Boruta - Yet an other OAuth 2.0 provider

I just released version 2.3.4 of the package.

It fixes a critical bug on the authorization code grant. Hoping you did not encounter it, this version looks to be ok. Leave a note if you have any issues.

Thank you @dorgan for having highlighted this.

1 Like

Here is the beta of the 3.0.0 release out.

This version supports Self-Sovereign Identity abilities with the issuance of verifiable credentials and improving security with Pushed Authorization requests and Demonstration of Proof-of-Possession.

The implemented specifications:

The verification of credentials is yet to be implemented and will be part of the final 3.0 version.

As usual, feedback is very welcome.

Cheers!

5 Likes

I see that the major version bump. What are the breaking changes?

No breaking changes but the implementation of Self-Sovereign Identity specifications.

2 Likes

@pknoth Sorry if this is not the best place to ask this question, but is there a way to extend the OauthClient schema / use a custom one?

For now, there isn’t. You can setup a one-one relationship with an other table to have additional data to the clients.

That said, depending on your use case, there is the possibility to add an additional_data field to the clients if it makes sense. You can create a GitHub issue if you think it is relevant to go on the discussion there.

Thank you for the reply! How to add this additional_data to a client struct?

1 Like