v2.19.2

Fixed

• fix: async callbacks in promisify utility #677 (kushalshit27)

v2.19.1

Fixed

• fix: async function handling in session store and promise utilities #675 (kushalshit27)

v2.19.0

Changed

• docs: explain the agent-base problem in FAQ #639 (markstos)
• docs: document min length for secret #638 (markstos)
• docs: add missing callback example #610 (elen-ita)

Fixed

• fix: handle null/undefined session header #666 (kushalshit27)
• fix: added promisification utility to handle callback and promise-based stores #665 (kushalshit27)
• bugfix: Do an idp logout even when oidc.isAuthenticated is false #640 (tusharpandey13)
• fix: session expiry calculation functionality #670 (aks96)

Security

• chore: dependency updates #668 (kushalshit27)

v2.18.1

Fixed

• fix: clear backchannel logout tokens #649 (kushalshit27)

v2.18.0

Changed

• build(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 #578 (dependabot[bot])
• build(deps): bump actions/cache from 3 to 4 #574 (dependabot[bot])
• Update automated release process to latest version #557 (frederikprijck)
• build(deps): bump github/codeql-action from 2 to 3 #556 (dependabot[bot])
• build(deps): bump actions/github-script from 6 to 7 #540 (dependabot[bot])
• Use a single client assertion audience #641

Security

• Update dependencies cookie and express #643 (nandan-bhat)

v2.17.1

Fixed

• Honor params passed to logout over defaults #533 (adamjmcgrath)

v2.17.0

v2.17.0 (2023-09-15)

Full Changelog

Added

• OIDC Back-Channel Logout #484 (adamjmcgrath)

v2.16.0

Added

• SDK-4135 Add Pushed Authorization Requests #470 (adamjmcgrath)

v2.15.0

Added

• Make genid async #464 (Will956)

v2.14.0

Added

• Add httpAgent option #458 (adamjmcgrath)