support for Redis 6 ACL username based authentication; see: OpenIDC/mod_oauth2#63

Assets 39

06 Dec 14:04

zandbelt

v1.6.0

8869c9a

release 1.6.0

Features

add support for the OAuth 2.0 Client Credentials grant type
use CURLOPT_REDIR_PROTOCOLS_STR when libcurl >= 7.55.0; thanks @babelouest

Contributors

babelouest

Assets 39

08 Nov 14:07

zandbelt

v1.5.2

2c8f93f

release 1.5.2

Features

complete OAuth 2.0 Demonstrating Proof of Possession (DPoP) support following RFC 9449
printout more cjose error details when errors occur verifying JWT access tokens

Other

fix timing issue in check_openidc.c from test suite; closes #47

Assets 39

19 Apr 16:04

zandbelt

v1.5.1

b237303

release 1.5.1

Edit: on May 11, 2023 the Debian/Ubuntu packages were updated from 1.5.1-1 to 1.5.1-2 because of packaging bug #46

Features

add issuer validation for JWT access tokens when configured through OAuth2Verify metadata; closes #44; thanks @chris-crunchr
add support for resolving provider metadata from a Discovery endpoint URL; see OpenIDC/ngx_openidc_module#18
add error logs about missing or invalid "active" boolean claim in introspection response

Other

move repo to OpenIDC Github organization

Contributors

chris-crunchr

Assets 39

Uh oh!

Releases: OpenIDC/liboauth2

release 2.2.0

Uh oh!

release 2.1.1

Contributors

Uh oh!

release 2.1.0

Contributors

Uh oh!

release 2.0.0

Contributors

Uh oh!

release 1.6.3

Contributors

Uh oh!

release 1.6.2

Contributors

Uh oh!

release 1.6.1

Uh oh!

release 1.6.0

Contributors

Uh oh!

release 1.5.2

Uh oh!

release 1.5.1

Contributors

Uh oh!