oidc-agent for managing OpenID Connect tokens on the command line
oidc-add
to load an account config directly into the agent without the agent checking if it works.This release fixes a bug on MacOS where the agent could not be started, because of a segfault. No changes on other platforms.
oidc-agent 5 is a major update that brings the power of a true configuration file and focuses on improving the user experience and usability. See our migration guide for details on how to migrate to oidc-agent 5.
issuer.config
file:
issuer.config
file in /etc/oidc-agent
is updated on package upgradeissuer.config
in user's oidc-agent dir is automatically updated when needed--pw-lifetime
option. This did not work as expected. The intended usage can be achieved with
the issuer.config
file.--pw-keyring
)
--pw-cmd
/tmp/oidc-agent-service/<uid>
to /tmp/oidc-agent-service-<uid>
.
This allows (better) multiple users to run oidc-agent-service.
$OIDC_SOCK
set to a service socket. The
easiest way to make sure that also existing sessions with the old path have access to a newly started agent,
create a link from the old location to the new one, i.e.rm -rf /tmp/oidc-agent-service/${UID}/
ln -s /tmp/oidc-agent-service-${UID} /tmp/oidc-agent-service/${UID}
oidc-agent-service
: Instead of linking the random socket location to a
well known location, we now create the socket directly in the well known location. This improves security
and oidc-agent-service
can make use of the trust-checks on the socket location performed by the agent.issuer.config
file.oidc-agent <command> [command_args]
, similar to ssh-agent; e.g. oidc-agent bash
starts the agent
and makes it available in a new bash.oidc-agent
now checks the socket location to be trustworthy.oidc-prompt
visuals because of CSS changeoidc-token
where the -i
and -e
options printed to stderr
instead of stdout
when a env var
command was printed.oidc-prompt
no longer uses bootswatch
for css styling but simplecss
instead.liblist