Tinyauth v5.0.7

Hello everyone! This is officially the last release under my username. After this last patch, Tinyauth will move to its new home tinyauthapp, no breaking changes for now. As for this release, it addresses some further issues with the Envoy proxy and improves the OpenID Connect experience.

Improvements

• The OpenID Connect server now supports PKCE
• The OpenID Connect user information endpoint now supports POST requests @scottmckendry
• The OpenID Connect user information endpoint now supports the access token in the POST request body @scottmckendry
• The OAuth flow now supports the OpenID Connect parameters and stores CSRF states server-side for anti-tampering
• Add X-Tinyauth-Location header for Nginx instances to support redirect to login and unauthorized pages automatically
• Support unsigned OpenID Connect request objects @scottmckendry
• Accessibility improvements

Fixes

• Use 307 redirects for Envoy proxy
• Fix TOTP field auto-fill not working in some password managers @scottmckendr

Technical

• Update dependencies
• Update translations
• Use own fork of the paerser library for better flexibility in configuration parsing
• Fail app early when the app URL is missing

Please let us know of any issues so we can address them as soon as possible.

Full Changelog: https://github.com/steveiliop56/tinyauth/compare/v5.0.6...v5.0.7