Philippe Signoret

Adds new permissions for AuthorizationPolicy

1

Adds a new permissions Policy.ReadWrite.Authorization to the permission dialog.

PKCE is now recommended for confidential clients as well.

Add support for B2C directories

2

Originally requested in #67

Use email properties for email when auto-provisioning

6

Instead of UPN

Currently, these are in session variables, but I doubt that's the best way to share. Needs a bit of investigation.

Error messages not always displaying at login form

5

Needs more investigation, but basically, often error messages are not displaying in the login form (e.g. when not a member of the groups).

Conflict with VigilanTor plugin

1

Per @andre4s in #14, there is a conflict with the VigilanTor plugin (https://wordpress.org/plugins/vigilantor/).

In #14, @M-ine observes that they have seen the cache return an empty string. Because we're checking the result using `===`, this is considered a successful cache lookup, and the...

In #14, @M-ine reports that some PHP versions can limit URL length which would cause issues in the Authorization Response is too long. Consider switching to [Form Post Response Type](https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html),...