mirror of
https://github.com/logto-io/logto.git
synced 2024-12-16 20:26:19 -05:00
3d98852334
* chore(core): bump oidc version bump oidc version * fix(core): fix userId not found bug fix userId in session not found bug
604 B
604 B
@logto/core |
---|
patch |
Bump oidc-provider version
Bump oidc-provider version to v8.2.2. This version fixes a bug that prevented the revoked scopes from being removed from the access token.
Issued Access Tokens always only contain scopes that are defined on the respective Resource Server (returned from features.resourceIndicators.getResourceServerInfo).
If the scopes are revoked from the resource server, they should be removed from the newly granted access token. This is now fixed in the new version of oidc-provider.