Skip to content

v0.20.0

Choose a tag to compare

View all tags
@c2FmZQ-bot c2FmZQ-bot released this 04 Sep 18:34
· 58 commits to main since this release
v0.20.0
This tag was signed with the committer’s verified signature.
rthellend Robin Thellend
GPG key ID: 66B67667FD414F55
Verified
Learn about vigilant mode.
e1e85e6
This commit was signed with the committer’s verified signature.
rthellend Robin Thellend
GPG key ID: 66B67667FD414F55
Verified
Learn about vigilant mode.

v0.20.0

🌟 New features

  • Groups for access control. See examples/sso
  • Device authorization flow (RFC 8628) to access backend services from non-browser environments, e.g. shell scripts.
    • Parts of this change also add scopes to all the endpoints so that the permissions of tokens issued with oauth2
      can be limited. By default, all the proxied http(s) endpoints that require SSO also require the sso scope.
      Built-in endpoints have their own required scopes as well, e.g. ssh, pki, etc.
  • New maximumCertificateLifetime attribute for sshCertificateAuthorities.

🔧 Misc

  • Fix parsing of SSH Cert request. Sometimes, the requested TTL wasn't parsed correctly.
  • Update go dependencies:
    • upgraded github.com/beevik/etree v1.5.1 => v1.6.0
    • upgraded go.uber.org/mock v0.5.2 => v0.6.0

Compare with v0.19.0

Assets 35
Loading