Permalink
Browse files

0.3.0 changelog, readme tweaks

  • Loading branch information...
1 parent 3e2169a commit 12c5b6636430edec52c27d3f95c1ed9c6e7a1dd4 @cemerick committed Jan 5, 2017
Showing with 16 additions and 8 deletions.
  1. +10 −0 CHANGES.md
  2. +6 −8 README.md
View
@@ -1,5 +1,15 @@
## [Friend](http://github.com/cemerick/friend) changelog
+### `0.3.0`
+
+* The "classic" OpenId (i.e. OpenId 1.1/2.0) workflow provided by `cemerick.friend.openid` has been
+ removed, along with the dependencies it alone required. See
+ https://github.com/cemerick/friend/issues/45#issuecomment-270696012 for something like a
+ justification for the change. (gh-45)
+* The "channel security" features (`requires-scheme*` set of middlewares) deprecated in `0.2.3`
+ have been removed.
+* Friend can now be used in IPv6 environments. (gh-154)
+
### `0.2.3`
* Deprecated and un-documented friend's "channel security" features. You should
View
@@ -31,9 +31,9 @@ Friend is intended to provide a foundation for addressing
all of the authentication and authorization concerns associated with web
apps:
-* user agent authentication; Friend currently includes support for form,
- HTTP Basic, and OpenId authentication, and makes it easy to:
- * implement and use other workflows
+* user agent authentication; Friend currently includes support for form and
+ HTTP Basic authentication, and makes it easy to:
+ * implement and use other workflows (e.g oauth, OpenId connect)
* integrate app-specific user-credential checks
* role-based authorization
* optionally uses Clojure's ad-hoc hierarchies to model hierarchical
@@ -95,10 +95,6 @@ Available [here](http://github.com/cemerick/friend/blob/master/CHANGES.md).
can/should apply to multiple authorization workflows. Fixes for such
things will break the existing API.
* the `su` mechanism is in-progress
-* the OpenId authentication workflow needs to be broken out into a
- separate project so that those who aren't using it don't suffer its
-transitive dependencies. (The form and HTTP Basic workflows are
-dependency-free, and will likely remain here.)
* …surely there's more. File issues.
## "Installation"
@@ -399,7 +395,9 @@ you like, to suit your application and your security requirements.
### Nginx configuration
-If you are using Nginx to, e.g, terminate SSL, set the appropriate headers so that the Clojure backend can generate the correct `return-to` URLs for the openid and similar workflows:
+If you are using Nginx to, e.g, terminate SSL, set the appropriate headers
+so that the Clojure backend can generate the correct `return-to` URLs for
+the openid and similar workflows:
```nginx

0 comments on commit 12c5b66

Please sign in to comment.