Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

Appearance settings

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

panva / oauth4webapi Public

Notifications You must be signed in to change notification settings
Fork 58
Star 646

Code
Issues
Pull requests
Discussions
Actions
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Security
Insights

Releases: panva/oauth4webapi

Releases · panva/oauth4webapi

v3.5.1

06 May 15:21

This commit was signed with the committer’s verified signature.

panva Filip Skokan

SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v3.5.1 Latest

Latest

Documentation

correct note about bodyUsed in ResponseBodyError and WWWAuthenticateChallengeError (adaa6fe)
fix url to IANA OAuth Protected Resource Metadata registry (d7baf99)
fix WWWAuthenticateChallengeParameters.algs description to be space-delimited (adae79f)
remove newline from www-authenticate http example (9234699)
update Protected Resource Metadata spec links to RFC 9728 (1836968)

Refactor

expose more internal helpers for openid-client to use (dc00001)

Assets 2

Loading

All reactions

0 Join discussion

v3.5.0

14 Apr 13:08

This commit was signed with the committer’s verified signature.

panva Filip Skokan

SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v3.5.0

Features

support for RFC-to-be 9728 - OAuth 2.0 Protected Resource Metadata (eef0d7d)

Documentation

add descriptions to dynamicClientRegistrationRequest params (1244b00)
add mentions of the respective process* method for Response-resolving methods (545f9ea)
add Protected Resource Metadata related AS Metadata and WWWAuthenticate params (1644494)
fixup DPoP references, add WWW-Authenticate parameter descriptions (fedb5cd)

Refactor

DRY Response JSON parsing (8a3e554)

Assets 2

Loading

All reactions

0 Join discussion

v3.4.1

10 Apr 22:25

This commit was signed with the committer’s verified signature.

panva Filip Skokan

SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v3.4.1

Documentation

hardcode spec revision links (e.g. final or errata) (b6911c4)

Fixes

properly handle a number of edge-cases in www-authenticate header parsing (c380dd2)

Assets 2

Loading

All reactions

0 Join discussion

v3.4.0

03 Apr 15:33

This commit was signed with the committer’s verified signature.

panva Filip Skokan

SSH Key Fingerprint: 6MlzZGZfuo3Q2uHohmeYGPFrmF20CeYC7G824Trr9o4

Verified

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v3.4.0

Features

add support for Dynamic Client Registration (461c101)

Refactor

remove private API from exported types (847046b)

Fixes

handle max_age=0 in issueRequestObject() (b802645)

Assets 2

Loading

All reactions

0 Join discussion

v3.3.2

28 Mar 08:43

Compare

Choose a tag to compare

Loading

v3.3.2

Documentation

consistent DPoP Proof capitalization (7eff4c5)
drop cdnjs and denoland/x links in README (63acb25)

Refactor

allow externally formed DPoP headers (5b5064d)
remove an always false switch case (4096393)

Assets 2

Loading

All reactions

0 Join discussion

v3.3.1

10 Mar 07:54

Compare

Choose a tag to compare

Loading

v3.3.1

Documentation

add note about minimal Node.js version to README.md (1d4e703)
bump typedoc (589409a)

Refactor

reusable error handling routines (1d1e23b)
types: update overload signature of b64u (bd28fcb)

Assets 2

Loading

All reactions

0 Join discussion

v3.3.0

18 Feb 22:22

Compare

Choose a tag to compare

Loading

v3.3.0

Features

add a helper to DPoPHandle to calculate dpop_jkt (2b8d9e7)

Documentation

update CIBA group tags (318edce)
update getValidatedIdTokenClaims description (15836c5)
update getValidatedIdTokenClaims description (9e13fb6)
update getValidatedIdTokenClaims group tags (ea30884)
update JWT Introspection Response references to RFC 9701 (1cf0cca)

Assets 2

Loading

All reactions

0 Join discussion

v3.2.0

17 Feb 10:40

Compare

Choose a tag to compare

Loading

v3.2.0

Features

add Client-Initiated Backchannel Authentication (3af0ec3)

Documentation

update deviceCodeGrantRequest (f947b47)

Assets 2

Loading

ciamshrek reacted with hooray emoji

ciamshrek reacted with heart emoji

All reactions

🎉 1 reaction
❤️ 1 reaction

1 person reacted

0 Join discussion

v3.1.5

15 Feb 20:58

Compare

Choose a tag to compare

Loading

v3.1.5

Refactor

assert success content-type only if JSON parsing fails (1fe8f48)

Assets 2

Loading

All reactions

0 Join discussion

v3.1.4

02 Dec 15:59

Compare

Choose a tag to compare

Loading

v3.1.4

Refactor

types: move customFetch options into its own interface (21c7d0a)

Assets 2

Loading

All reactions

0 Join discussion

Previous 1 2 3 4 5 6 7 8 Next

Previous Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.