Angular Auth Oidc Client Versions Save

• Bugfix/unable to extract jwk without kid
  • PR
• Make id_token_hint optional on session end logout
  • PR
• construction of token endpoint body breaks if pkce is disable
  • PR
• deprecating is loading
  • PR
• added build step for rxjs 6
  • PR
• Added console debug to fulfill browser filters
  • PR

• Improve logging error messages
  • PR
• Support observable open id configuration in sts config http loader constructor
  • PR
• Fix sample links for azure implementations
  • PR
• Fix throwing config event
  • PR

• Bugfix RxJS imports to be compatible with RxJS 6
  • PR
• Updated dependencies
  • PR
• Bugfix concurrent issue with renew and normal code flow
  • PR
• Add disablePkce config parameter
  • PR

User data bugfix

Support Angular 14

• Disable id_token time validation
  • PR

• Fix regression in the check session service
  • PR

In this version the APP_INITIALIZER was removed. (See PR). The library will not do anything until the application interact with it. There is no pre-loading of anything and it does not affect your application's bootstrapping process at all. You can however explicitly preload the secure token server well-known endpoints with a new method called preloadAuthWellKnownDocument(). As a side effect because the config has to be loaded first, a lot of APIs become reactive and return an Observable now.

See the migration guide.

• refresh token rotation is now optional and can be activated using allowUnsafeReuseRefreshToken
  • PR
• Fixed getUrlParameter's handling of fragment response
  • PR
• isLoading observable in OidcSecurityService
  • PR
• Add redirectUrl customization (via AuthOptions)
  • PR
• Fix: implicit flow in popup window error (fixes #1385)
  • PR
• Enhancement: Improved abstract services
  • PR
• Remove double quotes in info messages
  • PR
• Enhancement: Added auth result
  • PR

• Using window.crypto for jwt signature validation
• Removed jsrsasign dependency
  • PR

Support for Angular 13