Karl McGuinness

You should be able to add ```signedAssertion: true``` to the ```idpOptions``` params object in ```app.js``` and expose via a new CLI arg similar to ```signResponse: argv.signResponse```

I haven't maintained a docker image yet, there is a compose file in the repo to build your own. Just haven't had the time for establish a repeatable build, test,...

I am maintaining the code. Is the ask here just to publish an image to docker hub on each release? What else is needed besides a `.travis.yml` file for CI/CD...

> * Authorization server includes (new) `resource` parameter in token response. @jaredhanson I was expecting this as well. Unfortunately we may need to draft a net new extension for this...

1. Client should know whether a given Authorization Server supports resource-based authorization or token requests 2. Client should know what the outcome of a resource indicator token request and not...

A new draft was published that defines the `resource` token response parameter https://datatracker.ietf.org/doc/draft-mcguinness-oauth-resource-token-resp/