2023-01-13 07:50:11 +01:00
|
|
|
# Changelog
|
|
|
|
|
|
|
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
|
|
|
|
|
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
|
|
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
|
|
|
|
|
|
|
|
## Unreleased
|
|
|
|
|
|
2023-04-03 07:46:04 +02:00
|
|
|
## 0.9.0 (2023-04-14)
|
|
|
|
|
|
|
|
|
|
### Added
|
|
|
|
|
|
|
|
|
|
- Other sources for jwt token are configurable (#10)
|
|
|
|
|
- Cookie
|
|
|
|
|
- AuthorizationHeader (default)
|
|
|
|
|
- Raw PEM file content as an input for JwtAuthorizer (#15)
|
|
|
|
|
|
|
|
|
|
### Changed
|
|
|
|
|
|
|
|
|
|
- Remove 'static lifetime requirement (#8)
|
|
|
|
|
|
2023-03-16 07:14:50 +01:00
|
|
|
## 0.8.1 (2023-03-16)
|
2023-03-15 08:21:04 +01:00
|
|
|
|
|
|
|
|
No public API changes, no new features.
|
|
|
|
|
|
|
|
|
|
### Changed
|
|
|
|
|
|
|
|
|
|
- KeyStore, KeySource refactor for better performance and security
|
|
|
|
|
|
2023-03-16 07:14:50 +01:00
|
|
|
### Fixed
|
|
|
|
|
|
|
|
|
|
- Allow non root OIDC issuer (issue #1)
|
|
|
|
|
|
2023-02-27 08:46:15 +01:00
|
|
|
## 0.8.0 (2023-02-28)
|
|
|
|
|
|
|
|
|
|
### Added
|
|
|
|
|
|
|
|
|
|
- validation configuration (exp, nbf, aud, iss, disable_validation)
|
|
|
|
|
- more integration tests added
|
|
|
|
|
|
|
|
|
|
### Fixed
|
|
|
|
|
|
|
|
|
|
- `JwtAuthorizer.from_ec()`, `JwtAuthorizer.from_ed()` imported PEM as DER resulting in failed validations
|
|
|
|
|
|
2023-02-13 08:40:22 +01:00
|
|
|
## 0.7.0 (2023-02-14)
|
|
|
|
|
|
|
|
|
|
### Changed
|
|
|
|
|
|
2023-02-27 08:46:15 +01:00
|
|
|
- Refresh configuration - simplification, minimal_refresh_interval removed (replaced by refresh_interval in KeyNotFound refresh strategy)
|
2023-02-13 08:40:22 +01:00
|
|
|
|
2023-02-27 08:46:15 +01:00
|
|
|
### Added
|
2023-02-13 08:40:22 +01:00
|
|
|
|
|
|
|
|
- integration tests, unit tests
|
|
|
|
|
|
2023-02-01 22:10:18 +01:00
|
|
|
## 0.6.0 (2023-02-05)
|
|
|
|
|
|
|
|
|
|
### Added
|
|
|
|
|
|
|
|
|
|
- JwtAuthorizer::from_oidc(issuer_uri) - building from oidc discovery page
|
|
|
|
|
|
2023-02-13 08:40:22 +01:00
|
|
|
### Changed
|
2023-02-01 22:10:18 +01:00
|
|
|
|
|
|
|
|
- JwtAuthorizer::layer() becomes async
|
|
|
|
|
|
|
|
|
|
### Minor Changes
|
|
|
|
|
|
|
|
|
|
- demo-server refactoring
|
|
|
|
|
|
2023-01-27 21:17:44 +01:00
|
|
|
## 0.5.0 - (2023-1-28)
|
|
|
|
|
|
2023-01-23 23:36:29 +01:00
|
|
|
### Changed
|
|
|
|
|
|
|
|
|
|
- JwtAuthorizer creation simplified:
|
|
|
|
|
- JwtAuthorizer::from_* creates an instance, new() is not necessary anymore
|
2023-01-25 08:38:09 +01:00
|
|
|
- with_check() renamed to check()
|
|
|
|
|
|
|
|
|
|
### Added
|
|
|
|
|
|
|
|
|
|
- jwks store refresh configuration
|
2023-01-23 23:36:29 +01:00
|
|
|
|
2023-01-23 23:10:28 +01:00
|
|
|
### Fixed
|
|
|
|
|
|
|
|
|
|
- claims extractor (JwtClaims) without authorizer should not panic, should send a 500 error
|
|
|
|
|
|
2023-01-21 08:34:11 +01:00
|
|
|
## 0.4.0 - (2023-1-21)
|
|
|
|
|
|
|
|
|
|
### Added
|
|
|
|
|
|
|
|
|
|
- claims checker (stabilisation, tests, documentation)
|
|
|
|
|
|
|
|
|
|
### Fixed
|
|
|
|
|
|
|
|
|
|
- added missing WWW-Authenticate header to errors
|
|
|
|
|
|
|
|
|
|
## 0.3.2 - (2023-1-18)
|
2023-01-18 07:38:00 +01:00
|
|
|
|
|
|
|
|
### Fixed
|
|
|
|
|
|
|
|
|
|
- fix: when jwks store endpoint is unavailable response should be an error 500 (not 403)
|
|
|
|
|
|
2023-01-14 09:08:44 +01:00
|
|
|
## 0.3.1 - (2023-1-14)
|
|
|
|
|
|
|
|
|
|
### Fixed
|
|
|
|
|
|
|
|
|
|
- fix: panicking when a bearer token is missing in protected request (be6bf9fb)
|
|
|
|
|
|
2023-01-13 07:50:11 +01:00
|
|
|
## 0.3.0 - (2023-1-13)
|
|
|
|
|
|
2023-02-01 22:10:18 +01:00
|
|
|
### Added
|
2023-01-13 07:50:11 +01:00
|
|
|
|
2023-02-01 22:10:18 +01:00
|
|
|
- building the authorizer layer from rsa, ec, ed PEM files and from secret phrase (9bd99b2a)
|
2023-01-13 07:50:11 +01:00
|
|
|
|
|
|
|
|
## 0.2.0 - (2023-1-10)
|
|
|
|
|
|
2023-02-01 22:10:18 +01:00
|
|
|
Initial release
|
