v5.0.5-beta.2

fix: use correct go image in docker build

v5.0.5-beta.1

What's Changed

• refactor: refactor proxy controller to handle proxy auth modules better by @steveiliop56 in #714
• chore(deps-dev): bump @types/node from 25.4.0 to 25.5.0 in /frontend in the minor-patch group by @dependabot[bot] in #711

Full Changelog: v5.0.4...v5.0.5-beta.1

v5.0.4

Tinyauth v5.0.4

Last patch I promise...or not

This release addresses issue #706 regarding the X-Forwarded-URI header.

Improvements

• Support for X-Original-URI header

Fixes

• X-Forwarded-URI should not be required

Technical

• Update dependencies

Please let me know of any issues so as I can fix them as soon as possible.

v5.0.3

Tinyauth v5.0.3

Warning

This release contains security fixes, please update as soon as possible.

This release addresses GHSA-xg2q-62g2-cvcm and GHSA-3q28-qjrv-qr39 discovered by @e1024x.

Fixes

• Don't continue authentication on empty X-Forwarded-* headers.
• Ensure user is logged in and not in the 2FA flow in the authorize endpoint
• Ensure client ID matches the code entry before issuing a token

Technical

• Update dependencies
• Update translations

Please let me know of any issues so as I can fix them as soon as possible.

v5.0.3-beta.1

New translations en.json (French) (#702)

v5.0.2

Tinyauth v5.0.2

Another small patch addressing issues with the healthcheck command and OIDC key management.

Improvements

• Support for PKIX public keys @DarkDare

Fixes

• Add kid to ID token JWT header
• Make state a non-required field in the authorize request
• Accept port and address individually in the healthcheck command @luizfelipefb

Technical

• Bump dependencies

New Contributors

• @luizfelipefb made their first contribution in #698

Please let me know of any issues so as I can fix them as soon as possible.

v5.0.2-beta.2

fix: fix typo in public key loading

v5.0.2-beta.1

chore(deps): bump the minor-patch group across 1 directory with 3 upd…

v5.0.1

Tinyauth v5.0.1

Hey everyone, this is a small patch release addressing a config file loading issue (can now be loaded with --experimental.configfile or TINYAUTH_EXPERIMENTAL_CONFIGFILE) and fixing issues in the OIDC implementation moving towards the certification goal. You can check the OIDC testing status in the OpenID Connect Certification Platform (this release ensures basic oidcc-server passes).

Fixes

• Ensure kid is present in the JWKS response
• Handle empty client name in authorize page
• Use correct environment variable and flag for config loading
• Ensure nonce is being acknowledged in the ID token response
• Ensure email_verified is present as a claim in the ID token and user info response
• Ensure cache control headers are set on the token endpoint

Technical

• Bump dependencies
• Update translations

Please let me know of any issues so as I can fix them as soon as possible.

v5.0.1-rc.1

New Crowdin updates (#684)

* New translations en.json (Korean)

* New translations en.json (Dutch)

* New translations en.json (Chinese Simplified)