Releases · yahoojapan/athenz-authorizer

14 Nov 08:14

v5.5.0

8c1ba38

v5.5.0: [minor] add proxy-principals feature support (#97) Latest

Latest

new claim in access token

{
  "cnf": {
    "proxy-principals#spiffe": [
        "spiffe://domain/sa/service"
    ]
  }
}

Assets 2

14 Nov 08:11

WindzCUHK

v5.4.1

9d1e128

v5.4.1: [patch] add log on authZ error (#96)

* [patch] add log on authZ error

* update

* fix

* fix

Assets 2

28 Sep 07:00

WindzCUHK

v5.4.0

ee9293f

v5.4.0: [minor] add resource prefix option (#95)

new WithResourcePrefix() option

Assets 2

29 Jun 09:05

WindzCUHK

v5.3.3

ef7fd0b

v5.3.3: [patch] use atomic.LoadPointer (#94)

* use load pointer

* use load pointer in debug too

Assets 2

08 Mar 01:33

WindzCUHK

v5.3.2

84c679c

v5.3.2: [patch] mask token signature in debug log (#93)

update go.mod
mask token signature in debug log
mask token in cache key in debug log
debug log message
- tok => masked tok
- key => masked key

Assets 2

10 Feb 07:12

WindzCUHK

v5.3.1

8c218d1

v5.3.1: [patch] fix policy race condition on update (#92)

change cache field to pointer
use atomic.SwapPointer() for swapping
delegate cache cleanup to GC

Assets 2

26 Aug 02:01

WindzCUHK

v5.3.0

6f575fe

v5.3.0: [minor] Fixes for oath: Set the rfc=true for the curve values, and al…

…low priming the updaters so the keys are available immediately. (#88)

* Fixes for oath: Set the rfc=true for the curve values, and allow priming the updaters so the keys are available immediately.

* Also allow authorized roles to be reported.

* Delete extraneous type rule now that it's using switch.

* Don't upgrade jwk; only the use of the rfc=true is required; not the jwk upgrade.

* lower go again.

* Add a little more coverage.

* Normalize the mock with the func that returns authorizedRoles.

* Updated tests to use mock that sets the authorizedRoles and checks for it.

* Rollback the prime options - use Init instead.

* go mod tidy.

* Added an option for the rfc query parameter for jwkd

* Revert "Added an option for the rfc query parameter for jwkd"

This reverts commit 9ce34d4b0851859272273f632cc756cb44799b6d.

* small optimization - make the allowedRoles big enough to hold _all_ the roles as worst case so it doesn't reallocate on appending.

Assets 2

18 Aug 02:12

WindzCUHK

v5.2.2

17dacdf

v5.2.2: [patch] Upgrade go to 1.16 (#89)

* Upgrade go to 1.16

* go tidy

Assets 2

03 Aug 05:28

WindzCUHK

v5.2.1

d1054bb

v5.2.1: [patch] update go.mod (#86)

* Updated AthenZ/athenz version

* replace jwt library

* fix to v1.0.x version

* add replace

* update unit test timeout

* remove rename

Co-authored-by: Takayuki Ino <tino@yahoo-corp.jp>

Assets 2

17 Nov 02:32

kpango

v5.2.0

7cdd348

v5.2.0: [minor] Support role name in CN (#83)

* Extract role name in CN of RoleCert

* Removed TODO comment

* extract role name delimiter as const

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Releases: yahoojapan/athenz-authorizer

v5.5.0: [minor] add proxy-principals feature support (#97)

v5.4.1: [patch] add log on authZ error (#96)

v5.4.0: [minor] add resource prefix option (#95)

v5.3.3: [patch] use atomic.LoadPointer (#94)

v5.3.2: [patch] mask token signature in debug log (#93)

v5.3.1: [patch] fix policy race condition on update (#92)

v5.3.0: [minor] Fixes for oath: Set the rfc=true for the curve values, and al…

v5.2.2: [patch] Upgrade go to 1.16 (#89)

v5.2.1: [patch] update go.mod (#86)

v5.2.0: [minor] Support role name in CN (#83)