0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00
logto/.changeset/green-parents-switch.md
simeng-li 3d98852334
chore(core): bump oidc version (#3941)
* chore(core): bump oidc version

bump oidc version

* fix(core): fix userId not found bug

fix userId in session not found bug
2023-06-01 16:20:08 +08:00

604 B

@logto/core
patch

Bump oidc-provider version

Bump oidc-provider version to v8.2.2. This version fixes a bug that prevented the revoked scopes from being removed from the access token.

Issued Access Tokens always only contain scopes that are defined on the respective Resource Server (returned from features.resourceIndicators.getResourceServerInfo).

If the scopes are revoked from the resource server, they should be removed from the newly granted access token. This is now fixed in the new version of oidc-provider.