1.3.0

• bug fix related to session state and persistent logins
• added helper extension method to login user from outside of IdentityServer (such as a registration page)
• bug fix related to redirecting to invalid redirect_uri
• added configuration setting to control how many sign in message cookies purged
• added content-type to end session callback to fix problems in safari and iOS
• added option to control cookie's secure flag (for load balancer scenarios)
• changed signout behavior to not require authenticated user (but can be required via new flag)