CHANGELOG

Unreleased

v0.62.0 (2024-05-08)

Update golangci-lint config
Bump go-jose to latest backwards compatible release
Bump golang.org/x/net from 0.17.0 to 0.24.0
enhancement: enhance Security by Allowing Same-Site Cookie Value Modification
Bump ip from 2.0.0 to 2.0.1 in /identifier

v0.61.2 (2024-02-19)

Limit oidc check session iframe postMessage hook scope
Bump vite from 4.5.0 to 4.5.2 in /identifier
Bump follow-redirects from 1.14.8 to 1.15.4 in /identifier
Bump golang.org/x/crypto from 0.14.0 to 0.17.0

v0.61.1 (2023-11-22)

Fix branding settings cache usage

v0.61.0 (2023-11-15)

Bump github.com/rs/cors from 1.9.0 to 1.10.1
Bump github.com/sirupsen/logrus from 1.9.1 to 1.9.3
Bump Node in CI to 18
Improve visuals of login form fields
Migrate from react-scripts to vite
Update 3rd-party Javascript dependencies
Bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.6
Bump golang.org/x/net from 0.10.0 to 0.17.0
Bump github.com/crewjam/saml from 0.4.13 to 0.4.14
Increase golangci-lint timeout to 2 minutes
Escape LDAP filter values when constructing filters
Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1
LDAP Attributetypes are case-insensitive
Bump github.com/beevik/etree from 1.1.0 to 1.2.0
Bump golang.org/x/crypto from 0.0.0-20220622213112-05595931fe9d to 0.9.0

v0.60.0 (2023-05-11)

Bump golang.org/x/oauth2 from 0.5.0 to 0.8.0
Bump identifier third party dependencies
Support Node 17 or higher for development
Bump caniuse-lite to latest version
Bump github.com/spf13/cobra from 1.5.0 to 1.7.0
Bump golang.org/x/time from 0.0.0-20220224211638-0e9765cccd65 to 0.3.0
Bump golang.org/x/net from 0.8.0 to 0.10.0
Bump github.com/gabriel-vasile/mimetype from 1.4.1 to 1.4.2
Bump github.com/go-ldap/ldap/v3 from 3.4.2 to 3.4.4
Bump github.com/russellhaering/goxmldsig from 1.2.0 to 1.4.0
Bump github.com/rs/cors from 1.8.2 to 1.9.0
Bump github.com/prometheus/client_golang from 1.13.0 to 1.15.1
Bump github.com/golang-jwt/jwt/v4 from 4.4.3 to 4.5.0
Bump github.com/gofrs/uuid from 4.2.0+incompatible to 4.4.0+incompatible
Bump github.com/crewjam/saml from 0.4.10 to 0.4.13
Bump golang.org/x/net from 0.0.0-20220624214902-1bab6f366d9e to 0.8.0
Bump golang.org/x/text from 0.3.7 to 0.3.8

v0.59.4 (2022-12-02)

Pull survey client dependency from Github

v0.59.3 (2022-12-01)

Bump loader-utils from 2.0.0 to 2.0.4 in /identifier
Bump github.com/golang-jwt/jwt/v4 from 4.3.0 to 4.4.3
Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
Bump github.com/crewjam/saml from 0.4.6 to 0.4.10
Update oidc and rndm external dependencies
Bump github.com/gabriel-vasile/mimetype from 1.4.0 to 1.4.1
Bump @xmldom/xmldom from 0.8.2 to 0.8.5 in /identifier

v0.59.2 (2022-10-19)

Fix a bunch of eslint warnings
Bump identifier third party dependencies
Bump caniuse-lite to latest version

v0.59.1 (2022-10-13)

Update rndm to 1.1.2

v0.59.0 (2022-09-27)

Switch CI pipeline to Go 1.18
Increase state cookie duration to 10 minutes
Properly handle prompt select_account and consent for external oidc
Update transient go dependencies
Use error wrapping in oauth2 callback propertly
Add short instructions for libregraph backend
Remove obsolete dummy backend
Remove obsolete cookie backend
Remove kc backend
Bump github.com/prometheus/client_golang from 1.12.1 to 1.13.0
Bump github.com/spf13/cobra from 1.4.0 to 1.5.0

v0.58.0 (2022-09-26)

Implement code flow for external OIDC authorities
Don't enforce prompt=None for external OIDC auth
Fix development server listner and proxy address
Ensure to commit Yarn 2 config
Add missing build dependencies
Allow build to succeed in CI even with eslint warnings
Fetch identifier vendor dependencies in vendor CI step
Make Go linter errors non-fatal
Add build CI
Add dependabot config
Upgrade to Yarn 2
Use Yarn 2

v0.57.0 (2022-08-23)

Allow backends to set top level ID token claims
Support loading validators from PEM encoded certificates
Fix parsing of JWKS in authorities registration YAML

v0.56.1 (2022-07-19)

Fix HTTP2 support for libregraph backend connections

v0.56.0 (2022-07-07)

Update oidc-go to v0.3.4
Retain issuer subpath when computing well-known configuration URI
Bump all internal Python scripts to run with Python 3
Add support for implicit scopes for server registered clients

v0.55.0 (2022-04-13)

Update to current browserlist database
Bump to require Go 1.18

v0.54.1 (2022-03-31)

Update dependencies and move to different uuid package
Interpolate identifier error message translations correctly

v0.54.0 (2022-03-15)

Bump follow-redirects from 1.14.4 to 1.14.8 in /identifier
Bump github.com/crewjam/saml to v0.4.6
Server Servername on TLS config
Allow to set a CA certificate for LDAPS connections
Use LibreGraph branded names when generating 3rd-party license overview
Update JavaScript license ranger to latest version
Add identifier i18n via ietf code to support Chinese better
Add cookie support for identifier locale selection
Allow i18n Makefile to operate on individual po files
Update German translation
Add support to limit the available identifier web app locales
Improve i18n of identifier web app
Bring back translations for German, French and Dutch
Update README to reflect LibreGraph
Update third party dependencies
Bring back i18n for identifier web app
Use fixed translation ids for error messages
Avoid adding state twice to endsession callback URL query
Enable dependabot for Go modules

v0.53.1 (2021-12-20)

Injecty identifier identity into context in token requests
Fix panic when client request has no client_id
Do not show sign-in screen when prompt=none when no user

v0.53.0 (2021-12-01)

Add support for sessions when using the libregraph identifier backend
Blacklist other selective scopes for multiple libregraph backend support
Add scope based backend selection for libregraph identity backend
Remove auth pass through from request headers

v0.52.0 (2021-11-12)

Support accountEnabled property in libregraph identifier backend
Add support for identifier backends to expand the requested scopes
Add support to extend authorized scopes from backend
Update 3rd-party direct and transitive dependencies
Ensure user data is refreshed on token creation
Use lico specific unique salt for sub values
Simplify and unify built-in scopes and access/refresh token claims
Add support for top level at claims via in libregraph identifier backend
Retain received branding even on hello updates, until hello reset

v0.51.1 (2021-10-15)

Ensure that app-icon.svg gets built with Makefile

v0.51.0 (2021-10-15)

Add support for open extensions in libregraph identifier backend
Migrate dgrijalva/jwt-go to golang-jwt/jwt-go

v0.50.0 (2021-10-14)

Switch HTTP client default User-Agent to LibreGraph Connect
Inject additional HTTP request headers into libregraph backend requests
Implement generic libregraph backend
Also make the identifier backends plugable
Make bootstrap of backend plugabble
Add support for visual branding of identifier
Replace Kopano logo with general app icon
Refactor translations, English only for now
Improve style of back buttons after style changes
Remove more Kopano CI, replace with generic UI and styles
Migrate more stuff away from konnect naming to lico naming
Modernize 3rd-party dependencies and remove kpop
Update 3rd-party identifier webapp dependencies
Use actually working caddy configuration in example
Update 3rd-party Go dependencies to their latest
Build with Go 1.17
Remove obsolete Jenkinsfile
Apply LibreGraph naming treewide

v0.34.0 (2021-05-06)

Correct Docker based build example
Fix broken client registration unit test initialization
Allow 127.0.0.1 and [::1] redirect_uris for native clients
Allow redirect_uris without path for native clients
Allow configuration of expiration of dynamic client_secret values
Update dependencies in Dockerfile.release

v0.33.11 (2020-12-14)

Validate XML before SAML processing

v0.33.10 (2020-11-02)

Fix processing for prompt select_account with consent
Improve checks for Basic auth data in token requests

v0.33.9 (2020-10-27)

Build with Go 1.14.10
enhance description
Add uri_base_path to binscript and config file
Catch potential errors when parsing own styles

v0.33.8 (2020-10-02)

Generate random endsession state for external authority
Update dependencies in Dockerfile

v0.33.7 (2020-09-29)

Set prompt=None to avoid loops with external authority

v0.33.6 (2020-09-10)

v0.33.6
Update Jenkins reporting plugin from checkstyle to recordIssues
Remove extra kty key from JWKS top level document

v0.33.5 (2020-06-25)

Fix regression which encodes URL fragments twice
Update Docker dependencies

v0.33.4 (2020-06-23)

Avoid generating fragmet/query URLs with wrong order
Return state for oidc endsession response redirects
Build with Go 1.14.4

v0.33.3 (2020-06-02)

Use server provided username to avoid case mismatch

v0.33.2 (2020-06-02)

Use signed-out-uri if set as fallback for goodbye redirect on saml slo
Add checks to ensure post_logout_redirect_uri is not empty

v0.33.1 (2020-05-26)

Fix SAML2 logout request parsing
Cure panic when no state is found in saml esr
Use SAML IdP Issuer value from meta data entityID

v0.33.0 (2020-04-16)

Allow configuration of expiration of oidc access, id and refresh tokens
Implement trampolin for external OIDC authority end session
Update to latest Alpine release
Update ca-certificates version

v0.32.0 (2020-04-15)

Implement delegation of end session to external authority
Improve names of temporary state and consent cookies
Use correct path when removing state cookies
Store identified user external authority ID in session data
Implement redirect binding slo response

v0.31.0 (2020-04-09)

Relax linter to let more warning pass
Implement validation for IdP initiated SLO requests
Add support for expiration and session id for external authorities
Fix wrong error message when there was no error
Add additional TODO markers for SAML external authority
Improve logging when using external SAML authority
Retry SAML initialize on error
Improve OIDC endsession endpoint handler when without token hint
Implement support for SAML IdP slo
Fail early when SAML2 authority fails to resolve user from backend
Apply user mapping when resolving users from LDAP backend
Update 3rd party dependencies
Update license ranger and generate 3rd party licenses from vendor folder

v0.30.0 (2020-03-09)

Add SAML2 external authority example config
Update linter in CI to latest version so it works with Go 1.14
Implement SAML2 external authority support
Prepare external authority support for different authority types
Update and deduplicate external dependencies
Ensure identifier client index.html is actually loaded
Build with Go 1.14
Merge branch 'IljaN-make-identifier-webapp-optional'
Add disable-identifier-webapp option
Migrate konnect identifier to newly introduced theme.spacing api

v0.29.0 (2020-02-13)

Detect browser state change issues
Add fulllint helper to lint from the start
Update 3rd party Go dependencies
Update javascript 3rd party dependencies
Reorganize component folder structure
Remove webkit autofill hack
Update license parser to support esm sub modules
Reorganize identifier webapp
Update c-r-a, kpop and dependencies
Clean up linter warnings
Merge branch 'embedding' of https://github.com/IljaN/konnect
Merge branch 'bugfix/dynamic-port-redirect-native-clients' of https://github.com/DeepDiver1975/konnect
Make konnect usable as library
Only lint changes, to increase visibility of newly introduced issues
Allow dynamic ports in redirect uri for native clients
Add build arg for explict version selection for Docker build
Update third party dependencies
Fix unhandled error
Log initialiation error when external auth fails to initialize
Fix spelling mistakes

v0.28.1 (2019-12-16)

Update oidc-go to fix pkce Base64URL padding

v0.28.0 (2019-12-02)

Update third party modules
Update kcc-go to v5

v0.27.0 (2019-11-25)

Relax linting requirement
Update dependencies to their latest minor releases
Update 3rd party dependencies
Use Go modules instead of Go dep
Set SameSite=None for all cookies
Build with Go 1.13.4

v0.26.0 (2019-11-11)

Strip issuer subpath for OIDC url endpoints
Force prompt=none for sencodary authorize after external authority auth
Avoid error when identifier backend resolve cannot find a user
Update curl to fix building of container image
Build with Go 1.13.3

v0.25.3 (2019-10-23)

Fix cookie backend claims context
Ensure BASE in fmt and check targets
Add a list of technologies used

v0.25.2 (2019-09-30)

Build with Go 1.13.1

v0.25.1 (2019-09-11)

Update Docker entrypoint for metrics listener
Expose metrics port for Docker containers

v0.25.0 (2019-09-11)

Build with Go 1.13 and update minimal Go version to 1.13
Add usage survey block to README
Add automatic survey reporting
Add basic metrics

v0.24.2 (2019-09-05)

Merge pull request #112 in KC/konnect from ~GITCOMMIT/konnect:master to master

v0.24.1 (2019-09-04)

Enable Icelandic translation, and avoid loading untranslated catalogs
Update kpop to 0.24.5
Translated using Weblate (Icelandic)
Add args to changelog target
Update kpop to 0.20.4
Update list of enabled languages
Add Hindi
rename language
Translated using Weblate (Dutch)
Translated using Weblate (Russian)
Translated using Weblate (Norwegian Bokmål)
Translated using Weblate (French)
Translated using Weblate (Portuguese (Portugal))
Translated using Weblate (Portuguese (Portugal))
Translated using Weblate (Norwegian Bokmål)
Translated using Weblate (Russian)
Cleanup Dockerfile
Fixup headlines

v0.24.0 (2019-07-10)

Update dep to v0.5.4
Update kcc-go and dependencies

v0.23.6 (2019-07-09)

Add healthcheck success output
Update Dockerfiles for best practices
Avoid trying to load a key with empty filename
Add healthcheck sub command
Bump diff from 3.4.0 to 3.5.0 in /identifier
Handle redirect_uri parse error in client registration

v0.23.5 (2019-06-12)

Update kcc-go to 4.0.0 (and dependencies)
Use Apache-2.0 license
Deduplicate yarn.lock
Bump handlebars from 4.0.11 to 4.1.2 in /identifier
Bump clean-css from 4.1.9 to 4.1.11 in /identifier
Bump axios from 0.16.2 to 0.18.1 in /identifier
Bump sshpk from 1.13.1 to 1.16.1 in /identifier

v0.23.4 (2019-05-21)

Avoid breaking on startup when starting with empty scopes definitions

v0.23.3 (2019-05-10)

Fix a problem where welcome page would not display

v0.23.2 (2019-05-10)

Avoid remove of empty keyframes for autoFill detection
Properly detect Chrome auto fill in login form fields

v0.23.1 (2019-05-09)

Use correct dep download URL
Ensure JSON translations are not empty on fresh build
Build with Go 1.12 and use latest dep tool

v0.23.0 (2019-05-09)

Update js license ranger to include notices
Optimize use of visual white space
Update kpop and migrage typography to new variants
Enable nl and ru languages in production build
Translated using Weblate (Dutch)
Rebuild translation catalogs
Add stats target for i18n
Rebuild translations and translate to German
Make it possible to translate built in scope descriptions
Always allow merge to run
Add language selector
Only leave actually translated languages enabled in production builds
Merge translation files and fix German typos
Update kpop
Correctly register pt-PT
Update kpop and react-scripts
Slightly imporve Material-UI styles
Update react-router to 5.0.0
Update Material-UI dependency to latest
Update React to 18.8.6
Do not start browser when in dev mode
Replace PATH_PREFIX with sane value in dev mode
Change license to Apache License 2.0

v0.22.0 (2019-04-26)

Add origins key to web client examples
Add hint that Konnect has learned to load JSON Web Keys
Update external Kopano dependencies
Include NOTICE files in 3rdparty-LICENSES.md
Log default OIDC provider signing details
Implement support for EdDSA keys
Fix typos
Add TLS client auth support for kc backend
Setup kcc default HTTP client
Unify HTTP client settings and setup
Add support to set URI base path
Translated using Weblate (Portuguese (Portugal))
Translated using Weblate (Norwegian Bokmål)
Translated using Weblate (Russian)
Update Go dependencies
Add threadsafe authority discovery support
Only log unhandled inner identity manager errors
Only compare hostname (not the port) for native clients
Only enable default external authority
Fixup yaml config
Set RSA-PSS salt length for all RSA-PSS JWT algs always
Add OAuth2 RP support to identifier
Add examples for remove debugging and IDE
Ignore debug build results
Ignore .vscode for people using it
Integrate Delve debugger support via make dlv
Use Go report card batch
Add Go report card
Add godoc entry point with import annotation
Improve docs, mark cookie backend as testing only
Add reference for OpenID Connect dynamic client registration spec

v0.21.0 (2019-03-24)

Add dynamic client registration configuration support
Validate client secrets of dynamically registered clients
Add commandline parameter to allow dynamic client registration
Use prefix to identitfy dynamic clients ids
Properly pass on claims scopes on auth redirect
Implement OpenID Connect Dynamic Client Registration 1.0
Add cross references to implemented standards

v0.20.0 (2019-03-15)

Add support for preferred_username claim
Implement PKCE code challenges as defined in RFC 7636
Add support for konnect/id scope with LDAP backends
Make LDAP subject source configurable
Improve DN to sub conversion to clarify code
Fix up --use parameter in jwk-from-pem util
update Alpine base

v0.19.1 (2019-02-06)

Show details and print OK for make check
Add client guest flag to configuration and bin script

v0.19.0 (2019-02-06)

Include registration and scopes yaml examples in dist tarball
Make OIDC authorize session available early
Add utils sub command for pem2jwk conversion
Correct some spelling errors in configuration comments
Support trust for trusted clients using guest identity
Support trusted client scopes in secure oidc request

v0.18.0 (2019-01-22)

Bring back mandatory identity claims for ldap identifier backend
Allow startup without guest manager
Allow empty user claims in identifier
Cleanup identifier logon claims and comments
Bump base copyright years to 2019
Build with Node 10
Migrate from Glide to Dep
Use blake2b implementation from golang.org/x/crypto

v0.17.0 (2019-01-22)

Konnect now requires Go 1.10
Add sanity checks for user entry IDs
Support internal claims for identifier backends
Add multi server support for kc backend
Add support to return request provided claims in ID token and userinfo
Add possibility to pass thru claims from request to tokens
Add request claims as authorized claims for all managers
Add jti claim to access and refresh tokens
Add OIDC endsession support for guest users via session
Support guest users via signed claims authorize request
Add OIDC invalid_request_object error and use accordingly
Add support for the auth_time OIDC claim request
Add validation for the sub requested claim
OIDC authorize claims parameter support (1/2)
OIDC authorize claims parameter support (1/2)
Add support for client jwks in client registartion
Implement support for request objects with OIDC authorize
Always offer all supported ID token signing alg values

v0.16.1 (2018-11-30)

Fix startup problem without scopes conf

v0.16.0 (2018-11-30)

Extend identifier API docs by added fields of hello response
Report and allow scopes which are configured in scopes conf
Add new scopes configuration file to config and bin script
Add scopes.yaml configuration file
Move scope meta data to backend
Consolidate publicate scope definition
Log correct error after SSOLogon response

v0.15.0 (2018-10-31)

docs: Add OpenAPI 3 specification for the Konnect Identifier REST API
Translated using Weblate (German)
build: Fetch and include identifier 3rd party licenses in dist
Use Go 1.11 in Jenkins
identifier: Full German translation
Add a bunch of languages for translation
Fixup gofmt
identifier: Add i18n support for dynamic error messages
identifier: Add i18n for identifier web app
identifier: Add gear for i18n
identifier: Make identifier screens responsive
Remove docs not relevant for konnect

v0.14.4 (2018-10-16)

Use archiveArtifacts instead of deprecated archive step
Use golint from new location
identifier: Allow unset of logon cookie without user
ldap: Compare LDAP attributes case insensitive

v0.14.3 (2018-09-28)

Update build checks
Update yarn.lock

v0.14.2 (2018-09-28)

scripts: Reverse signing_kid check
scripts: Ensure correct owner when creating paths

v0.14.1 (2018-09-26)

Remove obsolete use of external environment files
Fix possible race in session cleanup

v0.14.0 (2018-09-21)

Refuse to start with low exponent RSA keys in RS signing mode
Use RSA-PSS (PS256) as JWT alg by default

v0.13.1 (2018-09-19)

oidc: Use correct Salt length with RSA-PSS signatures

v0.13.0 (2018-09-17)

oidc, identifier: Use kcoidc auth to kc for kc sessions

v0.12.0 (2018-09-12)

oidc: Allow change of signing method
oidc: Allow additional validations keys
Integrate kc session support to docs and scripts
identifier: Add configuration for kc session timeout
identifier, oidc: Add support for backend identity provider sessions
Update svg syntax
identifier: Set random NONCE in CSP and HTML
Add missing session API endpoint to Caddyfile examples

v0.11.2 (2018-09-07)

smaller typo corrections

v0.11.1 (2018-09-07)

Fix end session endpoint subject verify
Remove forgotten debug

v0.11.0 (2018-09-06)

oidc: Make subject URL safe by default
identifier: Update react-scripts to 1.1.5
oidc: Implement sid ID Token claim
oidc: Implement browser state and session state
Increase no-file limit to infinite

v0.10.2 (2018-08-29)

identifier: Use new favicon built from svg
identifier: Update to kpop 0.9.2 and dependencies
provider: Ensure to verify authentication request

v0.10.1 (2018-08-21)

Add setup subcommand to binscript

v0.10.0 (2018-08-17)

Include scripts in dist tarball
Run Jenkins with Go 1.10
Add log-level to config and avoid double timestamp for systemd
Add commandline args for log output control
Add systemd unit with runner script and config
Move rkt exaples to README

v0.9.0 (2018-08-01)

identifier: Add some TODO comments
oidc: Add support for additional claims in ID Token
oidc: Return scope value with authorize response
oidc: Add support for additional userinfo claims

v0.8.0 (2018-07-27)

oidc: Add support for url-safe sub via scope

v0.7.0 (2018-07-17)

Remove redux debug logging from production builds
Use PureComponent in base app
Update to kpop 0.5 and Material-UI 1
identifier: Add text labels for new scopes
Implement scope limitation
Remove debug
Cleanup scope structs
oidc: Add all claims to context

v0.6.0 (2018-05-28)

Add checks and consent to end session support
Allow configuration of client secrets
Implement endsession endpoint
identifier: Fix undefined link in consent screen
identifier: Update style to kpop and kopanoBlue
identifier: Remove tap plugin
identifier: Use kpop components
identifier: Add autoComplete attribute to login
identifier: Add build version information and favicon
identifier: Bump React and Material-UI versions

v0.5.5 (2018-04-11)

Add identifier-registration parameter to services

v0.5.4 (2018-04-09)

provider: Support redirect_uri values with query

v0.5.3 (2018-04-05)

identifier: Use correct no_uid_auth flag for logon to kc

v0.5.2 (2018-04-04)

docker: Allow Docker to switch user at runtime
docker: Make it possible to load secrets from custom location
identifier: Use no_uid_auth flag for logon to kc
Remove forgotten debug logging

v0.5.1 (2018-03-23)

Docker: Support additional ARGS via environment
Add hints for unix user required for kc backend
Fix Docker examples so they actually work

v0.5.0 (2018-03-16)

server: Disable HTTP request log by default
Add instructions for client registry conf
identifier: Add Client registry and validation
fix link to openid spec
Use port 3001 for development
Update build parameters for Go 1.10 compatibility
Update README to include Docker and dependencies
Update to Go 1.9 and Glide 0.13.1
Add 3rd party license information
Never fail on junit in post state
Do not run lint on normal build
Fixed a typo (Konano > Kopano)

v0.4.1 (2018-02-09)

provider: Allow the OAuth2 token flow
identifier: Fix select_account mode
Update release download link
Fill default parameters for cookie backend

v0.4.0 (2018-01-30)

Add Dockerfile.release
Add Dockerfile
identifier: Use properties to retrieve userdata
fix typo on readme
identifier: Implement family_name and given_name
identifier: Add UUID decode support to ldap uuid
identifier: LDAP descriptors are case insensitive
identifier: Implement uuid attribute support
identifier: Clean data from store on logoff
identifier: add overlay support with message
identifier: use augmenting teamwork background only
identifier: Update background to augmenting teamwork
identifier: Properlu handle LDAP search not found
identifier: Properly handle LDAP bootstrap errors

v0.3.0 (2018-01-12)

Refactor bootstrap/launch code
Add support for auth_time claim in ID Token
Update example scripts to use the new parameters
Remove --insecure parameter from examples
Remove double claim validation
identifier: Remove re-logon without password
Add support to load PKCS#8 keys
Load all keys from file
Add support for trusted proxies
identifier: Store logon time and validate max age
identifier: Add LDAP rate limiter
identifier: Implement LDAP backend
Add comments about authorized scopes
Make older golint happy
Update README
Fix whitespace in Caddyfiles
Identifier: use SYSTEM as KC username default
Update Caddyfile to be a real example
Use unpadded Base64URL encoding for left-most hash
Update docs to reflect plugin
Add API overview graph
Disable service worker
Integrate redux into service worker

v0.2.2 (2017-11-29)

Fix URLs extrated from CSS

v0.2.1 (2017-11-29)

Remove v prefix from version number

v0.2.0 (2017-11-29)

Bump up Loading a litte so it fits on low height screens better
Use inline blurred svg thumbnail background
Use webpack with code splitting
Fix support for service worker fetching index.html
Report additional supported scopes
Allow CORS for discovery docs
Build identifier webapp by default
Include idenfier webapp in dist
Fixup systemd service
Add Makefile for identifier client
Update rkt builder and services for kc backend
Add implicit trust for clients on the iss URI
Fixup identifier HTML page server routes
Add secure default CSP to HTML handler
Fixup: loading is now a string, no longer bool
Handle offline_access scope filtering
Add support to show multiple scopes
Use redirect as component
Allow identifier users to be included in tokens
Split up stuff into multiple files
Use unique component class names
Allow identifier users to be included in tokens
Add some hardcoded clients for testing
Reset errors and loading from choose to login
Set prompt=none when identifier is done
Fix prompt=login login
Implement proper loading state for consent ui
Implement consent cancel
Properly retrieve and pass through displayName
Only show account selector when prompt requests it
WIP: implement consent via direct identifier flows

v0.1.0 (2017-11-27)

Only allow continue= values which begin with location.origin
Update README for backends
Ignore no-cookie error
Add support for Firefox
Implement welcome screen and logoff ui
Set Referer-Policy header
Split up the monster
Move hardcoded defaults to config
Add logoff API endpoint
Add cookie checks for logon and hello
Fix linter errors and unit tests
Move general code to utils
Implement identifier and kc backend
Move config to seperate package
Ignore /examples folder
Merge pull request #6 in KC/konnect from ~SEISENMANN/konnect:longsleep-jenkinsfile to master
Add Jenkinsfile
Add aci builder and systemd service

v0.0.1 (2017-10-02)

Add docs abourt key and secret parameter
Fix README to use correct bin location
Merge pull request #5 in KC/konnect from ~SEISENMANN/konnect:longsleep-kw-sign-in to master
Add support for KW sign-in form
Merge pull request #4 in KC/konnect from ~SEISENMANN/konnect:longsleep-use-lowercase-cmdline-params to master
Use only lower case commandline arguments
Merge pull request #3 in KC/konnect from ~SEISENMANN/konnect:longsleep-use-external-rndm to master
Use rndm from external module
Build static without cgo by default
Add Makefile
Use seperate listener, add log message when listening started
Put local imports last
Use build date in version command
Add X-Forwarded-Prefix to Caddyfile
Merge pull request #2 in KC/konnect from ~SEISENMANN/konnect:longsleep-caddyfile to master
Add example Caddyfile
Move random helpers to own subpackage
Merge pull request #3 in ~SEISENMANN/konnect from longsleep-konnect-id-scope to master
Implement konnect/id scope
Update dependencies
Enable code flows in discovery document
Support --secret parameter value as hex
Update README with newly added parameters
Support identity claims in refresh tokens
Merge pull request #1 in ~SEISENMANN/konnect from longsleep-encrypt-cookies-in-at to master
Add encryption manager
Use nacl.secretbox for cookies encryption
Prepare encryption of cookies value in at
Move refresh token implementation to konnect
Move kc claims to konnect package
Remove obsolete OPTION handler
Add support for insecure TLS client connections
Fix typo in example users - sorry Ford, i thought you were perfect
Add option to limit cookie pass through to know names
Store cookie value in access token
Add jwks.json endpoint
Use subject as user id identifier everywhere
Add userinfo endpoint with cors
Add token endpoint with cors
Implement code flow support
Use cookies and users compatible with minioidc
Add support for sub path reverse proxy mode
Add Python and YAML to .editorconfig
Add cookie backend support
Add cookie identity manager
Add more commandline flags
Add key loading
Add unit tests for provider
Remove forgotten debug
Refactor server launch code
Prepare serve code refactorization
Simplify
Add dummy user backend for testing
Add .well-known discovery endpoint
Add OIDC basic implementation including authorize endpoint
Add references to other implementations
Use glide helper for unit tests
Add health-check handler with unit tests
Add minimal README, tl;dr only for now
Add vendoring and dependency locks with Glide
Add initial server stub with commandline flags, logger and version
Initial commit

Files

CHANGELOG.md

Latest commit

History

CHANGELOG.md

File metadata and controls

CHANGELOG

Unreleased

v0.62.0 (2024-05-08)

v0.61.2 (2024-02-19)

v0.61.1 (2023-11-22)

v0.61.0 (2023-11-15)

v0.60.0 (2023-05-11)

v0.59.4 (2022-12-02)

v0.59.3 (2022-12-01)

v0.59.2 (2022-10-19)

v0.59.1 (2022-10-13)

v0.59.0 (2022-09-27)

v0.58.0 (2022-09-26)

v0.57.0 (2022-08-23)

v0.56.1 (2022-07-19)

v0.56.0 (2022-07-07)

v0.55.0 (2022-04-13)

v0.54.1 (2022-03-31)

v0.54.0 (2022-03-15)

v0.53.1 (2021-12-20)

v0.53.0 (2021-12-01)

v0.52.0 (2021-11-12)

v0.51.1 (2021-10-15)

v0.51.0 (2021-10-15)

v0.50.0 (2021-10-14)

v0.34.0 (2021-05-06)

v0.33.11 (2020-12-14)

v0.33.10 (2020-11-02)

v0.33.9 (2020-10-27)

v0.33.8 (2020-10-02)

v0.33.7 (2020-09-29)

v0.33.6 (2020-09-10)

v0.33.5 (2020-06-25)

v0.33.4 (2020-06-23)

v0.33.3 (2020-06-02)

v0.33.2 (2020-06-02)

v0.33.1 (2020-05-26)

v0.33.0 (2020-04-16)

v0.32.0 (2020-04-15)

v0.31.0 (2020-04-09)

v0.30.0 (2020-03-09)

v0.29.0 (2020-02-13)

v0.28.1 (2019-12-16)

v0.28.0 (2019-12-02)

v0.27.0 (2019-11-25)

v0.26.0 (2019-11-11)

v0.25.3 (2019-10-23)

v0.25.2 (2019-09-30)

v0.25.1 (2019-09-11)

v0.25.0 (2019-09-11)

v0.24.2 (2019-09-05)

v0.24.1 (2019-09-04)

v0.24.0 (2019-07-10)

v0.23.6 (2019-07-09)

v0.23.5 (2019-06-12)

v0.23.4 (2019-05-21)

v0.23.3 (2019-05-10)

v0.23.2 (2019-05-10)

v0.23.1 (2019-05-09)

v0.23.0 (2019-05-09)

v0.22.0 (2019-04-26)

v0.21.0 (2019-03-24)

v0.20.0 (2019-03-15)

v0.19.1 (2019-02-06)

v0.19.0 (2019-02-06)

v0.18.0 (2019-01-22)

v0.17.0 (2019-01-22)

v0.16.1 (2018-11-30)

v0.16.0 (2018-11-30)

v0.15.0 (2018-10-31)

v0.14.4 (2018-10-16)

v0.14.3 (2018-09-28)

v0.14.2 (2018-09-28)

v0.14.1 (2018-09-26)