Skip to content

Commit dd9ad5e

Browse files
mixie-bot[bot]github-actions[bot]
mixie-bot[bot]
and
github-actions[bot]
authored
ci: release (#133)
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
1 parent 127f3db commit dd9ad5e

File tree

7 files changed

+25
-24
lines changed

7 files changed

+25
-24
lines changed

.changeset/fix-oauth-client-auth.md

Lines changed: 0 additions & 8 deletions
This file was deleted.

.changeset/fix-oauth-client-cache.md

Lines changed: 0 additions & 7 deletions
This file was deleted.

.changeset/fix-oauth-jwks-key-ops.md

Lines changed: 0 additions & 7 deletions
This file was deleted.

packages/oauth-provider/CHANGELOG.md

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,17 @@
11
# @getcirrus/oauth-provider
22

3+
## 0.3.2
4+
5+
### Patch Changes
6+
7+
- [#132](https://github.com/ascorbic/cirrus/pull/132) [`e76f1e4`](https://github.com/ascorbic/cirrus/commit/e76f1e40c3a251c778d257b1715b3d56a3ced5a4) Thanks [@ascorbic](https://github.com/ascorbic)! - Fix OAuth client authentication failures for public clients and mixed JWKS
8+
- Fix `invalid_client` error for clients that omit `token_endpoint_auth_method` in their metadata (Zod default of `client_secret_basic` was passed through unsupported)
9+
- Fix `invalid usage "encrypt"` error when client JWKS contains both signing and encryption keys by using jose's `createLocalJWKSet` for proper key selection
10+
11+
- [#134](https://github.com/ascorbic/cirrus/pull/134) [`127f3db`](https://github.com/ascorbic/cirrus/commit/127f3db0f23e2d13ef71a23de6f85a26b1b83c94) Thanks [@ascorbic](https://github.com/ascorbic)! - Fix OAuth authentication failure for confidential clients whose JWKS contains invalid key_ops
12+
13+
Clients with ECDSA signing keys that incorrectly declare encryption operations (e.g. `"encrypt"`, `"wrapKey"`) in their JWKS `key_ops` field would fail with "invalid usage" during token exchange.
14+
315
## 0.3.1
416

517
### Patch Changes

packages/oauth-provider/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@getcirrus/oauth-provider",
3-
"version": "0.3.1",
3+
"version": "0.3.2",
44
"description": "OAuth 2.1 Provider with AT Protocol extensions for Cloudflare Workers",
55
"type": "module",
66
"main": "dist/index.js",

packages/pds/CHANGELOG.md

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,16 @@
11
# @getcirrus/pds
22

3+
## 0.10.6
4+
5+
### Patch Changes
6+
7+
- [#134](https://github.com/ascorbic/cirrus/pull/134) [`127f3db`](https://github.com/ascorbic/cirrus/commit/127f3db0f23e2d13ef71a23de6f85a26b1b83c94) Thanks [@ascorbic](https://github.com/ascorbic)! - Fix OAuth client metadata caching to avoid redundant network requests
8+
9+
Client metadata was re-fetched from the network on every OAuth request instead of using the cache, adding latency to token exchanges and making auth fragile when client metadata endpoints are slow or unavailable.
10+
11+
- Updated dependencies [[`e76f1e4`](https://github.com/ascorbic/cirrus/commit/e76f1e40c3a251c778d257b1715b3d56a3ced5a4), [`127f3db`](https://github.com/ascorbic/cirrus/commit/127f3db0f23e2d13ef71a23de6f85a26b1b83c94)]:
12+
- @getcirrus/oauth-provider@0.3.2
13+
314
## 0.10.5
415

516
### Patch Changes

packages/pds/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "@getcirrus/pds",
3-
"version": "0.10.5",
3+
"version": "0.10.6",
44
"description": "Cirrus – A single-user AT Protocol PDS on Cloudflare Workers",
55
"type": "module",
66
"main": "dist/index.js",

0 commit comments

Comments
 (0)