v0.17.3

0.17.3 (2026-04-08)

Bug Fixes

• client_secret_post auth if no body (#271) (94d51e7)
• deps: bump the gomod-group group with 8 updates (#272) (7d4dbc7)
• provide client_secret_post auth if no content (94d51e7)

v0.17.2

What's Changed

• docs: Add Code of Conduct link and EU funding logo to README by @isanmaz in #262
• fix: audiences insertion by @alienvspredator in #268
• fix: use an actively maintained yaml package by @cb80 in #270
• fix: client_secret_post authentication by @alienvspredator in #269

New Contributors

• @isanmaz made their first contribution in #262

Full Changelog: v0.17.1...v0.17.2

Add debug tools

What's Changed

• chore(deps): bump the gomod-group group across 1 directory with 6 updates by @dependabot[bot] in #229
• chore: switch to common-sdk/pkg/openid by @cb80 in #225
• test: increase test coverage by @cb80 in #230
• chore: Naming of the trust mapping by @cb80 in #234
• chore: Add PR read permission by @bkieling in #236
• chore(deps): bump the gomod-group group across 1 directory with 3 updates by @dependabot[bot] in #237
• chore(deps): bump golang from 1.25 to 1.26 by @dependabot[bot] in #233
• feat: tracing spans and db telemetry by @alienvspredator in #238
• feat:Add topology spread constraints to main deployment by @NathanTBH in #239
• chore: adopt new oidc package by @cb80 in #232
• Camel casing the logging attributes by @aaishwarya6694 in #246
• Add helm tests by @protectorT1 in #240
• chore: linter findings by @cb80 in #249
• Add new Sonar workflow by @cb80 in #248
• feat: single tenant support by @alienvspredator in #250
• chore(deps): bump the gomod-group group across 1 directory with 8 updates by @dependabot[bot] in #252
• fix: improve dependabot config by @cb80 in #253
• fix: CVE-2026-27141 by @cb80 in #255
• fix(deps): bump the gomod-group group with 4 updates by @dependabot[bot] in #254
• fix: do not automount service account token by @cb80 in #257
• Bump Go version by @cb80 in #256
• feat: prevent csrf attack by @pabloszel11 in #251
• fix: do not require optional query parameters by @cb80 in #260
• fix(deps): bump the gomod-group group across 1 directory with 5 updates by @dependabot[bot] in #261
• refactor: adopt sqlc by @alienvspredator in #258
• feat: reach error on blocked tenant by @alienvspredator in #245
• fix integration tests by @alienvspredator in #264
• fix(grpc/session-server): authorise to token introspection endpoint by @alienvspredator in #263
• feat: debug tools by @alienvspredator in #266
• fix(deps): bump github.com/oapi-codegen/runtime from 1.3.0 to 1.3.1 in the gomod-group group by @dependabot[bot] in #267

New Contributors

• @NathanTBH made their first contribution in #239

Full Changelog: v0.17.0...v0.17.1

v0.17.0

0.17.0 (2026-02-04)

Features

• get oidc provider (#227) (ca1ebf3)
• introspect groups (#224) (1e53b2e)
• make RemoveOIDCMapping method indempotent (#215) (fc1e3e3)

Bug Fixes

• actually run integration tests (#217) (87415aa)
• add missing log call (#219) (76f0c73)
• Always use the default client in GetOpenIDConfig() (#220) (7ce7d75)

v0.16.1

0.16.1 (2026-01-13)

Bug Fixes

• initialise idle session timeout (#207) (e017706)
• set idle session timeout correctly (e017706)

v0.16.0

0.16.0 (2026-01-12)

Features

• backchannel logout (#191) (8d3beba)
• store session active state as an object (#196) (b87d0f5)

Bug Fixes

• config and session repo mock (#200) (18e2907)
• config keys in chart values and example config (#199) (7b69b2c)
• log messages for logout and bclogout (#195) (e621692)
• session housekeeping (#194) (9bdc872)

v0.15.0

0.15.0 (2026-01-06)

Features

• logout (#173) (b748864)

Bug Fixes

• token refresh (#190) (a42955d)

v0.14.1

0.14.1 (2025-12-17)

Bug Fixes

• syntax errors in integration tests (#184) (3b4ed57)

v0.14.0

0.14.0 (2025-12-17)

Features

• use tenant specific cookies (#180) (0c47910)

Bug Fixes

• token introspection: deny if invalid (#182) (60db523)

v0.13.4

0.13.4 (2025-12-16)

Bug Fixes

• token refresh not using WKOC endpoint (#179) (4f7939e)