5.3.0

(#635) fix OAuth2RequestResolver to only check on request that match the oauth2 login flow.
(#625) update dependencies

5.2.0

Use new Spring authorization server
remove the deprecated spring-security-oauth2 libraries
Other changes:

• first user will be admin by default (configurable option, can be turned off)

5.1.0

Changes:
use spring security oauth2 client instead of spring-security-oauth library, this is a breaking change in the way oauth2 providers' clients are configured since spring security has specific properties to register the clients.

replace OAuth2SsoFilter with OAuth2AuthorizationRequestResolver bean:

• use oauth2 DSL in SecureServerConfig
• add custom oauth2 and open id connect user info service
• add oauth2 request resolver

replace legacy spring oauth2 beans
add docker compose to run ego stack locally
replace legacy oauth2 lib exceptions
update tests with new changes

5.0.0

Release 5.0.0

upgrade spring boot to latest 2.5.0
upgrade spring cloud version to latest
fix profiles to match the new spring boot properties schema
fix vault dependency
update to new spring data page-able interface

4.5.0

upgrade spring security oauth2 to 2.5.0
upgrade spring security oauth2 autoconfigure 2.4.4
upgrade postgres in testcontainers to 12.6

Merge pull request #588 from overture-stack/rc/4.4.0

Ego Release Notes

• Release Version: 4.4.0
• Release Date: March 25, 2021

New Features and Changes

• Added ability to generate the OAUTH error for "No Primary Email Found" based on Provider Type, so that future messages can be customized per Provider.

2.2.3

Bug Fix

• build time reduced.

2.2.2

Bug Fixes

• Fixes missing newline in public key response.

2.2.1

Features:

• Spring Actuator enabled providing a health endpoint.

Bug fixes:

• New user creation was fixed. Previously broken due to @NotNull on preferred language.

2.1.0

Changes from 1.x -> 2.1.0

OAuth2.0

• Ego is now an OAuth2.0 client for:
  • Google
  • Linkedin
  • Facebook
  • Github
• New login flow allowing multiple front end logins to be supported
• Properly working Client Credentials flow for Application level tokens
• Previous google and facebook SDK logins preserved for backwards compatibility.

JWT

• Ego JWT Structure has changed
  • User Tokens:
    • role has changed to userType and is no longer a collection.
    • Inclusion of scopes as part of JWT
  • Application Tokens
    • applicationType field added where possible values are ADMIN and CLIENT

Policies

• New entity that provides ACL like functionality.
  • WRITE, READ, DENY are the permissible values for a permission on a policy
  • Permissions on a policy can be assigned to a group or a user
  • Computed scopes (values of permissions) based on inheritance from user permissions and group permissions

API Tokens

• Similar to the ICGC Access Tokens in functionality
• Uses Basic auth of an admin type application to create tokens on behalf of user
• Scopes (values of permissions on policies) are assignable to a token

Bug Fixes and Improvements

• Last login correctly recorded
• Data access and database improvements
• Misc bug fixes
• Selenium testing infrastructure added