NO CHANGES
BUG FIXES:
- Invalidate JWT with single non-empty string aud on empty bound audiences #295
IMPROVEMENTS:
- Updated dependencies:
gopkg.in/square/go-jose.v2v2.6.0 ->gopkg.in/go-jose/go-jose.v2v2.6.3github.com/docker/dockerv24.0.7+incompatible -> v24.0.9+incompatiblegolang.org/x/netv0.22.0 -> v0.24.0golang.org/x/sysv0.18.0 -> v0.19.0
BUG FIXES:
- Prevent error writing plugin config when run as a Vault built-in plugin for Vault version 1.16.1 #290
IMPROVEMENTS:
- Make redirect uri validation case-insensitive #282
IMPROVEMENTS:
- auth/jwt: adds the ability to specify more than one JWKS URL used to verify tokens #277
- Updated dependencies:
github.com/hashicorp/vault/apiv1.10.0 -> v1.12.0github.com/hashicorp/vault/sdkv0.10.2 -> v0.11.0golang.org/x/oauth2v0.15.0 -> v0.17.0golang.org/x/syncv0.5.0 -> v0.6.0google.golang.org/apiv0.154.0 -> v0.163.0
IMPROVEMENTS:
- Add support for numeric claims in
bound_claims#265
IMPROVEMENTS:
- Include role name in Entity Alias metadata #160
- Updated dependencies:
github.com/hashicorp/capv0.3.4 -> v0.4.0github.com/hashicorp/go-sockaddrv1.0.2 -> v1.0.5github.com/hashicorp/vault/apiv1.9.2 -> v1.10.0github.com/hashicorp/vault/sdkv0.9.2 -> v0.10.0golang.org/x/oauth2v0.11.0 -> v0.12.0google.golang.org/apiv0.138.0 -> v0.143.0
FIXES:
- Add missing error check for parsing CLI flags #245
FIXES:
- Ensure SIGTSTP is only used in unix builds [GH-255]
IMPROVEMENTS:
- Close HTTP listener if stop or kill signal is received [GH-251]
IMPROVEMENTS:
- Support ADC for Google Workspace [GH-240]
- Updated dependencies:
github.com/hashicorp/capv0.3.1 -> v0.3.4github.com/hashicorp/vault/sdkv0.9.1 -> v0.9.2golang.org/x/oauth2 v0.9.0-> v0.10.0google.golang.org/api v0.129.0-> v0.134.0
IMPROVEMENTS:
- Updated dependencies:
github.com/hashicorp/capv0.2.1-0.20230221194157-7894fed1633d -> v0.3.0github.com/hashicorp/vault/apiv1.9.0 -> v1.9.1github.com/hashicorp/vault/sdkv0.8.1 -> v0.9.0github.com/stretchr/testifyv1.8.2 -> v1.8.3golang.org/x/oauth2v0.6.0 -> v0.8.0golang.org/x/syncv0.1.0 -> v0.2.0google.golang.org/apiv0.114.0 -> v0.124.0
IMPROVEMENTS:
- Make error response less verbose [GH-233]
IMPROVEMENTS:
- enable plugin multiplexing GH-225
- update dependencies
github.com/hashicorp/vault/apiv1.9.0github.com/hashicorp/vault/sdkv0.8.1github.com/go-test/deepv1.0.8 -> v1.1.0github.com/hashicorp/capv0.2.1-0.20220727210936-60cd1534e220 -> v0.2.1-0.20230221194157-7894fed1633dgithub.com/hashicorp/go-hclogv1.0.0 -> v1.5.0github.com/mitchellh/pointerstructurev1.2.0 -> v1.2.1github.com/stretchr/testifyv1.7.0 -> v1.8.2golang.org/x/oauth2v0.0.0-20220524215830-622c5d57e401 -> v0.6.0golang.org/x/syncv0.0.0-20220722155255-886fb9371eb4 -> v0.1.0google.golang.org/apiv0.83.0 -> v0.114.0
IMPROVEMENTS:
- Adds
abort_on_errorparameter to CLI login command to help in non-interactive contexts [GH-214] - Adds ability to set Google Workspace domain for groups search [GH-220]
- Updates dependency
google.golang.org/api@v0.83.0[GH-205] - Add Custom Provider for SecureAuth IdP [GH-196]
- Improves detection of Windows Subsystem for Linux (WSL) in CLI [GH-209]
- Adds support for Microsoft US Gov L4 to the Azure provider for groups fetching [GH-211]
- Adds ability to use JSON pointer syntax for the
user_claimvalue [GH-204]
- Uses Proof Key for Code Exchange (PKCE) in OIDC flow [GH-188]
- Fixes OIDC auth from the Vault UI when using the implicit flow and
form_postresponse mode [GH-192]
- Uses Proof Key for Code Exchange (PKCE) in OIDC flow [GH-191]
- Add a skip_browser argument to make auto-launching of the default browser optional [GH-182]
- Fixes OIDC auth from the Vault UI when using the implicit flow and
form_postresponse mode [GH-192]
- Fixes OIDC auth from the Vault UI when using the implicit flow and
form_postresponse mode [GH-192]
BUG FIXES:
- Fixes
bound_claimsvalidation for provider-specific group and user info fetching [GH-149]