Skip to content
This repository was archived by the owner on Sep 28, 2022. It is now read-only.

Latest commit

 

History

History
756 lines (352 loc) · 32.2 KB

CHANGELOG.md

File metadata and controls

756 lines (352 loc) · 32.2 KB

12.0.1 (2022-09-19)

Bug Fixes

  • 🐛 Remove forceAuthn for MFA (e3ff40c)

12.0.0 (2022-09-13)

Features

  • 🎸 better introspectionr results (ee1dda8)

BREAKING CHANGES

  • Requires db update (see v12.0.0.sql)

11.0.3 (2022-09-13)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.25 (d90579c)

11.0.2 (2022-09-13)

Bug Fixes

  • deps: update dependency com.fasterxml.jackson.dataformat:jackson-dataformat-yaml to v2.13.4 (8a4de44)

11.0.1 (2022-09-13)

Bug Fixes

  • 🐛 Fix non-existing continue_direct view name (b0813df)

11.0.0 (2022-09-13)

Features

  • 🎸 Return samlError from token in devicecode (ff184f1)

BREAKING CHANGES

  • requires DB update

10.5.4 (2022-09-13)

Bug Fixes

  • deps: update dependency io.sentry:sentry-bom to v6.4.1 (14d76c1)

10.5.3 (2022-09-13)

Bug Fixes

  • 🐛 Downgrade logback to preserve compatibility (97b2a0d)

10.5.2 (2022-09-13)

Bug Fixes

  • deps: update logback.version to v1.4.0 (7849045)

10.5.1 (2022-08-29)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.24.3 (fa7e1e0)
  • deps: update dependency io.sentry:sentry-bom to v6.4.0 (20caf2a)
  • deps: update dependency org.postgresql:postgresql to v42.5.0 (e534f7b)

10.5.0 (2022-08-26)

Features

  • return error response on noAuthnContext (7d1f731)

10.4.0 (2022-08-26)

Features

  • Integration with sentry (219f31c)

10.3.4 (2022-08-24)

Bug Fixes

  • 🐛 Allow calling /devicecode without client secret (02d8d34)

10.3.3 (2022-08-22)

Bug Fixes

  • deps: update dependency org.postgresql:postgresql to v42.4.2 (8fce861)
  • deps: update shedlock.version to v4.41.0 (2b60811)

10.3.2 (2022-08-20)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.24.2 (5bdccc7)

10.3.1 (2022-08-19)

Bug Fixes

  • deps: update dependency org.apache.directory.api:api-all to v2.1.2 (61f49e6)
  • deps: update dependency org.springframework.security:spring-security-bom to v5.7.3 (530bdb2)

10.3.0 (2022-08-16)

Features

  • GA4GH ClaimSource by API call (0753598)

10.2.1 (2022-08-15)

Bug Fixes

  • deps: update shedlock.version to v4.40.0 (c597037)

10.2.0 (2022-08-15)

Features

  • 🎸 Spring5 & Spring-security 5 (3faa9a6)

10.1.3 (2022-08-15)

Bug Fixes

  • deps: update eclipse-persistence.version to v2.7.11 (d85ea1c)

10.1.2 (2022-08-08)

Bug Fixes

  • deps: update dependency org.apache.directory.api:api-all to v2.1.1 (741e502)

10.1.1 (2022-08-08)

Bug Fixes

  • deps: update dependency com.google.code.gson:gson to v2.9.1 (9b42b50)
  • deps: update dependency org.mariadb.jdbc:mariadb-java-client to v3.0.7 (c27a5c5)

10.1.0 (2022-07-28)

Features

  • 🎸 Configurable timeouts in RPC connector (a929858)

10.0.3 (2022-07-27)

Bug Fixes

  • correct postgreSQL for v10 breaking change (28a9411)
  • deps: update dependency mysql:mysql-connector-java to v8.0.30 (5426aa9)

10.0.2 (2022-07-25)

Bug Fixes

  • 🐛 Fix nullPointerexception in AuthProcFilterInit (64c0d51)

10.0.1 (2022-07-13)

Bug Fixes

  • 🐛 Fix script loading for LS footer (bd90a76)

10.0.0 (2022-07-09)

Bug Fixes

  • 🐛 Fix displaying for consent for EMBL (ef47df1)

BREAKING CHANGES

  • 🧨 DB changes (see v10.0.0.sql files)

9.4.0 (2022-07-08)

Features

  • IsEligible authproc filter and claim source (2e0aaa7)

9.3.2 (2022-07-04)

Bug Fixes

  • deps: update dependency org.mariadb.jdbc:mariadb-java-client to v3.0.6 (fc02c8f)

9.3.1 (2022-06-15)

Bug Fixes

  • deps: update dependency org.postgresql:postgresql to v42.4.0 (9f56413)

9.3.0 (2022-06-03)

Features

  • 🎸Claim sources for extracting AuthenticationContextClassRef and AuthnInstant (d9d3034)

9.2.2 (2022-06-03)

Bug Fixes

  • 🐛 Fix SAML Claim source when singleValue to use joiner (d16c3c6)
  • 🐛 Fixed displaying consent screens for LS template (9884eb1)

9.2.1 (2022-06-01)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.23 (0c465ca)

9.2.0 (2022-05-30)

Bug Fixes

  • deps: update dependency org.mariadb.jdbc:mariadb-java-client to v3.0.5 (e6a8342)
  • deps: update dependency org.postgresql:postgresql to v42.3.6 (c1d62ca)

Features

  • Added new claims sources (15cf3a9)

9.1.6 (2022-05-23)

Bug Fixes

  • deps: update dependency com.fasterxml.jackson.dataformat:jackson-dataformat-yaml to v2.13.3 (e5f3a62)

9.1.5 (2022-05-09)

Bug Fixes

  • deps: update dependency org.postgresql:postgresql to v42.3.5 (319d0c7)

9.1.4 (2022-04-25)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.22 (1a087e4)

9.1.3 (2022-04-25)

Bug Fixes

  • deps: update dependency org.springframework.security.oauth:spring-security-oauth2 to v2.5.2.release (5eafd46)

9.1.2 (2022-04-25)

Bug Fixes

  • deps: update dependency mysql:mysql-connector-java to v8.0.29 (9ff89f7)

9.1.1 (2022-04-22)

Bug Fixes

  • 🐛 Fixed wrong mail in LS consent (c84912c)

9.1.0 (2022-04-22)

Features

  • 🎸 Filter for logging authentication details (585dbd8)

9.0.3 (2022-04-22)

Bug Fixes

  • deps: update dependency org.projectlombok:lombok to v1.18.24 (6736cf4)
  • improve MUNI header (3f0f910)

9.0.2 (2022-04-20)

Bug Fixes

9.0.1 (2022-04-19)

Bug Fixes

  • deps: update dependency org.postgresql:postgresql to v42.3.4 (cae6002)

9.0.0 (2022-04-13)

Features

BREAKING CHANGES

  • requires database update (see migraiton script), dropped ELIXIR theme

8.2.5 (2022-04-11)

Bug Fixes

  • show unapproved message (0d6e2c7)

8.2.4 (2022-04-11)

Bug Fixes

  • 🐛 Added missing return values when RPC disabled (733597a)

8.2.3 (2022-04-11)

Bug Fixes

  • 🐛 Fix nullPointer in SamlAuthenticationDetailsStringCon (3c034f4)

8.2.2 (2022-04-06)

Bug Fixes

  • 🐛 Fix storing SavedUserAuth (c83ecc2)

8.2.1 (2022-04-04)

Bug Fixes

  • 🐛 Remove RelayState from SAML details in SavedUserAuth (0f73d88)

8.2.0 (2022-04-04)

Features

  • 🎸 More user lookup methods (3ea2b82)

8.1.9 (2022-04-04)

Bug Fixes

  • deps: update dependency org.aspectj:aspectjweaver to v1.9.9.1 (fb56956)

8.1.8 (2022-03-31)

Bug Fixes

  • deps: update dependency org.aspectj:aspectjweaver to v1.9.9 (4ef0063)
  • deps: update dependency org.mariadb.jdbc:mariadb-java-client to v3.0.4 (96358d9)

8.1.7 (2022-03-23)

Bug Fixes

  • deps: update eclipse-persistence.version to v2.7.10 (2f864fc)

8.1.6 (2022-03-23)

Bug Fixes

  • 🐛 Allow Group description to be empty string (76899b4)
  • deps: update dependency com.fasterxml.jackson.dataformat:jackson-dataformat-yaml to v2.13.2 (1db9d51)

8.1.5 (2022-03-09)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.21 (b1810d8)

8.1.4 (2022-03-09)

Bug Fixes

  • deps: update logback.version to v1.2.11 (8601f9c)

8.1.3 (2022-03-09)

Bug Fixes

  • deps: update dependency com.google.guava:guava to v31.1-jre (1032ed0)

8.1.2 (2022-02-17)

Bug Fixes

  • 🐛 Fix missing execute statement in statistics filter (93b8081)

8.1.1 (2022-02-17)

Bug Fixes

  • deps: update dependency com.google.code.gson:gson to v2.9.0 (0ec65b6)

8.1.0 (2022-02-17)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.19 (bb1443f)
  • deps: update dependency org.aspectj:aspectjweaver to v1.9.8 (78087dc)
  • deps: update dependency org.postgresql:postgresql to v42.3.3 (9810e84)

Features

  • 🎸 Display noAuthnContext message on login_failure (8872469)

8.0.6 (2022-02-01)

Bug Fixes

  • deps: update dependency com.nimbusds:nimbus-jose-jwt to v9.18 (6653cdb)

8.0.5 (2022-02-01)

Bug Fixes

  • deps: update dependency org.mariadb.jdbc:mariadb-java-client to v3 (b3ddb12)

8.0.4 (2022-02-01)

Bug Fixes

  • deps: update dependency org.glassfish.jaxb:jaxb-runtime to v2.3.6 (64f8997)

8.0.3 (2022-01-26)

Bug Fixes

  • 🐛 Consider empty referer as external (d4bc19e)

8.0.2 (2022-01-13)

Bug Fixes

  • 🐛 Set email verified to true (93fc557)

8.0.1 (2022-01-12)

Bug Fixes

  • 🐛 Fix missing sub in ClaimSourceProduceContext (5eace9f)

8.0.0 (2022-01-12)

Features

  • 🎸 Refactored userinfo serv., new SAML-based claim sources (2c413d9)

BREAKING CHANGES

  • 🧨 requires database update

7.5.2 (2022-01-10)

Bug Fixes

  • 🐛 Do not display remember me when prompt=consnet (1bf72b8)

7.5.1 (2021-12-23)

Bug Fixes

  • incorrect label on stay logged in button (75a626f)

7.5.0 (2021-12-10)

Features

  • 🎸 Configurable favicons (bf227df)

7.4.1 (2021-12-09)

Bug Fixes

  • 🐛 Fix inserting and reading properties in the stats filter (31710bf)

7.4.0 (2021-12-09)

Features

  • 🎸 Configurable name of user col in stats filter (4a5be5d)

7.3.0 (2021-12-09)

Features

  • 🎸 Configurable max pool size for JDBC data sources (e5b406e)

7.2.0 (2021-12-08)

Features

  • 🎸 Added automated bundling of .war file into release (cd1118f)

7.1.1 (2021-12-08)

Bug Fixes

  • 🐛 Fix possible SQL exceptions (b3bd9e9)

7.1.0 (2021-12-07)

Bug Fixes

  • DB inserts in statistics work with PostgreSQL (b72eb8f)

Features

  • Added configurable ipdIdColumnName and spIdColumnName in statistics (515f99b)

7.0.0 (2021-12-06)

Code Refactoring

  • 💡 Refactored GA4GH Passports and visas (a94fd99)

Features

  • 🎸 Implemented BBMRI-ERIC Ga4gh Passports and Visas (141e6c8)

BREAKING CHANGES

  • 🧨 Ga4gh Claim source class for ELIXIR has been changed. Also, the ElixirAccessTokenModifier class has been moved and renamed.

6.0.0 (2021-12-06)

Code Refactoring

  • 💡 Drop support for java 8 (4a0b63e)

BREAKING CHANGES

  • 🧨 Dropped support for java 8

5.0.1 (2021-12-02)

Bug Fixes

  • 🐛 Fix fallbacking of locale to the code to prevent errors (ceb01c7)

5.0.0 (2021-11-30)

Code Refactoring

  • 💡 Refactored how translations are loaded and used (665b45f)

BREAKING CHANGES

  • Property web.langs.customfiles.path must point to the RersourceBundle.

4.0.1 (2021-11-19)

Bug Fixes

  • 🐛 Fixed missing ACRs code and device_code flows (4d3b072)

4.0.0 (2021-11-19)

Bug Fixes

  • 🐛 Fix ACR for implicit and authorization_code flows (39bc00a)

BREAKING CHANGES

  • 🧨 Database needs to be updated: ALTER TABLE saved_user_auth DROP source_class; ALTER TABLE saved_user_auth ADD COLUMN acr VARCHAR(1024);

3.5.0 (2021-11-16)

Features

  • 🎸 AARC_IDP_HINTING implemented (ebd1459)

3.4.1 (2021-11-15)

Bug Fixes

  • 🐛 Added missing PostgreSQL dependency (e12c164)

3.4.0 (2021-11-12)

Features

  • 🎸 Forward client_id in AuthenticationContextClass (6a6d1e3)

3.3.0 (2021-11-11)

Features

  • 🎸 Extended list of internal referrers for sess. invalider (9aa16ff)
  • 🎸 Make SAML identifier attribute configurable (3949857)

3.2.0 (2021-11-09)

Features

  • 🎸 Adderd e-INFRA CZ template (5eb50f6)

3.1.0 (2021-11-08)

Features

  • 🎸 Sign refresh tokens (23a6354)

3.0.1 (2021-11-05)

Bug Fixes

Unreleased:

1.3.3:

  • Authorization codes are now longer
  • Client/RS can parse the "sub" and "user_id" claims in introspection response
  • Database-direct queries for fetching tokens by user (optimization)
  • Device flow supports verification_uri_complete (must be turned on)
  • Long scopes display properly and are still checkable
  • Language system remebers when it can't find a file and stops throwing so many errors
  • Index added for refresh tokens
  • Updated to Spring Security 4.2.11
  • Updated Spring to 4.3.22
  • Change approve pages to use issuer instead of page context
  • Updated oracle database scripts

1.3.2:

  • Added changelog
  • Set default redirect URI resolver strict matching to true
  • Fixed XSS vulnerability on redirect URI display on approval page
  • Removed MITRE from copyright
  • Disallow unsigned JWTs on client authentication
  • Upgraded Nimbus revision
  • Added French translation
  • Added hooks for custom JWT claims
  • Removed "Not Yet Implemented" tag from post-logout redirect URI

1.3.1:

  • Added End Session endpoint
  • Fixed discovery endpoint
  • Downgrade MySQL connector dependency version from developer preview to GA release

1.3.0:

  • Added device flow support
  • Added PKCE support
  • Modularized UI to allow better overlay and extensions
  • Modularized data import/export API
  • Added software statements to dynamic client registration
  • Added assertion processing framework
  • Removed ID tokens from storage
  • Removed structured scopes

1.2.6:

  • Added strict HEART compliance mode