All notable changes to this project will be documented in this file.
3.3.1 - 16-03-2023
lastLoginfield on crud when a service account receives a new access token
3.3.0 - 14-03-2023
- redis username and password login support for redis mode normal (authentication with redis sentinel is not supported)
3.2.2 - 07-03-2023
- added environment variable
ADDITIONAL_HEADERS_TO_PROXYto specify additional headers to be proxied and environment variable
USERID_HEADER_KEYto specify the header key holding the user identifier.
- go 1.20
MONGODB_CREDENTIALS_DATABASE_NAMEenv variable optional
3.2.1 - 05-07-2022
- Change log level of a noisy log from 'Error' to 'Warning'
3.2.0 - 24-02-2022
- New endpoint
POST - /clientsthat allows to create a new client with certain authorization properties and with a certain state.
3.1.0 - 21-01-2022
Added possibility to set a clock skew, that will be used in the /oauth/token request to validate the iat and notBefore timestamps
Added the optional
allowedCustomClaimsproperty to clients, to allow clients that use the
private_key_jwtauthentication method to add custom claims into the client_assertion, that will be added into the JWT claims
3.0.0 - 20-10-2021
REDIS_HOSTenv is changed in
REDIS_HOSTS. To use sentinel mode, you can provide multiple comma-separated redis hosts.
- Added support to redis sentinel
- Added new
REDIS_MODEenv. default value is
- Added new
- Added new
/.well-known/openid-configurationdiscovery endpoint to return the OpenId Connect configuration, if available
- updated library dependencies
2.0.2 - 02-03-2021
- disable html escape in logs
- update dependencies
2.0.1 - 05-01-2021
- fix JSON unmarshal of client with public key as empty object (for example if client auth method is client secret basic)
- Updated gitlab-ci.yml mongo dependency, from this version mongo 4.4 support is guaranteed.
- Updated redis dependency, from this version redis 6 support is guaranteed.
2.0.0 - 05-10-2020
- updated glogger v2.0.3 which brings new logging format potentially breaking for log processing stack
1.1.0 - 07-07-2020
- JWT registration and login with
1.0.0 - 23-06-2020
POST /register:allows to create a client and related credentials. The supported auth method is
POST /oauth/token:validates client credentials received from request and eventually generates a new JWT for the client. The supported auth method is
GET /tokeninfo:checks the validity of the received JWT, returning the claims contained in it. If the audience is also received in input, the first is also checked against the audiences defined in the service configuration.
GET /.well-known/jwks.json:returns an array of JWK values, whose items can be used to verify the signature of a JWT.