2.1.33 (2024-03-31)
Merged pull requests:
2.1.32 (2024-02-27)
Merged pull requests:
- fixes #354 update UnifiedSecurityConfig to support JSON string pathPr… #355 (stevehu)
- [pre-commit.ci] pre-commit autoupdate #353 (pre-commit-ci)
- fixes #351 add pre-commit hook and apply it #352 (stevehu)
- fixes #349 UnifiedSecurityHandler should check each handler isEnabled… #350 (stevehu)
- fixes #347 Use NoneDecryptedInstance to load the config for registerM… #348 (stevehu)
- fixes #345 openapi-validator.skipBodyValidation not working as expected #346 (stevehu)
2.1.31 (2024-01-16)
Merged pull requests:
- fixes #343 Fix all test cases with another server2 for the Jwks #344 (stevehu)
- fixes #341 disable two more test cases as they are not stable #342 (stevehu)
- fixes #339 update test cases to use jwk endpoint instead of 509 certf… #340 (stevehu)
- fixes #337 split ValidatorConfig into another module #338 (stevehu)
- fixes #334 update config class to support conversion from string to i… #335 (stevehu)
2.1.30 (2023-11-21)
Merged pull requests:
2.1.29 (2023-11-19)
Merged pull requests:
- fixes #332 Ignore the SwtVerifyHandlerTest as it is frozen sometimes #333 (stevehu)
- fixes #330 refactor module registry to add config name #331 (stevehu)
- fixes #328 sync the openapi-security.yml with the security.yml in lig… #329 (stevehu)
- fixes #325 add values.yml for service.yml and cache.yml for the jwk a… #326 (stevehu)
- fixes #323 Add info log and trace log in the OpenApiHandler contructor #324 (stevehu)
2.1.28 (2023-10-24)
Merged pull requests:
- fixes #321 move the ContentType from http-string to common #322 (stevehu)
- fixes #319 environment variables cannot overwrite config values if it… #320 (stevehu)
2.1.27 (2023-10-04)
Merged pull requests:
- fixes #317 disable HTTP/2 for SwtVerifyHandlerTest as the test server… #318 (stevehu)
- fixes #315 replacd deprecated getRequestCcookies to requestCookies #316 (stevehu)
2.1.26 (2023-08-17)
Merged pull requests:
2.1.25 (2023-08-08)
Merged pull requests:
2.1.24 (2023-08-07)
Merged pull requests:
- fixes #313 add a new test case for SwtVerifyHandler to pass the clien… #314 (stevehu)
- fixes #311 swt introspection to use request headers for clientId andd… #312 (stevehu)
2.1.23 (2023-07-11)
Merged pull requests:
2.1.22 (2023-06-22)
Merged pull requests:
2.1.21 (2023-06-22)
Merged pull requests:
2.1.20 (2023-06-17)
Merged pull requests:
2.1.19 (2023-06-05)
Merged pull requests:
2.1.18 (2023-05-06)
Merged pull requests:
2.1.17 (2023-05-05)
Merged pull requests:
2.1.16 (2023-04-28)
Merged pull requests:
2.1.15 (2023-04-19)
Merged pull requests:
2.1.14 (2023-04-19)
Merged pull requests:
2.1.13 (2023-04-19)
Merged pull requests:
2.1.12 (2023-04-14)
Merged pull requests:
- fixes #300 return immediately after the missing token with WWW-Authen… #301 (stevehu)
- added open api inject to include replay end point #299 (Debashisa)
2.1.11 (2023-04-10)
Merged pull requests:
2.1.10 (2023-04-06)
Merged pull requests:
2.1.9 (2023-03-30)
Merged pull requests:
- fixes #295 update test config secret with AutoAESSaltDecryptor version #296 (stevehu)
- fixes #293 update JwtVerifyHandler and SwtVerifyHandler to populate i… #294 (stevehu)
- fixes #291 update the openapi-inject to ensure it is valid from swagg… #292 (stevehu)
- fixes #289 update unified security to support both jwt and swt for be… #290 (stevehu)
2.1.8 (2023-03-06)
Merged pull requests:
- fixes #287 update the security.yml to add passThroughClaims #288 (stevehu)
- fixes #285 make enableVerifySwt to false by default in openapi-securi… #286 (stevehu)
- fixes #283 add SwtVerifyHandler and test case to support token info i… #284 (stevehu)
2.1.7 (2023-02-14)
Merged pull requests:
2.1.6 (2023-02-06)
Merged pull requests:
- fixes #278 overwrite the basePath from handler.yml if it is not null #280 (stevehu)
- basePath property fix #279 (KalevGonvick)
- fixes #276 remove unused debug statement in UnifiedSecurityHandler #277 (stevehu)
- fixes #274 update unified security handler to handle the basic and ap… #275 (stevehu)
2.1.5 (2023-01-04)
Merged pull requests:
- fixes #272 Return an error message if the authorization header is an … #273 (stevehu)
- fixes #270 update the UnifiedSecurityHandler to register with the rig… #271 (stevehu)
- fixes #268 Add a UnifiedSecurityHandler for light-gateway #269 (stevehu)
- fixes #266 add skipVerifyScopeWithoutSpec flag to openapi-security.yml #267 (stevehu)
- fixes #264 add ignoreInvalidPath flag to OpenApiHandler config #265 (stevehu)
- fixes #262 update openapi-security.yml to add jwtCacheFullSize #263 (stevehu)
- fixes #260 update the openapi-inject.yml to have the placeholder serv… #261 (stevehu)
- Fixed casing issue + added some response /request flushing on error #259 (KalevGonvick)
2.1.4 (2022-11-30)
Merged pull requests:
- fixes #256 NPE when scope token is an empty string in JwtVerifyHandler #257 (stevehu)
- fixes #254 update the starts and ends to debug level #255 (stevehu)
- fixes #252 add debug for begin and end of middleware handler for perf… #253 (stevehu)
- Issue250 #251 (stevehu)
- fixes #248 update JwtVerifyHandler to support config reload #249 (stevehu)
- fixes #246 change OpenApiHandler to make the OpenApiHandlerConfig static #247 (stevehu)
- fixes #244 update access-control to refactor the config class and add… #245 (stevehu)
2.1.3 (2022-11-10)
Merged pull requests:
2.1.2 (2022-10-22)
Merged pull requests:
- fixes #238 skip the security for request path in skipPathPrefixes in … #239 (stevehu)
- fixes #236 update the openapi-inject.yml to add adm prefix for admin … #237 (stevehu)
- Fix to /logger POST requestBody schema #235 (DiogoFKT)
- Issue231 #232 (stevehu)
- Added h2c check #234 (KalevGonvick)
- fixes #229 remove one trace statement to resolve the exception #230 (stevehu)
- fixes #225 pass in request path to verifyJwt to support mulitple OAut… #226 (stevehu)
- fixes #223 add a debug statement to the JWT verification handler to o… #224 (stevehu)
- fixes #221 update the JwtVerifierHandler to add more logging statements #222 (stevehu)
- fixes #219 update openapi-security.yml to use JsonWebKeySet for keyRe… #220 (stevehu)
- fixes #217 add providerId to the security.yml for oauth key service #218 (stevehu)
- fixes #215 update default openapi-validator.yml with openapi-validato… #216 (stevehu)
- fixes #213 update the JwtVerifierHandler to use SecurityConfig #214 (stevehu)
- fixes #211 allow basic authentication header or others to be wrapped … #212 (stevehu)
- fixes #209 add default dummy openapi.yml to ensure that inject works … #210 (stevehu)
- fixes #207 add a default openapi-inject for portal integration in ope… #208 (stevehu)
- fixes #205 update specui and add favicon handler to enhance the swagg… #206 (stevehu)
2.1.1 (2022-04-26)
Merged pull requests:
- fixes #202 Update access control handler to return error if rule load… #203 (stevehu)
- Issue1143 #201 (GavinChenYan)
- fixes #199 add a new flag defaultDeny for acces-control.yml to define… #200 (stevehu)
- fixes #197 update the access-control to get service rule for fine-gra… #198 (stevehu)
2.1.0 (2022-02-27)
Merged pull requests:
- fixes #193 move the openapi-helper to the openapi-parser project for … #194 (stevehu)
- fixes #191 Add method and path to the STATUS_METHOD_NOT_ALLOWED #192 (stevehu)
- fixes #189 update the openapi-security.yml in the test resource as a … #190 (stevehu)
- fixes #187 Add rest access-control module for fine-grained authorizat… #188 (stevehu)
- fixes #185 patternize specification.yml and openapi-validator.yml #186 (stevehu)
2.0.32 (2021-10-19)
Merged pull requests:
2.0.31 (2021-09-22)
Merged pull requests:
2.0.30 (2021-08-23)
Merged pull requests:
2.0.29 (2021-07-25)
Merged pull requests:
2.0.28 (2021-06-27)
Merged pull requests:
2.0.27 (2021-05-25)
Merged pull requests:
2.0.26 (2021-04-27)
Merged pull requests:
- issue #178 fixed tests due to handerl.yml is missing in the tests #180 (BalloonWen)
- feat #178 #179 (BalloonWen)
2.0.25 (2021-03-28)
Merged pull requests:
2.0.24 (2021-02-24)
Merged pull requests:
- Bump version.jackson from 2.10.4 to 2.12.1 #175 (dependabot)
- issue #173 move JwtVerifier from static block to constructor #174 (BalloonWen)
- fixes #171 update the JwtVerifierHandler to make sure the module regi… #172 (stevehu)
- inject additional spec to origin spec at the start up #170 (BalloonWen)
2.0.23 (2021-01-29)
Merged pull requests:
- fixes #167 remove the primary and secondary keystore for jwt #168 (stevehu)
- issue #163 remove duplicate logging for status #164 (BalloonWen)
2.0.22 (2020-12-22)
Merged pull requests:
- Fix/#160 audit #161 (BalloonWen)
- fixes #158 make OpenApiHelper a singleton with an init method and loa… #159 (stevehu)
- issue-#156 #157 (BalloonWen)
- fixes #154 splite openapi-meta to move specification parser to openap… #155 (stevehu)
- issue-#152 #153 (BalloonWen)
2.0.21 (2020-11-25)
Merged pull requests:
2.0.20 (2020-11-05)
Merged pull requests:
- fixes #148 update the JwtVerifierHandler to use SCOPE_STRING and SCP_… #149 (stevehu)
- fixes #146 resolved a typo in the merged PR for the scp claim #147 (stevehu)
- Adding support for scp claim in addition to scope claim for scopes #145 (jaswalkiranavtar)
2.0.19 (2020-11-01)
Merged pull requests:
- fixes #142 get callerId from the header and put it into the auditInfo… #143 (stevehu)
- Bump junit from 4.12 to 4.13.1 #141 (dependabot)
2.0.18 (2020-10-01)
Merged pull requests:
2.0.17 (2020-08-28)
Merged pull requests:
2.0.16 (2020-08-01)
Merged pull requests:
- fixes #139 remove the un-used AuditHandler import from JwtVerifyHandler #140 (stevehu)
- fixes #95 mark swagger 2.0 handlers deprecated in 1.6.x and remove in… #138 (stevehu)
- fixes #136 Scope verification doesnot work with two or more securityS… #137 (stevehu)
2.0.15 (2020-07-01)
Merged pull requests:
2.0.14 (2020-05-29)
Merged pull requests:
- fixes #131 disable an openapi-validator test case while upgrade to un… #133 (stevehu)
- fixes #129 disable a test case as undertow 2.0.30 breaks it #130 (stevehu)
- fixes #127 add keyResolver to openapi-security in test resource with … #128 (stevehu)
2.0.13 (2020-05-01)
Merged pull requests:
2.0.12 (2020-03-31)
Merged pull requests:
2.0.11 (2020-02-29)
Merged pull requests:
- Issue/api 314: property name not displayed in error message #124 (santoshaherkar)
- Case insensitive lookup for deserialization type for header parameters #123 (miklish)
2.0.10 (2020-01-31)
Merged pull requests:
2.0.9 (2019-12-30)
Merged pull requests:
2.0.8 (2019-11-27)
Merged pull requests:
- fixes #117 #118 (chenyan71)
- fixes #115 update schemaValidator with a default SchemaValidatorConfig #116 (stevehu)
2.0.7 (2019-10-26)
Merged pull requests:
2.0.6 (2019-09-13)
Merged pull requests:
- Fixes #113 - Support parameterization of handling nullable fields #114 (ddobrin)
- fixes #111 Exit the application if swagger.json is not loaded success… #112 (stevehu)
- fixes #109 output clear error message when swagger 2.0 specification … #110 (stevehu)
2.0.5 (2019-08-30)
Merged pull requests:
2.0.4 (2019-08-16)
Merged pull requests:
- fixes #101 upgrade jackson-databind to 2.9.9.3 #102 (stevehu)
- fix cookie tests - #97 #100 (dz-1)
- fixes #97 comment out the cookie array value test cases #98 (stevehu)
2.0.3 (2019-07-31)
Merged pull requests:
2.0.2 (2019-07-10)
Merged pull requests:
2.0.1 (2019-06-13)
Merged pull requests:
- Add deserialization and validation of parameters - #67 #88 (dz-1)
- fixes #92 add both release and snapshot repositories #93 (stevehu)
- Fix/#145 query parameter #91 (jiachen1120)
- Feat/response validation in ValidatorHandler #90 (BalloonWen)
- fixes #86 A java doc issue in the ResponseValidator #87 (stevehu)
- fixes #84 change light-4j modules version to version.light-4j #85 (stevehu)
- Pass response validation when no necessary to valid #77 (jiachen1120)
- Issue81 #82 (stevehu)
- fixes #79 add NOTICE for license and copyright of dependencies #80 (stevehu)
1.5.32 (2019-03-19)
Closed issues:
- skip body validation if body parser is not wired in the request chain #74
Merged pull requests:
1.5.31 (2019-02-21)
1.5.30 (2019-02-21)
Implemented enhancements:
- Validate a REST API response against the Swagger/OpenAPI spec #27
Closed issues:
- openapi helper throws an exception when servers not defined #62
1.5.29 (2019-02-16)
Closed issues:
- JwtVerifyHandler needs to handle properly the value returned by the Config module #70
Merged pull requests:
- Including some dependencies that are failing the build when executed in a build server #73 (NicholasAzar)
- fixes the wrong test as the header maximum validation is working #72 (stevehu)
- JwtVerifyHandler fix - fixes #70 #71 (ddobrin)
- added Response Validator to validate response content #69 (BalloonWen)
- Fixed validation of path parameters and query parameters #68 (jiachen1120)
1.5.28 (2019-01-13)
1.5.27 (2019-01-12)
2.0.0-BETA2 (2018-12-30)
1.5.25 (2018-12-24)
1.5.24 (2018-12-15)
Fixed bugs:
- OpenAPI validation does not fail when incorrect types are passed in the Request Body #64
Merged pull requests:
- made changes based on comments of #65 #66 (BalloonWen)
- Fixed #64 #65 (BalloonWen)
1.5.23 (2018-12-01)
Merged pull requests:
1.5.22 (2018-11-10)
Closed issues:
- Configured class: com.foo.reportListener.handler.SpecYamlGetHandler has not been found #61
1.5.21 (2018-10-26)
Implemented enhancements:
- add an endpoint to serve swagger-ui for manual testing #30
1.5.20 (2018-10-05)
Closed issues:
- Handler needs to properly escape characters in the Status description #60
- update default validator.yml and security.yml to framework specific #59
- schema validation does not work for boolean query parameter #57
1.5.19 (2018-09-22)
Closed issues:
- openapi-validator doesnot validate enum values from the specification #56
- upgrade to the new open-parser api for openapi-validator #54
- switch to http-string module for HttpString headers constants #53
- Error parsing openapi spec when objects depend on eachother #52
- support YAML format for the specification in OpenAPI framework #51
Merged pull requests:
1.5.18 (2018-08-16)
Closed issues:
- Fix issue causing null pointer exception when required field missing from requestBody #48
- flatten the config files into the same directory for k8s #47
- support specific swagger or openapi security and validator configuration #45
- upgrade to undertow 2.0.11.Final #44
Merged pull requests:
- Fixing issue causing required field to be required in requestBody #49 (NicholasAzar)
- fixes #45 support specific swagger or openapi security and validator … #46 (stevehu)
1.5.17 (2018-07-15)
1.5.16 (2018-06-19)
1.5.15 (2018-06-18)
Closed issues:
- remove basic security for this release as it has some issues with Maven Central #43
- switch to default setExchangeStatus method for errors #42
- add basic security module for basic authentication #41
- remove version for jose4j in sub modules #40
1.5.14 (2018-05-19)
Closed issues:
- update VerifyJwt signature and security.yml #39
- populate subject claims and access claims in openapi security #38
- Log the validation error in logs In error Level #37
1.5.13 (2018-04-20)
Fixed bugs:
- openapi schema validator resolves references incorrectly #36
1.5.12 (2018-04-08)
Closed issues:
- remove consul and zookeeper dependencies #35
- upgrade jackson to 2.9.5 and swagger-parser to 1.0.34 #34
1.5.11 (2018-03-31)
Implemented enhancements:
- support parameters validation in path item object #33
Closed issues:
- remove docs folder as all documents moved to light-doc #32
1.5.10 (2018-03-02)
Closed issues:
- add subject_claims and access_claims in auditInfo attachment #31
1.5.9 (2018-02-21)
Closed issues:
1.5.8 (2018-02-03)
1.5.7 (2018-01-09)
1.5.6 (2017-12-28)
Closed issues:
1.5.4 (2017-11-21)
Closed issues:
- Switch OpenAPI 3.0 specification file from yaml to json for framework input #24
- Support OpenAPI 3.0 specification format #23
1.5.1 (2017-11-09)
Closed issues:
- com.fizzed.rocker.runtime.RockerRuntime - Rocker template reloading not activated #22
Merged pull requests:
- Fix for case when swagger.getBasePath is "/" #21 (chaudhryfaisal)
1.5.0 (2017-10-21)
Closed issues:
- Upgrade dependencies and add maven-version #20
1.4.6 (2017-09-22)
Closed issues:
- Make swagger-validator aware of body parser enabled or not #19
1.4.5 (2017-09-22)
1.4.4 (2017-09-21)
Closed issues:
- The swagger-validator has hard dependency on BodyHandler to parse the body to object into attachement #18
1.4.3 (2017-09-10)
1.4.2 (2017-08-31)
1.4.1 (2017-08-30)
Closed issues:
- Upgrade Undertow and Jackson to the newer version #17
1.4.0 (2017-08-22)
Closed issues:
- Switch from Client to Http2Client in test cases and remove dependency for apache httpclient #16
- Merge petstore example from light-4j to light-rest-4j document site #15
- Upgrade to Undertow 1.4.18.Final and remove dependency on JsonPath #14
- Fix HTTP 404 on documentation #13
1.3.5 (2017-08-01)
1.3.4 (2017-07-08)
Closed issues:
- Log error in JwtVerifyHandler if error response goes back to consumer. #12
1.3.3 (2017-06-14)
Fixed bugs:
- client_id and user_id are not populated when auditInfo is not null #11
1.3.2 (2017-06-14)
Closed issues:
- Upgrade json-schema-validator to 0.1.7 #10
- Remove response validator and description in validator.yml and ValidatorConfig object #9
- Populate auditInfo map object in exchange from swagger-meta and swagger-security for metrics #8
1.3.1 (2017-06-03)
Closed issues:
- Add comments and update docs #7
1.3.0 (2017-05-06)
Closed issues:
- Change project name to light-rest-4j from light-java-rest as java is a trademark of Oracle #6
1.2.8 (2017-05-02)
Closed issues:
- Bump up scope mismatch log from debug to warn as it is security violation #5
- Upgrade dependencies to the latest version #4
1.2.7 (2017-03-28)
Closed issues:
- Upgrade undertow to 1.4.11.Final #3
1.2.6 (2017-03-18)
Implemented enhancements:
- Token scope and spec scope mismatch error is not clear in logs #2
1.2.5 (2017-03-04)
1.2.4 (2017-02-20)
1.2.3 (2017-02-09)
1.2.2 (2017-02-04)
1.2.1 (2017-01-25)
1.2.0 (2017-01-22)
Closed issues:
- Move swagger, security and validator handlers from light-java #1
* This Change Log was automatically generated by github_changelog_generator