CHANGELOG.md

Changelog

v1.5.3 (2025-04-12)

Full Changelog

Closed issues:

• Update json-jwt to 1.16.6 to resolve security vulnerability CVE-2024-27456/GHSA-785g-282q-pwvx #49
• Can we update the dependency #45
• Scope setting gets overwritten causing ID token not to be returned from Keycloak #39

Merged pull requests:

• Bump rexml from 3.2.6 to 3.2.8 #51 (dependabot[bot])
• Bump json-jwt from 1.16.3 to 1.16.6 #48 (dependabot[bot])
• Bump rack from 3.0.8 to 3.0.9.1 #47 (dependabot[bot])
• Conditionally set options from request.params if not set already #40 (Kazhuu)

v1.5.2 (2024-02-01)

Full Changelog

Closed issues:

• Dependency update - json-jwt #36
• Adding parameters and http headers to omniauth authorize path helper #12

Merged pull requests:

• Loosen omniauth-oauth2 dependency restriction #43 (mcelaney)

v1.5.1 (2023-03-01)

Full Changelog

Merged pull requests:

• Add ability to get params from request and pass thru to keycloak url #24 (ccrockett)

v1.5.0 (2023-03-01)

Full Changelog

Closed issues:

• When in test mode, setup phase tries to fetch Keycloak configuration #32

Merged pull requests:

• Fix typo #34 (Kazhuu)
• Skip fetching keycloak configuration when in testing mode #33 (Kazhuu)

v1.4.4 (2022-07-25)

Full Changelog

Merged pull requests:

• Fix NoMethodError when querying for JSON Web keys #31 (Kazhuu)

v1.4.3 (2022-07-24)

Full Changelog

Fixed bugs:

• Error: uninitialized constant OmniAuth::Strategies::KeycloakOpenId::MultiJson after gem update #30

v1.4.2 (2022-06-14)

Full Changelog

Closed issues:

• Adjust endpoints to updated Keycloak paths #29
• Expose id_token inside extra hash of auth hash #25

Merged pull requests:

• Set omniauth version to >= 2.0 #28 (hobbypunk90)

v1.4.1 (2022-05-25)

Full Changelog

Closed issues:

• Get Request is now Post Request #23
• Is the "/auth/" part mandatory in Keycloak's configuration URL? #19
• Keycloak reports incorrect redirect_uri #14

Merged pull requests:

• expose id_token inside extra hash of auth hash #26 (Riz-v)
• Bump bindata from 2.4.9 to 2.4.10 #22 (dependabot[bot])

v1.4.0 (2021-12-18)

Full Changelog

Closed issues:

• Are there any reason to specify one certificate key to decode JWT? #17
• No route matches [POST] "/auth/keycloak_openid" #15

Merged pull requests:

• Use JSON::JWK::Set instead of JSON::JWK #21 (hobbypunk90)
• Allow pass a Proc to the setup option when you specify a strategy #18 (Cambero)
• Add information on how to use it to readme #16 (frenesim)

v1.3.0 (2021-05-17)

Full Changelog

Merged pull requests:

• Bump Omniauth dependencies to v2 #13 (offner)

v1.2.1 (2020-12-19)

Full Changelog

Closed issues:

• Dynamically load Client and Realm #11
• cannot load such file -- /Library/Ruby/Gems/2.6.0/gems/omniauth-keycloak-1.2.0/lib/omniauth-keycloak.rb (LoadError) #8
• Release json-jwt version restriction change #5

Merged pull requests:

• Raise errors on setup failure and logging with OmniAuth::Strategy::log method #10 (alexpetrov)
• Bump json from 2.1.0 to 2.3.1 #9 (dependabot[bot])
• Bump rack from 2.2.2 to 2.2.3 #7 (dependabot[bot])

v1.2.0 (2020-05-28)

Full Changelog

Merged pull requests:

• Bump activesupport from 6.0.1 to 6.0.3.1 #6 (dependabot[bot])
• Update rake requirement from ~> 10.0 to ~> 13.0 #4 (dependabot[bot])
• Bump rack from 2.0.7 to 2.0.8 #2 (dependabot[bot])
• Adding Devise Documentation #1 (masonhensley)

v1.1.0 (2018-12-16)

Full Changelog

v1.0.1 (2018-12-16)

Full Changelog

v1.0.0 (2018-12-16)

Full Changelog

* This Changelog was automatically generated by github_changelog_generator