Connect2id server 3.2.1
July sees another release of the Connect2id server for Single Sign-On with OpenID Connect, this time dedicated to fixing three issues submitted over the past few days.
Most significantly, the behaviour of the op.authz.alwaysPromptForConsent
configuration setting has been extended to OpenID Connect
prompt=none authentication
requests. If
enabled, this setting will no longer result in a
consent_required
error being returned to the client app with prompt=none. Instead, the
Connect2id server API will generate the usual
consent prompt
message, allowing integrator's code to perform various tasks, such as a
preset_claims update, when a prompt=none request is being processed. We
believe this change will make the API behaviour more consistent as well give
integrators more options to play with.
For more information about the changes and bug fixes check the release notes below.
Download
To download a ZIP package of Connect2id server 3.2.1:
https://connect2id.com/assets/products/server/download/3.2.1/Connect2id-server.zip
As WAR only:
https://connect2id.com/assets/products/server/download/3.2.1/c2id.war
Questions?
Don't hesitate to contact Connect2id support.
Connect2id Server 3.2.1 release notes
Configuration
/WEB-INF/oidcProvider.properties
- Extends the op.authz.alwaysPromptForConsent setting to apply to OpenID Connect prompt=none requests. A consent_required error will no longer be produced when this setting is enabled and a client requests an ID token refresh / user session check with prompt=none.
Web API
- No changes
Dependencies
Upgrades to com.nimbusds:oauth2-oidc-sdk:4.14.1
Upgrades to com.nimbusds:oidc-session-store:2.2.1
Bug fixes
Fixes the URL encoding of login_required and consent_required OpenID Connect authentication request errors in the authorisation code flow (issue server/130).
Fixes deserialisation of subject identifiers with colons in cluster mode (issue session-store/15).