github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
OpenID-Connect-Java-Spring-.../CHANGELOG.md

9.5 KiB
Raw Blame History

8.0.1 (2022-01-12)

Bug Fixes

  • ๐Ÿ› Fix missing sub in ClaimSourceProduceContext (5eace9f)

8.0.0 (2022-01-12)

Features

  • ๐ŸŽธ Refactored userinfo serv., new SAML-based claim sources (2c413d9)

BREAKING CHANGES

  • ๐Ÿงจ requires database update

7.5.2 (2022-01-10)

Bug Fixes

  • ๐Ÿ› Do not display remember me when prompt=consnet (1bf72b8)

7.5.1 (2021-12-23)

Bug Fixes

  • incorrect label on stay logged in button (75a626f)

7.5.0 (2021-12-10)

Features

  • ๐ŸŽธ Configurable favicons (bf227df)

7.4.1 (2021-12-09)

Bug Fixes

  • ๐Ÿ› Fix inserting and reading properties in the stats filter (31710bf)

7.4.0 (2021-12-09)

Features

  • ๐ŸŽธ Configurable name of user col in stats filter (4a5be5d)

7.3.0 (2021-12-09)

Features

  • ๐ŸŽธ Configurable max pool size for JDBC data sources (e5b406e)

7.2.0 (2021-12-08)

Features

  • ๐ŸŽธ Added automated bundling of .war file into release (cd1118f)

7.1.1 (2021-12-08)

Bug Fixes

  • ๐Ÿ› Fix possible SQL exceptions (b3bd9e9)

7.1.0 (2021-12-07)

Bug Fixes

  • DB inserts in statistics work with PostgreSQL (b72eb8f)

Features

  • Added configurable ipdIdColumnName and spIdColumnName in statistics (515f99b)

7.0.0 (2021-12-06)

Code Refactoring

  • ๐Ÿ’ก Refactored GA4GH Passports and visas (a94fd99)

Features

  • ๐ŸŽธ Implemented BBMRI-ERIC Ga4gh Passports and Visas (141e6c8)

BREAKING CHANGES

  • ๐Ÿงจ Ga4gh Claim source class for ELIXIR has been changed. Also, the ElixirAccessTokenModifier class has been moved and renamed.

6.0.0 (2021-12-06)

Code Refactoring

  • ๐Ÿ’ก Drop support for java 8 (4a0b63e)

BREAKING CHANGES

  • ๐Ÿงจ Dropped support for java 8

5.0.1 (2021-12-02)

Bug Fixes

  • ๐Ÿ› Fix fallbacking of locale to the code to prevent errors (ceb01c7)

5.0.0 (2021-11-30)

Code Refactoring

  • ๐Ÿ’ก Refactored how translations are loaded and used (665b45f)

BREAKING CHANGES

  • Property web.langs.customfiles.path must point to the RersourceBundle.

4.0.1 (2021-11-19)

Bug Fixes

  • ๐Ÿ› Fixed missing ACRs code and device_code flows (4d3b072)

4.0.0 (2021-11-19)

Bug Fixes

  • ๐Ÿ› Fix ACR for implicit and authorization_code flows (39bc00a)

BREAKING CHANGES

  • ๐Ÿงจ Database needs to be updated: ALTER TABLE saved_user_auth DROP source_class; ALTER TABLE saved_user_auth ADD COLUMN acr VARCHAR(1024);

3.5.0 (2021-11-16)

Features

  • ๐ŸŽธ AARC_IDP_HINTING implemented (ebd1459)

3.4.1 (2021-11-15)

Bug Fixes

  • ๐Ÿ› Added missing PostgreSQL dependency (e12c164)

3.4.0 (2021-11-12)

Features

  • ๐ŸŽธ Forward client_id in AuthenticationContextClass (6a6d1e3)

3.3.0 (2021-11-11)

Features

  • ๐ŸŽธ Extended list of internal referrers for sess. invalider (9aa16ff)
  • ๐ŸŽธ Make SAML identifier attribute configurable (3949857)

3.2.0 (2021-11-09)

Features

  • ๐ŸŽธ Adderd e-INFRA CZ template (5eb50f6)

3.1.0 (2021-11-08)

Features

  • ๐ŸŽธ Sign refresh tokens (23a6354)

3.0.1 (2021-11-05)

Bug Fixes

  • ๐Ÿ› fix loading JWKS (371adc1)

Unreleased:

1.3.3:

  • Authorization codes are now longer
  • Client/RS can parse the "sub" and "user_id" claims in introspection response
  • Database-direct queries for fetching tokens by user (optimization)
  • Device flow supports verification_uri_complete (must be turned on)
  • Long scopes display properly and are still checkable
  • Language system remebers when it can't find a file and stops throwing so many errors
  • Index added for refresh tokens
  • Updated to Spring Security 4.2.11
  • Updated Spring to 4.3.22
  • Change approve pages to use issuer instead of page context
  • Updated oracle database scripts

1.3.2:

  • Added changelog
  • Set default redirect URI resolver strict matching to true
  • Fixed XSS vulnerability on redirect URI display on approval page
  • Removed MITRE from copyright
  • Disallow unsigned JWTs on client authentication
  • Upgraded Nimbus revision
  • Added French translation
  • Added hooks for custom JWT claims
  • Removed "Not Yet Implemented" tag from post-logout redirect URI

1.3.1:

  • Added End Session endpoint
  • Fixed discovery endpoint
  • Downgrade MySQL connector dependency version from developer preview to GA release

1.3.0:

  • Added device flow support
  • Added PKCE support
  • Modularized UI to allow better overlay and extensions
  • Modularized data import/export API
  • Added software statements to dynamic client registration
  • Added assertion processing framework
  • Removed ID tokens from storage
  • Removed structured scopes

1.2.6:

  • Added strict HEART compliance mode