Skip to main content
Version: 13.x (Current)

CHANGELOG

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

2.4.3 - 04-12-2024

Added

  • ci: sbom generation and image signing

2.4.2 - 20-12-2022

Fixed

  • return 401 if auth route is not found and strict mode is enabled

2.4.1 - 2022-07-04

Fixed

  • fix redirect on subsequent slashes in path (even if url encoded)

2.4.0 - 12-04-2022

Added

  • support Envoy calling style by handling all paths starting with /auth

Fixed

  • fixed sub path matching when uri in Original-Request-Uri contains query string parameters

2.3.0 - 28-02-2022

Added

  • support for trusting mia headers mode, which allows to trust the mia user headers (miauserid, miausergroups, miauserproperties) instead of resolving the user by calling the userinfo URL

Changed

  • USERINFO_URL is not Required anymore

2.2.0 - 4-11-2021

Added

  • add OPTIONS method to support cors calls

2.1.1 - 12-10-2021

Fixed

  • fixed sub path matching for invalid routes (e.g. /foo-bar matching /foo route)

2.1.0 - 13-07-2021

Added

  • new env var AUTHORIZATION_HEADERS_TO_PROXY. If this header is set, it is enabled an optimization to avoid to contact the user management service. The behavior is fully retro compatible if not set.

2.0.2 - 02-03-2021

Fixed

  • disable html escape for logs

Updated

  • update dependencies

2.0.1 - 16-10-2020

Changed

  • downgrade log level to trace and debug

2.0.0 - 05-10-2020

BREAKING CHANGE

  • updated glogger v2.0.3 which brings new logging format, potentially breaking for log processing stack

1.2.0

Added

  • add permission as evaluation map in expression.
  • add conditional user info url between frontend and backoffice endpoint.

Fixed

  • extended regular expression that checks that ! is followed only by = and ( to also match i (as in isBackoffice)
  • fix log in main before log initialization
  • upgrade deps

1.1.2 - 24-02-2020

Added

  • Added customizable delay to graceful shutdown to allow zero downtime.

v1.0.0

Added

  • routing by gorilla/mux
  • middleware to log request and response
  • creating auth handler