Releases: AbsaOSS/login-service
Releases · AbsaOSS/login-service
Release list
v2.4.1
v2.4.0
v2.3.0
New Features 🎉
- #167 Allow groups slipstream in token/generate (e.g. for MSEntra) in #168
- config now must contain
loginsvc.rest.jwt.{aws-secrets-manager|generate-in-memory}.allow-providers-to-refresh-groups-on-generate = false|true. If enabled, this bring the ability to fill empty groups for users (obtained by MS Entra). - Note that
Entra-provider.order < LDAP-provder.orderis necessary for correct function ⬆️ - The example UI Login form is extended to optionally pass
group-prefixes
- config now must contain
Full Changelog
v2.2.1
New Features 🎉
- #159 Add browser-based login form example using Entra ID and MSAL.js in #160
- Include an example login form to demonstrate Login Service integration with entra
Bugfixes 🛠
- #161 MS Entra plugin times out sometimes in #162
- Entra timeouts are now 10s/10s by default, configurable by
loginsvc.rest.auth.provider.entra.{jwks-connect-timeout-ms, jwks-read-timeout-ms}
- Entra timeouts are now 10s/10s by default, configurable by
Full Changelog
v2.2.0
New Features 🎉
-
#127 MS Entra integraton in #158
- Add MS Entra login mechanism
-
PR: #155 (#154) Set Groups and Case Sensitivity to optional Parameters in clientLibrary
- Removed overloaded methods and introduced AuthMethod trait to indicate authentication method. This removes ambiguity with the default parameters and avoids compilation errors.
Full Changelog
v2.1.0
New Features 🎉
- #151 token/generate case sensitivity for clientLibrary in #153
- Added Case Sensitivity option for client library
- PR: #155 (#154) Set Groups and Case Sensitivity to optional Parameters
- Removed overloaded methods and introduced AuthMethod trait to indicate authentication method. This removes ambiguity with the default parameters and avoids compilation errors. Original API kept, but marked as obsolete.
Bugfixes 🛠
- #156 Bug: POST token/generate returns empty on 401 while Swagger defines JSON in #157
- Bugfix: 401 Responses were missing body with error description despite the API doc stating so.
Full Changelog
v2.0.0
New Features 🎉
- #146 [LS] Introduces
/token/generate?group-prefixescase-sensitivity control in #149- Previously existing
/token/generate?group-prefixes=prefixHereis no longer case-sensitive by default. One may add&case-sensitive=trueto bring back previous behavior.
- Previously existing
Migration notes from v1.6 and older
- Login service v1.6.0 and older's
/token/generate?group-prefixes=prefixesHereequivalent will now be/token/generate?group-prefixes=prefixesHere&case-sensitive=true- if you want to keep using case-sensitive group filtering, you need to add
&case-sensitive=trueto your token-generating request URL - if this change is welcome (i.e. you benefit from case-insensitive filtering - you had to put in multiple cases of the same prefix to match), you need to do nothing (or even simplify the groups prefixes that are the same except for casing)
- if you want to keep using case-sensitive group filtering, you need to add
Full Changelog
v1.6.1
Infrastructure ⚙️
Documentation 📜
Full Changelog
v1.6.0
Login Service v1.5.0
New Features 🎉
- #138 Make Login Service releasable under new Maven central repository in #140
- Updated
sbt.versionto1.11.5for release. - Updated Developers
- Updated
sbt-ci-releaseto1.11.2 - Updated
scala213 = "2.13.13"
- Updated
- #33 Removed futures from controller in #139
- Removed Futures from all return types of the token controller
- Amended Tests and classes required for this
Silent-live 🤫
- #129 Experimental: An attempt to do browser negotiation on a get enpoint in #130
- experimental GET endpoint at
/token/experimental/get-generateadded (must be allowed in config vialoginsvc.rest.experimental.enabled=true)
- experimental GET endpoint at
Documentation 📜
- #35 JWT public signing verification documentation (direct howto on
/token/generateandtoken/public-key) - PR: #136 Remove jacoco forks
- Used new GH Action for Jacoco reports.
- Used Jacoco agent solution instead of sbt-jacoco plugin for measuring code coverage.
- Used new library for method filtration for jacoco reports.
- PR: #137 Used latest release of jmf.
- Update to use latest version of jmf.
Spikes ⚠️
- #74 Possibility to login using email address