v1.13.0

1.13.0 (2024-07-11)

Features

• add HTTPClientFromContext + improved OtelHTTPClientFromContext func (fa1b3e8)
• add context path spec to correctly handle redirect (71aef28)
• add hydra admin url to config + add comment for env var expectation (b36e498)
• add hydra clients to OAuth2Context struct (0072078)
• add Logout function and HTTPClientInterface (98e4ec3)
• add logout handler (5ea5742)
• add logout implementation (3c435d4)
• add NextTo cookie handling to cookie manager and interface (5a5cc30)
• handle optional next parameter for FE use (1f4ca15)

Bug Fixes

• add json parsing error (8713366)
• clear cookie functions (3a1b2e4)
• improve validation error messages (c20ff4a)
• temporary fix to allow time for new solution on the frontend (6ee0ac3)
• UI serving handlers (b4070b1)

v1.12.0

1.12.0 (2024-07-02)

Features

• add /auth/me endpoint handler to return json with principal info (9fa92a3)
• add user session cookies ttl external config (b4da23d)
• cookie + refresh token support for middleware (cab3f84)
• expand cookie manager interface + implementation for tokens cookies + tests (a026e24)
• expand on Principal attributes + improve PrincipalFromContext (4104b3a)
• set tokens cookies in callback and redirect to UI url + adjust tests (f6e8277)

Bug Fixes

• add contextual tuples to openfga (03d313d)
• always add tuples for global read and admins (992f283)
• rename admin user (2f01a27)

v1.11.0

1.11.0 (2024-06-21)

Features

• add encrypt implementation (1a88aad)

Bug Fixes

• typo in variable name (4558fd0)
• ui use react routers base path and add tests for base path calculation (85da4c0)
• ui uses relative base path. in case /ui/ is found in the current page url, all urls and api routes use the found prefix from the path. If /ui/ is not found, fall back to / as the base path. Fixes #317 Fixes IAM-911 Fixes WD-12306 (709399c)
• unauthenticated handlers were called twice (1d7ebb9)

v1.10.0

1.10.0 (2024-06-17)

Features

• add 2 implementations of token verifier + tests (1d1c5f9)
• add AuthCookieManager implementation (ed18cf5)
• add interfaces for oauth2 integration (684abac)
• add OAuth2 and OIDC related env vars to the Spec struct (b900cc4)
• add OAuth2 authentication middleware + tests (e054552)
• add oauth2 context to manage oauth2/oidc operations + tests (62bff44)
• add OAuth2 login handler + tests (88c29e6)
• add OAuth2Helper implementation (00c5bc1)
• adopt new oauth2 integration (912029c)
• dependencies: add coreos/go-oidc v3 dependency (fe20b2f)
• handler: add state check + improve structure/implementation (2c29251)

Bug Fixes

• add security headers to UI handler (ea3c6ba)
• rename Urn to URN (603418d)
• serve the same file for all ui routes (29ee190)
• serve ui assets under relative path (c3f21a9)
• serve UI files (9007b77)
• serve UI from root path (e5ecf42)
• use BASE_URL to add trailing slash (30b7b1b)

v1.9.0

1.9.0 (2024-05-24)

Features

• uniform rules handlers to pageToken pagination (7c70cc6)

v1.8.0

1.8.0 (2024-05-09)

Features

• upgrade rebac-admin to 0.0.1-alpha.3 (96aca77)

v1.7.0

1.7.0 (2024-05-06)

Features

• implement new Create{Group,Role} interface + adjust handlers (0adce3c)
• let Create{Group,Role} return newly created object (e1ba968)

v1.6.1

1.6.1 (2024-05-06)

Bug Fixes

• role: error out when ID is passed for creation (2a46a5e)
• role: use Name field for creation (e63fdaa)

v1.6.0

1.6.0 (2024-04-30)

Features

• add openfga_workers_total int config with default (b12ac05)
• add payload_validation_enabled config key (419b042)
• add SetTokens method + empty tokens don't get set (f165155)
• add 3rd party validator to API structs + setupValidation func + initial noop middleware (1de0006)
• add constructor for validator + use json tags for validation errors (44d7223)
• add externalized Kube config file env var (9a63fe3)
• add full validation implementation for schemas (45993ed)
• add identity provider management, add logo (48f47ec)
• add log tailing to skaffold run (a9725da)
• add login screen (1befe87)
• add pagination to clients, schemas and identity lists in ui. Add identity creation form WD-10253 (5f55463)
• add URL param validation for groups handlers (24c8d99)
• add Urn type (f7d33e2)
• add validation implementation for clients (549d985)
• add validation implementation for groups (700cf04)
• add validation middlewareonly if payload validation is enabled + reorder middleware and endpoints registration (32814e8)
• add validation setup for groups endpoint (06fb9f4)
• add validation setup for identities endpoint (b4178c9)
• add validation setup for schemas endpoint (8c5e173)
• add ValidationRegistry for API validation + instantiate in router (50f0810)
• add worker pool implementation (dbd2f9d)
• adjust identity api to accept page token (beb0d42), closes #256
• adjust pagination for schemas endpoints (e2a2df3), closes #44
• allow create-fga-model cli command to save on a k8s coonfigmap (56463bb)
• authorization middleware based on openFGA (8f2cb3e)
• create groups service (3d8d648)
• create roles service (c796135)
• create token pagination extractor (215b6cb)
• create-group: allow creator user to view group (efcaeec)
• delete-group: delete all relation for group to delete (883b513)
• enable authorization by default (6f61651)
• enhance identity provider form to cover all providers and relevant fields, hide advanced fields by default (ef62667)
• enhance ValidationRegistry with PayloadValidator and adjust in handlers + enhance Middleware + add func for ApiKey retrieval from endpoint (313617a)
• enhanced ValidationError with specific field errors and common errors (a21462c)
• handlers for groups API (63d5dc4)
• handlers for roles API (114b284)
• hook up worker pool for groups and roles API (ce83bd6)
• idp: add validation implementation (71ff661)
• implement converters for each type of API (09852b0)
• include roles and groups from ReBAC Admin (5d03914)
• introduce BatchCheck, WriteTuples, DeleteTuples and ReadTuples in openfga client (39eb195)
• introduce groups API converter to deal with authorization in the middleware (5f8875a)
• invoke setup validation on registered APIs (de16a0b)
• parse and expose link header from hydra (7c2d3f6)
• passing openfga store and model id to admin service (51f4fab)
• roles: add validation implementation (6bf72e5)
• rules: add validation implementation (c42bd45)
• separate authorization client from OpenFGA client (2cc4dab)
• upgrade openfga model (c49abd5)
• use interface instead of client pointer (3e1ac0f)
• use side panels for client and idp creation (ef798c4)
• wire up groups API (352bc45)
• wire up roles API in web application (16ba352)

Bug Fixes

• adapt serve command to changes on k8s client (e6701e2)
• add back URL Param validation from previous commit (ebe07a5)
• add command for creating an admin user (50449a9)
• add command for removing an admin user (2db3a08)
• add extra check on list schemas test for navigation ([2afec86](2afec86c79e20912490e...

v1.5.0

1.5.0 (2024-01-26)

Features

• use cobra-cli (8f061d3)

Bug Fixes

• add config for openfga integration (bc751e2)
• add logic for create-fga-model (7fc9a6c)
• add noop tracer (f97484c)
• add openfga module (d7d3418)
• implement version command (fe5fc83)
• introduce authorization module (28df12b)
• introduce noop logging and monitoring (09b529d)