Update plugin

.github/issue_template.md

@@ -7,7 +7,7 @@ A new issue about a bug should be verified with a minimized example.
 
 ###### Environment
 
-- lua-resty-openidc version (e.g. 1.7.3)
+- lua-resty-openidc version (e.g. 1.8.0)
 - OpenID Connect provider (e.g. Keycloak, Azure AD)
 
 ###### Expected behaviour

.github/workflows/docker-ci.yml

@@ -0,0 +1,16 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Build
+      run: docker build . -f tests/Dockerfile -t lua-resty-openidc/test
+    - name: Run
+      run: docker run -t --rm lua-resty-openidc/test:latest

AUTHORS

@@ -2,6 +2,7 @@ The primary authors of lua-resty-openidc are:
 
 	Hans Zandbelt <https://github.com/zandbelt>
 	Stefan Bodewig <https://github.com/bodewig>
+	Oldřich Jedlička <https://github.com/oldium>
 
 Thanks to the following people for contributing to lua-resty-openidc by
 reporting bugs, providing fixes, suggesting useful features or other:
@@ -34,3 +35,11 @@ reporting bugs, providing fixes, suggesting useful features or other:
 	Joshua Erney <https://github.com/JoshTheGoldfish>
 	Nick Wiedenbrueck <https://github.com/cretzel>
 	Eduardo Gonçalves <https://github.com/Dudssource>
+	Thorsten Fleischmann <https://github.com/thorstenfleischmann>
+	Tilmann Hars <https://github.com/usysrc>
+	Junlong Li <https://github.com/zhuizhuhaomeng>
+	Nate <https://github.com/realnate>
+	Balaji Vijayakumar <https://github.com/balajiv113>
+
+
+

ChangeLog

@@ -1,3 +1,102 @@
+09/13/204
+- cross-tenant requests are fixed with lua-resty session 4.0.x; closes #526
+- release 1.8.0
+
+09/09/2024
+- merge support for lua-resty-session 4.x; see #489; closes #464 #480 #503; thanks @oldium @balajiv113
+- add @oldium to the primary AUTHORS
+
+08/25/2024
+- don't return a zero-pixel image in logout for Firefox 128 and later
+  see #521
+
+03/11/2024
+- handle the userinfo response as JWT; closes ##345; thanks @NatePlumm
+
+03/10/2023
+- when looking for a bearer token an exception occured if the
+  Authorization header didn't contain any space character;
+  see #473
+
+02/03/2023
+- release 1.7.6-3 of luarock pinning lua-resty-session dependency to
+  not go beyond 3.1ß
+
+30/01/2023
+- release 1.7.6
+
+01/13/2023
+- when parsing JWKs with an x5c claim the claim was wronly assumed to
+  be base64url encoded instead of base64 encoded;
+  see #460
+
+11/06/2022
+- a new option local_redirect_path can be used is situations where the
+  redirect_uri as is visible to lua-resty-openidc is not simply the path
+  segment of the configured redirect_uri but something more
+  complex. This is needed for example if a reverse proxy in front of
+  your server adds a prefix of rewrites URIs in a more complex way;
+  see #453
+
+03/05/2022
+- improved error message when expecting a Bearer token header and the
+  header doesn't contain a space character; see #421
+
+01/04/2022
+- added support for OAuth 2.0 Form Post Response Mode.
+
+12/23/2021
+- use Github actions for docker-based CI; delete Travis files
+
+12/21/2021
+- release 1.7.5
+
+12/17/2021
+- added id_token and the token endpoint response as additional
+  arguments to the on_authenticated lifecycle hook; see #413
+
+11/19/2021
+- added opts.discovery_expires_in in order to make cache expiry of
+  OpenID Connect Discovery responses configurable.
+
+11/06/2021
+- added public functions that allow tokens to be revoked without
+  destroying the current session; see #402; thanks to
+  @thorstenfleischmann
+
+- when the x5c claim of a JWK is an empty array it will be ignored
+  rather than cause an error; see #406
+
+- `authenticate`'s last parameter can now be an existing session
+  rather than options for starting a new one: see #405; thanks to
+  @thorstenfleischmann
+
+09/23/2021
+- if lifecyle handlers return truthy values they cause the operation
+  they are handlers of to fail; see #384; thanks to @arcivanov
+
+- added opts.cache_segment as option to shard the cache used by token
+  introspection or JWT verification; see #399
+
+09/22/2021
+- made jwt_verify() and bearer_jwt_verify() use a separate cache named
+  "jwt_verification" and introduced opts.jwt_verification_cache_ignore
+  to disable caching completely; see #399
+
+12/05/2020
+- fixed a session leak in access_token() and for a very unlikely
+  code-path in authenticate(); authenticate will still normally not
+  close the session as users may want to use it after the method
+  returns; see
+  https://github.com/zmartzone/lua-resty-openidc#sessions-and-locking
+  see #374
+
+11/17/2020
+- changed dependency on lua-resty-jwt to allow newer versions in
+  luarocks packaging; see #363, #366, #362;
+  thanks to @Darguelles and @kayano
+- release 1.7.4
+
 09/20/2020
 - release 1.7.3
 

DISCLAIMER

@@ -1,12 +1,11 @@
 /***************************************************************************
- * Copyright (C) 2014-2017 Ping Identity Corporation
+ * Copyright (C) 2017-2023 ZmartZone Holding B.V.
  * All rights reserved.
+ * 
+ *      ZmartZone IAM
+ *      https://www.zmartzone.eu
  *
- *      Ping Identity Corporation
- *      1099 18th St Suite 2950
- *      Denver, CO 80202
- *      303.468.2900
- *      http://www.pingidentity.com
+ * Copyright (C) 2014-2017 Ping Identity Corporation
  *
  * DISCLAIMER OF WARRANTIES:
  *