Skip to main content
Version: 14.3.0

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

3.4.1 - 04-12-2024

Added

  • ci: sbom generation and image signing

3.4.0 - 28-02-2024

Feature

  • add support to tls connection to redis
  • add support to tls and authentication to redis sentinel

3.3.3 - 22-02-2024

  • transparently read 422 or 409 to support CRUD Service v7 new status code on duplicated entries

3.3.2 - 12-02-2024

  • reorganize and enrich documentation

Added

  • return specific error if the CRUD returns 422 when creating or registering a client

3.3.1 - 16-03-2023

Added

  • set lastLogin field on crud when a service account receives a new access token

3.3.0 - 14-03-2023

Added

  • redis username and password login support for redis mode normal (authentication with redis sentinel is not supported)

3.2.2 - 07-03-2023

Added

  • added environment variable ADDITIONAL_HEADERS_TO_PROXY to specify additional headers to be proxied and environment variable USERID_HEADER_KEY to specify the header key holding the user identifier.

Upgraded

  • go 1.20

Changed

  • make MONGODB_CREDENTIALS_DATABASE_NAME env variable optional

3.2.1 - 05-07-2022

Changed

  • Change log level of a noisy log from 'Error' to 'Warning'

3.2.0 - 24-02-2022

Added

  • New endpoint POST - /clients that allows to create a new client with certain authorization properties and with a certain state.

3.1.0 - 21-01-2022

Added

  • Added possibility to set a clock skew, that will be used in the /oauth/token request to validate the iat and notBefore timestamps

  • Added the optional allowedCustomClaims property to clients, to allow clients that use the private_key_jwt authentication method to add custom claims into the client_assertion, that will be added into the JWT claims

3.0.0 - 20-10-2021

BREAKING CHANGE

  • The REDIS_HOST env is changed in REDIS_HOSTS. To use sentinel mode, you can provide multiple comma-separated redis hosts.

Added

  • Added support to redis sentinel
    • Added new REDIS_MODE env. default value is normal
    • Added new REDIS_MASTER_NAME env.
  • OPENID_CONFIG_PATH environment variable
  • /.well-known/openid-configuration discovery endpoint to return the OpenId Connect configuration, if available
  • updated library dependencies

2.0.2 - 02-03-2021

Fixed

  • disable html escape in logs

Updated

  • update dependencies

2.0.1 - 05-01-2021

Fixed

  • fix JSON unmarshal of client with public key as empty object (for example if client auth method is client secret basic)

Updated

  • Updated gitlab-ci.yml mongo dependency, from this version mongo 4.4 support is guaranteed.
  • Updated redis dependency, from this version redis 6 support is guaranteed.

2.0.0 - 05-10-2020

BREAKING CHANGE

  • updated glogger v2.0.3 which brings new logging format potentially breaking for log processing stack

1.1.0 - 07-07-2020

Added

  • JWT registration and login with private_key_jwt auth method

1.0.0 - 23-06-2020

Added

  • POST /register: allows to create a client and related credentials. The supported auth method is client_secret_basic.
  • POST /oauth/token: validates client credentials received from request and eventually generates a new JWT for the client. The supported auth method is client_secret_basic.
  • GET /tokeninfo: checks the validity of the received JWT, returning the claims contained in it. If the audience is also received in input, the first is also checked against the audiences defined in the service configuration.
  • GET /.well-known/jwks.json: returns an array of JWK values, whose items can be used to verify the signature of a JWT.