Table of Contents generated with DocToc
- Change Log
- Unreleased
- v1.0.0-beta.7 (2018-07-16)
- v1.0.0-beta.6 (2018-07-11)
- v1.0.0-beta.5 (2018-07-07)
- v0.11.14 (2018-06-15)
- v1.0.0-beta.4 (2018-06-13)
- v1.0.0-beta.3 (2018-06-13)
- v1.0.0-beta.2 (2018-05-29)
- v1.0.0-beta.1 (2018-05-29)
- v0.11.12 (2018-04-08)
- v0.11.10 (2018-03-19)
- v0.11.9 (2018-03-10)
- v0.11.7 (2018-03-03)
- v0.11.6 (2018-02-07)
- v0.11.4 (2018-01-23)
- v0.11.3 (2018-01-23)
- v0.11.2 (2018-01-22)
- v0.11.1 (2018-01-18)
- v0.11.0 (2018-01-08)
- v0.10.10 (2017-12-16)
- v0.10.9 (2017-12-13)
- v0.10.8 (2017-12-12)
- v0.10.7 (2017-12-09)
- v0.10.6 (2017-12-09)
- v0.10.5 (2017-12-09)
- v0.10.4 (2017-12-09)
- v0.10.3 (2017-12-08)
- v0.10.2 (2017-12-08)
- v0.10.1 (2017-12-08)
- v0.10.0 (2017-12-08)
- v0.10.0-alpha.21 (2017-11-27)
- v0.10.0-alpha.20 (2017-11-26)
- v0.10.0-alpha.19 (2017-11-26)
- v0.10.0-alpha.18 (2017-11-06)
- v0.10.0-alpha.17 (2017-11-06)
- v0.10.0-alpha.16 (2017-11-06)
- v0.10.0-alpha.15 (2017-11-06)
- v0.10.0-alpha.14 (2017-11-06)
- v0.10.0-alpha.13 (2017-11-06)
- v0.10.0-alpha.11 (2017-11-06)
- v0.10.0-alpha.12 (2017-11-06)
- v0.10.0-alpha.10 (2017-10-26)
- v0.10.0-alpha.9 (2017-10-25)
- v0.9.16 (2017-10-23)
- v0.10.0-alpha.8 (2017-10-18)
- v0.9.15 (2017-10-11)
- v0.9.14 (2017-10-06)
- v0.10.0-alpha.7 (2017-10-06)
- v0.10.0-alpha.6 (2017-10-05)
- v0.10.0-alpha.5 (2017-10-05)
- v0.10.0-alpha.4 (2017-10-05)
- v0.10.0-alpha.3 (2017-10-05)
- v0.10.0-alpha.2 (2017-10-05)
- v0.10.0-alpha.1 (2017-10-05)
- v0.9.13 (2017-09-26)
- v0.9.12 (2017-07-06)
- v0.9.11 (2017-06-30)
- v0.9.10 (2017-06-29)
- v0.9.9 (2017-06-17)
- v0.9.8 (2017-06-17)
- v0.9.7 (2017-06-16)
- v0.9.6 (2017-06-15)
- v0.9.5 (2017-06-15)
- v0.9.4 (2017-06-14)
- v0.9.3 (2017-06-14)
- v0.9.2 (2017-06-13)
- v0.9.1 (2017-06-12)
- v0.9.0 (2017-06-07)
- v0.8.7 (2017-06-05)
- v0.8.6 (2017-06-05)
- v0.8.5 (2017-06-01)
- v0.8.4 (2017-05-24)
- v0.8.3 (2017-05-23)
- v0.8.2 (2017-05-10)
- v0.8.1 (2017-05-08)
- v0.8.0 (2017-05-07)
- v0.7.13 (2017-05-03)
- v0.7.12 (2017-04-30)
- v0.7.11 (2017-04-28)
- v0.7.10 (2017-04-14)
- v0.7.9 (2017-04-02)
- v0.7.8 (2017-03-24)
- v0.7.7 (2017-02-11)
- v0.7.4 (2017-02-11)
- v0.7.5 (2017-02-11)
- v0.7.6 (2017-02-11)
- v0.7.3 (2017-01-22)
- v0.7.2 (2017-01-02)
- v0.7.1 (2016-12-30)
- v0.7.0 (2016-12-30)
- v0.6.10 (2016-12-26)
- v0.6.9 (2016-12-20)
- v0.6.8 (2016-12-06)
- v0.6.7 (2016-12-04)
- v0.6.6 (2016-12-04)
- v0.6.5 (2016-11-28)
- v0.6.4 (2016-11-22)
- v0.6.3 (2016-11-17)
- v0.6.2 (2016-11-05)
- v0.6.1 (2016-10-26)
- v0.6.0 (2016-10-25)
- v0.5.8 (2016-10-06)
- v0.5.7 (2016-10-04)
- v0.5.6 (2016-10-03)
- v0.5.5 (2016-09-29)
- v0.5.4 (2016-09-29)
- v0.5.3 (2016-09-29)
- v0.5.2 (2016-09-23)
- v0.5.0 (2016-09-22)
- v0.5.1 (2016-09-22)
- v0.4.2-alpha.4 (2016-09-03)
- v0.4.2 (2016-09-03)
- v0.4.3 (2016-09-03)
- v0.4.2-alpha.3 (2016-09-02)
- v0.4.2-alpha.2 (2016-09-01)
- v0.4.2-alpha.1 (2016-09-01)
- 0.4.2-alpha (2016-09-01)
- v0.4.1 (2016-08-18)
- v0.4.0 (2016-08-17)
- v0.3.1 (2016-08-17)
- v0.3.0 (2016-08-09)
- v0.2.0 (2016-08-09)
- 0.1-beta.4 (2016-06-26)
- 0.1-beta.3 (2016-06-20)
- 0.1-beta.2 (2016-06-14)
- 0.1-beta1 (2016-05-29)
Closed issues:
- [HTTP API] get /version returns empty #934
v1.0.0-beta.7 (2018-07-16)
Implemented enhancements:
- Panic when calling oauth2/auth/sessions/consent/{user} or oauth2/auth/sessions/consent/{user}/{client} #928
- client: Improve handling of legacy
idfield #927 (arekkas)
Fixed bugs:
- Panic when calling oauth2/auth/sessions/consent/{user} or oauth2/auth/sessions/consent/{user}/{client} #928
- jwk: Auto-remove old keys when upgrading from < beta.7 #925 (arekkas)
Closed issues:
- migration 0.11.10 > 1.0 : did you forget to run hydra migrate sql" or forget to set the SYSTEM_SECRET #926
- ClientID property is ignored when creating a new OAuth2 Client #924
- The CSRF value from the token does not match the CSRF value from the data store #923
- Which version is stable? #922
- JSON Web Key Store default keys broken after upgrading to beta.6 #921
Merged pull requests:
- Document that ORY Hydra is OpenID Certified #933 (arekkas)
- cmd: Show error when loading x509 cert fails #932 (arekkas)
- Allow cookie without max age #930 (BastianHofmann)
- cmd: Check dependencies are defined before instantiation #929 (arekkas)
- README: fix docker linux link #920 (philips)
v1.0.0-beta.6 (2018-07-11)
Implemented enhancements:
- consent: Add endpoint to revoke authentication and consent sessions #856
- jwk: improve JWK tests #588
- cli/clients: allow to import multiple clients with one file #388
- oauth2: allow token revocation without knowing the token (i.e. per user) #304
- cmd: CLI should be able to import PEM keys to JWK store #98
Fixed bugs:
- migration 0.9.x -> 1.0: sector_identifier_uri contains null values #918
Closed issues:
- Hydra version 0.11.13-alpine break cli #917
- health: Check if and why the health endpoint returns a HTTPS response #879
- docs: disallow secrets from docs/tutorials in production mode #573
Merged pull requests:
- client: Fix sql migration step for oidc #919 (arekkas)
- cmd: Allows import of PEM/DER/JSON encoded keys #916 (arekkas)
v1.0.0-beta.5 (2018-07-07)
Implemented enhancements:
- client: Improve and DRY validation in handler #909
- cmd/server: Die when system secret is in wrong format #817
- OpenID Connect Certification #689
Fixed bugs:
- Public and private key pair fetched from store does not match #912
- 500 error returned on GET /clients/{id} when client doesn't exist #903
- metrics: Properly handle metrics log messages #833
Closed issues:
- go get return error #913
- Can't create clients using the CLI #911
- is hydra can build on window ? #910
- Let's improve the docs! #385
- Add benchmarks to documentation #161
Merged pull requests:
- consent: Adds ability to revoke consent and login sessions #915 (arekkas)
- jwk: Tests for simple equality in JWT strategy #914 (arekkas)
- Adds OpenID Connect Dynamic Client Registration #908 (arekkas)
- docs: Adds link to examples repository #907 (arekkas)
- docs: Removes obsolete issue template #906 (arekkas)
v0.11.14 (2018-06-15)
Fixed bugs:
- Missing commits between v0.11.10 and v0.11.12 #894
v1.0.0-beta.4 (2018-06-13)
v1.0.0-beta.3 (2018-06-13)
Implemented enhancements:
Fixed bugs:
Closed issues:
- cmd: Add flag to allow reading database url in migration command from env #896
Merged pull requests:
- ci: Stops benchmark result commit & pushes #905 (arekkas)
- docs: Adds CI benchmarks #897 (arekkas)
- all: Moves to metrics-middleware #895 (arekkas)
v1.0.0-beta.2 (2018-05-29)
Closed issues:
- 1.0.0-alpha.1 Release Notes #885
Merged pull requests:
v1.0.0-beta.1 (2018-05-29)
Implemented enhancements:
- oauth2: Revoke tokens when performing refreshing grant #889
- docs: Explicitly document in upgrade guide that hydra is no longer protected by default #888
- Extend status page to check dependencies. #887
- oauth2: Revoke previous and future access tokens when revoking a token #884
- consent: Investigate if prompt=none should be allowed with implicit flows #866
- consent: Implement login_hint capabilities #860
- consent: Always remove session if rememberLogin=false #859
- consent: Resolve broken time out #852
- oauth2: Support max_age #851
- consent: Include id_token_hint in oidc context #850
- health: Document prometheus endpoint #844
- config: Deprecate
ClusterURL,ClientID,ClientSecret#841 - oauth2: Return token type on token introspection #831
- oauth2: Support id_token_hint at authorization endpoint #826
- consent app: Restart consent flow #809
- oauth2: Allow multiple audience claims on ID token #790
- client: Add field
client\_secret\_expires\_atto create #778 - all: All JSON output/input should be using
\_instead of camelCase #777 - oauth2: Reject authorization requests for invalid scopes before redirecting to consent endpoint #776
- oauth2: Improving the consent flow design #772
- oauth2: Expire consent request on successful consent interaction #771
- health: Add ability to retrieve version (protected endpoint) #743
- Deprecate
hydra policies create -f#708 - Disallow unknown JSON fields #707
- oauth2: Remember authentication and application authorization #697
- oauth2: Revoke access and refresh tokens when authorization code is used twice #693
- oauth2: Require consent for OAuth 2.0 public clients #692
- oauth2: Reintroduce audience claim #687
- policy: evaluate wildcard matching strategy #580
- installer: homebrew recipe for macOS users #572
- Warden group metadata #387
- policy: search policies by subject and resource #362
- warden: check against multiple policies #264
- core: add warden context everywhere #238
- better and more e2e tests #192
- Health and test improvements #891 (arekkas)
- Resolves various issues related to OAuth2 #890 (arekkas)
- Improve oidc conformity #876 (arekkas)
- Improves compatibility with OIDC Conformity Tests #873 (arekkas)
- sdk: Remove the need for OAuth2 credentials #869 (arekkas)
- Minor improvements #868 (arekkas)
- consent: Always bust auth session if remember is false #864 (arekkas)
- oauth2: Returns token type on introspection #832 (arekkas)
Fixed bugs:
- Incorrect CORS-related env vars parsing #886
- consent: Remove the client secret from consent/login response #878
- oauth2: ID Token must be returned in both authorize and token response in hybrid flows with response type
code#875 - consent: On first prompt=none after authentication, times mismatch #874
- oauth2: Reject requests without nonce unless using the code flow #867
- oauth2: max_age fails if max_age=1 #862
- oauth2: Figure out why MySQL tests are flaky on CI #861
- oauth2: Resolve broken prompt parameter #843
- oauth2: Duplicate requests to /oauth2/token cause 500 #828
- consent app: Restart consent flow #809
- Hydra connect fails when the client secret contains "%" #631
- Health and test improvements #891 (arekkas)
- Resolves various issues related to OAuth2 #890 (arekkas)
- Improves OpenID Connect Conformity #882 (arekkas)
- Improve oidc conformity #876 (arekkas)
- cmd: Adds jwt strategy and fixes nil pointer exception #865 (arekkas)
Closed issues:
- consent: Authentication session cookie invalidation scenarios #855
- consent: Investigate if failure during consent should cause session to be revoked #854
- Please support Type Definition (d.ts) for typescript. #848
- security: add HttpOnly cookie flag #847
- cmd: Deprecate
hydra connectand replace with per-command flags and environment variables #840 - REST API /clients limit & offset bug #838
- Allow configuring consent URL per client #837
- Duplicate client creation results in 500 #835
- Error 1406: Data too long for column 'subject' at row 1 #829
- Does warden groups work with internal Hydra APIs? #823
- Hydra sdk error hydra.introspectOauth2Token is not a function #822
- Improve the lint percentage #818
- docs: Refactor examples / tutorials #810
- Moving the access control engine to Oathkeeper #807
- Can you build an identity provider with hydra or not? #789
- docker: Add image capable of loading policies/clients/jwks from an init.d directory #760
- Add PUT method for /warden/groups/:id #745
- Document that the install guide is different from the 5 minute guide #718
- Prometheus metrics #669
- docs: Port numbers from docker compose and the lengthy tutorial do not match #653
- docs: add subject + id mocks in the policy section of the swagger specs for each endpoint #614
- docs: /warden/allowed do not fully specify security parameters #565
- docs: explain oauth2 better #356
- docs: have a "running hydra in production" section #354
- docs: clarify that the consent app is responsible for implementing full OIDC #353
- docs: add auth0 seminar to docs #347
- docs: add bug bounty section to readme #84
- docs: add passport.js real-world example #83
Merged pull requests:
- vendor: Upgrades fosite dependency #892 (arekkas)
- Minor consent improvements #881 (arekkas)
- oauth2: Ignores JTI in userinfo #877 (arekkas)
- oauth2: Rejects requests without nonce in implicit/hybrid #872 (arekkas)
- Improves health endpoints and cleans up code #871 (arekkas)
- Client secret expires #870 (zepatrik)
- Fix mysql timing bug #863 (arekkas)
- consent: Removes stray fmt.Print #858 (arekkas)
- Improves consent flow #857 (arekkas)
- Resolves issues with auth_time #853 (arekkas)
- add /health/version endpoint #845 (zepatrik)
- Deprecate connect #842 (arekkas)
- Move policy merged #830 (arekkas)
- [Prometheus] Add new prometheus metrics and metrics endpoint #827 (dolbik)
- 1.0.x #825 (arekkas)
- Merge from 0.11.x #824 (arekkas)
v0.11.12 (2018-04-08)
Fixed bugs:
- sdk: PHP sdk missing from releases #781
Closed issues:
Merged pull requests:
- Resolves dep and tests issues #821 (arekkas)
- oauth2: Resolves client secrets from potentially leaking to the database in cleartext #820 (arekkas)
- Activating Open Collective #805 (monkeywithacupcake)
- metrics: Improves naming of traits #804 (arekkas)
- 0.11 #796 (arekkas)
v0.11.10 (2018-03-19)
Closed issues:
- docs: Link to php sdk README is wrong #811
Merged pull requests:
- Minor code cleanup #815 (euank)
- docs: Resolves broken swagger definitions #812 (arekkas)
- docs: Updates banner in readme #808 (arekkas)
- Update links to discord and readme #806 (arekkas)
v0.11.9 (2018-03-10)
Implemented enhancements:
- telemetry: Add version and build info as custom dimensions #802
- docs: Adds redirects for broken guide links #798 (arekkas)
Fixed bugs:
- id_token not returned after request at the /oauth2/token endpoint using the refresh_token #794
- docker: Build time always return time.Now() #792
- cmd: Resolves an issue with broken build time display #799 (arekkas)
- cmd: Adds OpenID Connect refresh handler #797 (arekkas)
Closed issues:
- docs: document difference between scopes and policies #590
Merged pull requests:
- metrics: Improves naming of traits #803 (arekkas)
- docs: Resolves broken images and build #801 (arekkas)
- docs: Moves documentation to new repository. #800 (arekkas)
- all: Updates license headers #793 (arekkas)
v0.11.7 (2018-03-03)
Implemented enhancements:
- make --skip-newsletter the default #779
- group: Add pagination to group management #741
- jwk: Add pagination to jwk lists #740
- client: Add pagination to client list #739
- ConsentRequest should use time.Now().UTC() for ExpiresAt. #679
- sdk: add python sdk #639
- Importing a client should fail when an unrecognized field is found #357
- ci: Automatically pushes docs to website #784 (arekkas)
- oauth2: Forces UTC in consent strategy #775 (arekkas)
- client: Introduces pagination to client management #774 (arekkas)
Fixed bugs:
- oauth2: Remove exp and iat from ID token header #787
- Don't push to coveralls in CI when PR comes from fork #782
- policy: List tests do not care about offset/limit - fix that #746
Closed issues:
- A way to skip the consent screen for certain clients (first party) #791
- Where's the tutorial? #788
- Feature Request: oauth2/token endpoint json payload option #786
- docs: Deprecate recovering root access section #756
- oauth2: Document how to make the well known endpoint public #688
- oauth2: replace redirect uri exact match with protocol/host/path match #257
Merged pull requests:
- docs: Adds automatic summary and toc generation #785 (arekkas)
- Remove coveralls token from circleci config #783 (zepatrik)
- Update newsletter text #780 (zepatrik)
- Minor improvements to the gitbook guide #773 (arekkas)
v0.11.6 (2018-02-07)
Implemented enhancements:
- server: Add default policy for well-known/jwks.json #761
- cmd: Add newsletter info and sign up #755
- metrics: Improve metrics endpoint #742
- oauth2: Add ability to purge old access tokens #738
- jwk: refactor jwk id generation #589
- oauth2: Adds support for PKCE (IETF RFC7636) #769 (arekkas)
- Forces unique JWK IDs and allows anonymous access to ./well-known/jwks.json #762 (arekkas)
Fixed bugs:
- Do not show client secret when client is public in CLI #737
- oauth2: Client secret error message should be shown on creation #725
- sdk: Resolves composer license complaint #763 (arekkas)
Closed issues:
- docker-compose encountered errors #758
- AWS Lambda Support? #749
- cmd/client: Ask for security newsletter sign up when using client side CLI #747
- oauth2: Add PKCE support #744
Merged pull requests:
- Gen php sdk #814 (pnicolcev-tulipretail)
- oauth2: Resolves possible session fixation attack #770 (arekkas)
- docs: Fix dead link to example policy #767 (gr-eg)
- Purge tokens #766 (arekkas)
- client: do not show/send secret when client is public #765 (zepatrik)
- fix #725 #764 (zepatrik)
- Cmd newsletter signup #759 (arekkas)
- sdk: Generate php sdk and point php autoloader to lib folder #736 (pnicolcev-tulipretail)
v0.11.4 (2018-01-23)
v0.11.3 (2018-01-23)
Implemented enhancements:
Closed issues:
- possible consent session id attack? #753
v0.11.2 (2018-01-22)
Fixed bugs:
Merged pull requests:
v0.11.1 (2018-01-18)
Implemented enhancements:
- groups: Add ability to list all groups, not just by member #729
Fixed bugs:
Closed issues:
- Timezone Issue with new consent flow in 0.10? #735
- policies: change effect type from string to boolean #666
- cmd:
hydra connect --urlshould work with and without trailing slash #650
Merged pull requests:
v0.11.0 (2018-01-08)
Implemented enhancements:
- group: List groups without owner #732
- Add an alias for offline scope called offline_access #722
- oauth2: Print debug message to logs and evaluate transmitting it to clients too #715
- groups: Add ability to list all groups, not just by member #734 (arekkas)
- sdk: Adds php registry dummy #733 (arekkas)
- oauth2: Prints debug message to logs and evaluate transmitting it to clients too #727 (arekkas)
- vendor: Adds offline_access scope alias #724 (arekkas)
Fixed bugs:
- health: Should not require x-forwarded-proto #726
- health: Stop requiring x-forwarded-proto #731 (arekkas)
Closed issues:
- variable part in the subject and resource in ladon policy to be filled by request #730
- Trailing slash redirect strips directories from path #723
- Resolve broken docker-compose tutorial guide #717
- Document external dependencies #716
Merged pull requests:
v0.10.10 (2017-12-16)
Implemented enhancements:
- Make scopes in
hydra token clientcommand configurable #711 - cmd: Makes scopes in token command configurable #712 (arekkas)
- cmd: Adds a dedicated command for importing policies #709 (arekkas)
Fixed bugs:
- Misleading error message when using the SDK #686
- sdk/go: Resolves incorrect error message #713 (arekkas)
Closed issues:
- Docker readme, in case it is lost #719
- Keep track of version and build hash #706
- Scope is documented as hydra.groups but should by hydra.warden.groups #702
- Rename
hydra policies create -ftohydra policies import#701
Merged pull requests:
- docs: Resolves issue with broken 5-minute tutorial #721 (arekkas)
- Improves userinfo endpoint #714 (arekkas)
- groups: Corrects group scope documentation #710 (arekkas)
v0.10.9 (2017-12-13)
Implemented enhancements:
- Reintroduce alpine based image with shell #703
Merged pull requests:
v0.10.8 (2017-12-12)
Implemented enhancements:
- oauth2: Add token_endpoint_auth_methods_supported to openid-configuration #695
Closed issues:
- docs: Add introspect bc to upgrade #698
Merged pull requests:
v0.10.7 (2017-12-09)
v0.10.6 (2017-12-09)
Closed issues:
- oauth2: Write test for userinfo endpoint without token and test for 401 #691
Merged pull requests:
v0.10.5 (2017-12-09)
Closed issues:
- oauth2: Support userinfo endpoint #652
v0.10.4 (2017-12-09)
Merged pull requests:
v0.10.3 (2017-12-08)
v0.10.2 (2017-12-08)
v0.10.1 (2017-12-08)
Implemented enhancements:
- Open source policy naming guidelines #680
Closed issues:
- docs: docker --link should be replaced by networks #555
v0.10.0 (2017-12-08)
Implemented enhancements:
- docs: Improve release and breaking changes management #675
- oauth2: Make sub explicit in the database #658
- oauth2: Add access control to token introspection endpoint #655
- all: make policy resource and action names configurable #640
- Subject field #674 (arekkas)
- Add changelog #673 (arekkas)
Fixed bugs:
- oauth2: Token revokation should check client id before revoking tokens #676
- cli/policies: removing a policy subject adds the subject Instead #662
- jwk: Rename ES521 key generation algorithm to ES512 #651
- oauth2: Fixes clients being able to revoke any token #677 (arekkas)
Closed issues:
- Json logging #670
- swagger: scope pattern requires a space #661
- docs: Add list of undisclosed adopters with requests ranges to readme #659
Merged pull requests:
- Update release notes and prepare 0.10.0 #685 (arekkas)
- docs: Adds multi-tenant best practices #684 (arekkas)
- ci: Resolves code climate issues #683 (arekkas)
- pkg: Adds test for LogError #682 (arekkas)
- docs: Adds ACP best practices #681 (arekkas)
- oauth2: Requires firewall check for introspecting access tokens #678 (arekkas)
- Makes policy resource names prefixes configurable #672 (arekkas)
- docs: Adds consent state machine #671 (arekkas)
- docs: Make space optional in scope regex (#661) #668 (pnicolcev-tulipretail)
- Various minor fixes #667 (arekkas)
- telemetry: Update telemetry identification #654 (arekkas)
v0.10.0-alpha.21 (2017-11-27)
Closed issues:
- Add support for CORS #506
Merged pull requests:
- cli: Fix hydra cli adding policy subjects on subject remove #665 (jamesnicolas)
v0.10.0-alpha.20 (2017-11-26)
Merged pull requests:
v0.10.0-alpha.19 (2017-11-26)
Closed issues:
- Working with flask-oidc #660
- Multi stage build process removes the ability to shell into hydra container #657
- Support ES256 JWK Algo #627
- oauth2/introspect: skip omitempty in active flag #607
- oauth2: provide CWT token generation #577
Merged pull requests:
- vendor: Upgraded ladon and dockertest versions #663 (arekkas)
- pkg: Make low entropy RSA key generation explicit in function name #656 (arekkas)
- docs: Update hydra versions #649 (arekkas)
v0.10.0-alpha.18 (2017-11-06)
v0.10.0-alpha.17 (2017-11-06)
v0.10.0-alpha.16 (2017-11-06)
Merged pull requests:
v0.10.0-alpha.15 (2017-11-06)
Merged pull requests:
v0.10.0-alpha.14 (2017-11-06)
Fixed bugs:
- sql/postgres: wherever limit/offset is used, include ORDER BY clause #619
- oauth2: fix racy memory consent manager with RW mutex #600
Merged pull requests:
v0.10.0-alpha.13 (2017-11-06)
Implemented enhancements:
- Would it make sense to build hydra statically #374
Merged pull requests:
v0.10.0-alpha.11 (2017-11-06)
v0.10.0-alpha.12 (2017-11-06)
Closed issues:
Merged pull requests:
- Add license header to all source files #644 (arekkas)
- cmd: require url-encoding of root client id and secret #641 (arekkas)
- fix health link in docs #637 (DallanQ)
v0.10.0-alpha.10 (2017-10-26)
Implemented enhancements:
Closed issues:
- jwk: add es256 generator to jwk handler in master #634
- groups: add ability to list all groups to master branch #633
- travis: run genswag and gensdk before npm publish #610
v0.10.0-alpha.9 (2017-10-25)
Closed issues:
- docs: followed the installation guide and was unable to get a successful consent #623
- tests: run manager tests in parallel #617
Merged pull requests:
- Changes from zvelo #636 (arekkas)
- Dep, JWK and groups #635 (arekkas)
- tests: run database tests in parallel #632 (arekkas)
- Use recommendations made from cryptopasta repository #630 (arekkas)
- Support ES256 JWK Algo #628 (joshuarubin)
v0.9.16 (2017-10-23)
Closed issues:
- docs: adding policy to consent app doesn't work as resource using <.*> #621
- documentation vague regarding returned client_secret #620
Merged pull requests:
- updated links to apiary as the old ones didn't work #626 (abusaidm)
- docs: updated hydra version in the tutorial to v0.10.0-alpha.8 and consent app to v0.10.0-alpha.9 #625 (abusaidm)
- docs: fixed spelling and wording #624 (abusaidm)
- docs: fix bash command and version used in tutorial #622 (abusaidm)
- add ability to list all groups #612 (joshuarubin)
v0.10.0-alpha.8 (2017-10-18)
Closed issues:
- docs: SDK for Go is actually for Node, fix this typo #615
- server.injectConsentManager doesn't use ConsentRequestSQLManager even if *config.SQLConnection exists #613
Merged pull requests:
- cmd/server: SQLConnection should load SQLRequestManager #618 (arekkas)
- Clean up helpers and increase test coverage #611 (arekkas)
- sdk: format js sdk and remove mock tests #609 (arekkas)
v0.9.15 (2017-10-11)
Merged pull requests:
- Support dep #606 (joshuarubin)
v0.9.14 (2017-10-06)
v0.10.0-alpha.7 (2017-10-06)
v0.10.0-alpha.6 (2017-10-05)
v0.10.0-alpha.5 (2017-10-05)
v0.10.0-alpha.4 (2017-10-05)
Merged pull requests:
- travis: move deploy scripts to its own file #604 (arekkas)
- tests: skip cpu intense jwk generation in short mode #603 (arekkas)
v0.10.0-alpha.3 (2017-10-05)
v0.10.0-alpha.2 (2017-10-05)
Implemented enhancements:
- all: refactor http client endpoint logic #584
- oauth2: refresh openid connect id token via refresh_token grant #556
- oauth2: change scope semantics to wildcard #550
- warden: need endpoint that just introspects tokens #539
- sdk: client libraries for all languages #249
- core: enable usage statistics reporting #230
- core: introduce a way to test for bc breaks in datastore #193
Merged pull requests:
- travis: resolve deployment issues #602 (arekkas)
- warden: remove deprecated http manager #601 (arekkas)
- docs: fix sdk links #599 (arekkas)
- travis: re-add goveralls #598 (arekkas)
v0.10.0-alpha.1 (2017-10-05)
Implemented enhancements:
- oauth2: write test for handling consent deny #597
- group: add warden tests #591
- health: remove TLS restriction on health endpoint when termination is set #586
Fixed bugs:
- cmd:
policies deletesaysConnection \<id\> deletedinstead ofPolicy \<id\> deleted#583
Closed issues:
Merged pull requests:
- travis: fix binary building #596 (arekkas)
- cmd/cli: typo Connection -> Policy #592 (ljagiello)
- sdk: switch to swagger codegen sdk #585 (arekkas)
- 0.10.0 #557 (arekkas)
v0.9.13 (2017-09-26)
Implemented enhancements:
- RFC: Refactor consent flow #578
- oauth2: remove scope parameter from introspection request #551
- "Subject claim can not be empty" error when trying to retrieve ID Token #460
Fixed bugs:
- cmd:
token userno longer uses cluster url #581 - warden: do not use refresh tokens as proof of authorization #549
- Fix import path for logrus #477
Closed issues:
- Support for RFC 7636 #576
authorizationheader in/oauth2/tokenendpoint is case sensitive #575- DATABASE_URL=memory go run main.go host Error #571
- error on mismatch uris #569
- Relation "hydra_jwk" does not exist #568
- Freemium Crap #567
- Warden API docs do not talk about access_token #564
- When the client is run through a container, it should pick up configuration from environment #563
- Docker hub documentation showing up as HTML #562
- Allow people to configure the Hydra service using a config file. #561
- Error on go get the project #560
- Open a Patreon account #558
- GET /client/:id broken on master #538
Merged pull requests:
- health: disable TLS restriction for health check #587 (arekkas)
- cmd:
token usershould use clusterurl instead of empty string #582 (arekkas) - vendor: update various dependencies #579 (arekkas)
- Update to ladon 0.8.2 #570 (olivierdeckers)
- install.md: port typo #566 (rnback)
- oauth2: give meaningful hint when subject claim is empty #554 (arekkas)
v0.9.12 (2017-07-06)
Implemented enhancements:
- oauth2: use wildcards for scope strategy #552
Merged pull requests:
- warden: refresh tokens are no longer proof of authZ #553 (arekkas)
- README.md: hydra container doesn't include bash #548 (srenatus)
- docs: fix typo in tutorial #547 (arekkas)
- cmd/token/user: fix auth and token-url mixup #546 (arekkas)
- docs: update docs #545 (arekkas)
v0.9.11 (2017-06-30)
Merged pull requests:
v0.9.10 (2017-06-29)
Implemented enhancements:
- cmd/host: move status info from health endpoint to another one and protect it #532
Fixed bugs:
- Decode Basic Auth Credentials #536
Closed issues:
- Cannot try tutorial install, not existing dependencies #541
- [docker-compose] ERROR: for postgresd expected string or buffer #540
Merged pull requests:
- vendor: update fosite to remove forced nonce #542 (arekkas)
- oauth2: form-urldecode authorization basic header #537 (arekkas)
- [DOC] Update "Build from source" section to actual state #534 (dolbik)
- cmd/host: move status info to dedicated endpoint #533 (arekkas)
v0.9.9 (2017-06-17)
Fixed bugs:
- cmd/policy/create: not exiting on error #527
Merged pull requests:
- cmd: add test for get handler #531 (arekkas)
- cmd/policy/create: exit on error - closes #527 #530 (arekkas)
v0.9.8 (2017-06-17)
Fixed bugs:
- Updating policies may cause loss of policy data #503
Closed issues:
- oauth2: investigate panic #512
Merged pull requests:
- oauth2: resolve panic with nested at_ext and id_ext #529 (arekkas)
- vendor: update to ladon 0.8.0 - closes #503 #528 (arekkas)
v0.9.7 (2017-06-16)
Closed issues:
- Fatal error when running docker container #525
Merged pull requests:
v0.9.6 (2017-06-15)
Merged pull requests:
v0.9.5 (2017-06-15)
Merged pull requests:
v0.9.4 (2017-06-14)
Merged pull requests:
- cmd: resolve issuer test issue #522 (arekkas)
- all: improve test exports #521 (arekkas)
- docs: start writing faq from gitter #504 (arekkas)
v0.9.3 (2017-06-14)
Closed issues:
- Generating Client ID/Secret in >= 0.8.0 #517
- Could not gracefully run server #513
- authorize_code without password #511
Merged pull requests:
- metrics: resolve potential data race #520 (arekkas)
- Fix warden docs #519 (arekkas)
- all: export test helpers #518 (arekkas)
- oauth2: add tests for refresh token grant #515 (arekkas)
- oauth2: use issuer-prefixed auth URL in challenge redirect #509 (wyattanderson)
- cmd: resolve failing test #501 (arekkas)
v0.9.2 (2017-06-13)
Merged pull requests:
v0.9.1 (2017-06-12)
Merged pull requests:
- client: export tests #510 (arekkas)
- metrics: improve metrics #508 (arekkas)
- cmd: add auto migration image #502 (arekkas)
v0.9.0 (2017-06-07)
Implemented enhancements:
- cmd/cli: add flag for X-Forwarded-Proto for faking https termination #349
- metrics: add metrics and telemetry package #500 (arekkas)
Fixed bugs:
- warden/group: investigate missing transaction rollback in group manager #462
- policies: validate conditions and return error instead of silently dropping them #350
Closed issues:
- Headers should be case-insensitive #496
- docs: add FAQ on missing migrate in docker image #484
- docs: include oauth2 example #358
- warden: allow scopes in policies #330
Merged pull requests:
- sdk: add simple example of hydra sdk #499 (arekkas)
- docs: add FAQ on missing migrate in docker image #498 (arekkas)
- vendor: upgrade to ladon 0.7.4 - closes #350 #497 (arekkas)
- docs: add scopes to oauth2 #495 (arekkas)
- warden/group: add rollback to transactions #494 (arekkas)
v0.8.7 (2017-06-05)
Implemented enhancements:
- oauth2: add possibility for denying consent requests #400
- oauth2: allow redirection to client if consent was denied #371
Fixed bugs:
- Introspection endpoint responds with 401 on invalid payload token #457
Closed issues:
- Allow configuration of
DB\_HOST,DB\_PASS,DB\_USER,DB\_NAMEseparately. #480
Merged pull requests:
- all: implement --fake-tls-termination flag #493 (arekkas)
- oauth2/introspect>: resolve 401 on invalid token #492 (arekkas)
- client/manager_sql: return an empty slice if string is empty #491 (faxal)
v0.8.6 (2017-06-05)
Implemented enhancements:
- Assign clients different consent urls #378
Fixed bugs:
- Creating policies via the CLI does not populate the 'description' field #472
- Missing "iss" field from /oauth2/introspect response #399
- client: getting a non-existing client raises 500 instead of 404 #348
Closed issues:
- Libraries version problem, build break. #481
- oauth2: update to latest fosite which removed implicit storage #468
- Unable to set Public flag to false #463
- oauth2: allow client specific token TTLs #428
- docs: hint at health check #355
- Hydra URLs mounted to a subpath #352
- oidc: hydra as federated user auth for AWS Console/API #315
- jwk: when retrieving a key, stray request missing a subject 403 #271
Merged pull requests:
- oauth2/introspect: send issuer in introspection #490 (arekkas)
- oauth2: allow redirection to client if consent was denied #489 (arekkas)
- docs: add health check to swagger and resolve swagger issues #488 (arekkas)
- jwk/handler: nest ac check and resolve stray log message #487 (arekkas)
- pkg/errors: make ErrNotFound return a status code #486 (arekkas)
- cmd/policies: description is a string field, not slice #485 (arekkas)
- Vendor update #483 (arekkas)
- vendor: update to latest versions #482 (arekkas)
- client/manager: remove merging of stored and updated client #478 (faxal)
- Fix Swagger for Warden Groups #476 (pbarker)
v0.8.5 (2017-06-01)
Fixed bugs:
- max_conns and max_conn_lifetime breaks db.Ping #464
- cmd/server: resolve gorilla session mem leak - closes #461 #475 (arekkas)
Closed issues:
Merged pull requests:
- fix spelling of challenge #471 (sstarcher)
- oauth2: remove unused implicit grant storage #469 (arekkas)
v0.8.4 (2017-05-24)
Closed issues:
- Kubernetes Helm chart #430
Merged pull requests:
- config: connect to cleaned DSN #470 (arekkas)
- docs: hint to kubernetes helm chart - see #430 #467 (arekkas)
- Improve documentation #466 (arekkas)
v0.8.3 (2017-05-23)
Implemented enhancements:
- http: harden http server for public net #334
Fixed bugs:
Closed issues:
- Listing policies not working with database #458
- go install github.com/ory/hydra Fails to compile #456
- Challenge claims redirect http instead of https #455
- core/store: document aes gcm nonce limitation #76
Merged pull requests:
v0.8.2 (2017-05-10)
Implemented enhancements:
- Missing
kidparameter in ID token header #433 - no /.well-known/openid-configuration endpoint implementation #379
Merged pull requests:
- Add Key Id to Header #454 (pbarker)
- cmd: improve error message for when database tables are missing #453 (arekkas)
- Wellknown #427 (pbarker)
v0.8.1 (2017-05-08)
Implemented enhancements:
- cmd: database migrations should not be run automatically but have a cmd instead #444
- all: move herodot to ory/herodot #436
Fixed bugs:
- cmd: token client fails in ci sometimes #443
Closed issues:
- all: deprecating rethinkdb and redis support #425
- oauth2: consent anti-csrf token should be forcefully removed #367
v0.8.0 (2017-05-07)
Closed issues:
- Refresh token doesn't work #449
Merged pull requests:
- ✏️ minor grammar typo #452 (therebelrobot)
- Add example about securing the consent app #450 (matteosuppo)
- Allow setting SkipTLSVerify Option value #448 (faxal)
- 0.8.0: Towards production friendliness #445 (arekkas)
v0.7.13 (2017-05-03)
Implemented enhancements:
- ui: implement a basic management interface with react for oauth2 client, jwk, social connections and others #215
Fixed bugs:
- herodot: resolve issue with infinite loop caused by certain error chain #441
- "Could not fetch signing key for OpenID Connect" #439
- vendor: upgrade fosite to resolve regression issue #446 (arekkas)
Closed issues:
- Peculiar EOF instead of response from the introspect endpoint. #368
Merged pull requests:
v0.7.12 (2017-04-30)
Fixed bugs:
Closed issues:
- Freeze dependencies #437
v0.7.11 (2017-04-28)
Closed issues:
- Mismatch between library versions #434
- Data Passthrough to IDP #431
- Api protection #429
- Gitter.im or irc channel #426
- Outdated fosite #424
- oauth2: resource owner password credentials proposal #214
Merged pull requests:
v0.7.10 (2017-04-14)
Closed issues:
- Build instructions from Readme fail #420
- API error (500) during tests #419
- Uname in session #418
- Resource owner password credentials grant #417
- ory vs ory-am #414
- Cockroachdb support #413
- Small doc error #411
- Rest API documentation not working #410
Merged pull requests:
- Remove uname references from docs #423 (matteosuppo)
- vendor: update common and ladon dependencies #422 (arekkas)
- docs: resolve broken build instructions in readme - closes #420 #421 (arekkas)
- Dropping brackets in Create Client example #415 (pbarker)
- Update bash command in tutorial #412 (pbarker)
- Update README.md #409 (joelpickup)
- docs: changes apiary url to current version #407 (arekkas)
v0.7.9 (2017-04-02)
Closed issues:
Merged pull requests:
- Updated ladon version in glide.lock #404 (ericalandouglas)
- oauth2: fix typo #403 (maximesong)
v0.7.8 (2017-03-24)
Implemented enhancements:
- sdk: add consent helper #397
- Transition Dockerfile to Alpine Linux #393
- redirect_uri domains are case-sensitive #380
- Per-client consent URLs #351
- sdk: add consent helper - closes #397 #398 (arekkas)
- docs: add example policy for consent app signing #389 (arekkas)
Fixed bugs:
- cli handler_groups type error? #383
Closed issues:
- oauth2: token introspection fails on HTTP without dangerous-force-http #395
- Create User based on access token provided by Social Provider #394
- investigate why import from json fails #390
- gitter link doesn't work #386
- Possible security bug in warden/group package #382
- relation "hydra_client" does not exist (postgres) #381
- Native login support #375
- Request denied by default #373
Merged pull requests:
- docker: reduce docker image size #396 (arekkas)
- Added information about auth code exchange to oauth2 docs #392 (therebelrobot)
- Small typo. #391 (darron)
- all: resolve ci issues and improve readme #384 (arekkas)
v0.7.7 (2017-02-11)
v0.7.4 (2017-02-11)
v0.7.5 (2017-02-11)
v0.7.6 (2017-02-11)
Implemented enhancements:
- sql: limit maximum open connections, document timeout options through DSN #359
Fixed bugs:
- oauth2: invalid consent response causes panic #369
- oauth2: resolve issue with cookie store #376 (arekkas)
Closed issues:
- Can hydra be easily integrated (embedded) into any golang http application? #372
Merged pull requests:
- oauth2: invalid consent response causes panic - closes #369 #370 (arekkas)
- Resolve issues with SQL maximum open connections #360 (arekkas)
v0.7.3 (2017-01-22)
Fixed bugs:
Closed issues:
- Have Hydra store usernames linked to tokens #364
- policy: investigate potential sql connection leak #363
- crypto/bcrypt: hashedPassword is not the hash of the given password #346
Merged pull requests:
v0.7.2 (2017-01-02)
Fixed bugs:
- Problems with the authorization code flow #342
- sql: deleting policies does not delete associated records with mysql driver #326
- vendor: update to fosite 0.6.11 - closes #338 #343 (arekkas)
Closed issues:
Merged pull requests:
v0.7.1 (2016-12-30)
v0.7.0 (2016-12-30)
Implemented enhancements:
- Implement RemoveSubjectFromPolicy and RemoveResourceFromPolicy #336
- policy: provide rest endpoint for policy updates #305
- 0.7.0: SQL Migrate, Groups, Hardening #329 (arekkas)
Fixed bugs:
Closed issues:
- Replace # with ? in authentication response #337
v0.6.10 (2016-12-26)
Implemented enhancements:
- oauth2/consent: force jti echo in consent response #322
- include a migration routine for databases #194
- warden: add group management and group based policy checks #68
- Improve http-based warden/introspection error responses #335 (arekkas)
v0.6.9 (2016-12-20)
Implemented enhancements:
Fixed bugs:
Closed issues:
- openid: support response_type=code id_token #332
- Apparent failure on load with ECDSA key #328
- Why hydra github homepage crash when I visit ( while scrolling down) #323
- JsonWebTokenError: jwt must be provided #321
- write tests for cmd helpers #186
Merged pull requests:
- cmd: replace newline in HTTP_TLS #331 (ewilde)
- Log fixes #324 (johnwu96822)
v0.6.8 (2016-12-06)
Implemented enhancements:
v0.6.7 (2016-12-04)
Merged pull requests:
v0.6.6 (2016-12-04)
Implemented enhancements:
- core: Redis backend #306
Closed issues:
- oauth2: aud parameter does not allow arrays #314
Merged pull requests:
- add missing work in docs/oauth2.md #317 (bbigras)
- docker: --name should be before the image's name #316 (bbigras)
v0.6.5 (2016-11-28)
Implemented enhancements:
v0.6.4 (2016-11-22)
Implemented enhancements:
Fixed bugs:
- oauth2/revocation: token revocation fails silently with sql store #311
- oauth2/revocation: token revocation fails silently with sql store #312 (arekkas)
Closed issues:
- docs: clean up TokenValid leftovers #310
v0.6.3 (2016-11-17)
Implemented enhancements:
- Rejection reason code to /warden/token/allowed #308
Fixed bugs:
v0.6.2 (2016-11-05)
Implemented enhancements:
- github: comply with Go license terms #300
Merged pull requests:
- Fix client SQL manager missing client_name #303 (johnwu96822)
v0.6.1 (2016-10-26)
Fixed bugs:
- MySQL DB not creating on start – JSON column types only supported from MySQL 5.7 and onwards #299
- 0.6.1 #301 (arekkas)
Merged pull requests:
- Fix some minor typos and the broken tutorial links #298 (justinclift)
v0.6.0 (2016-10-25)
Implemented enhancements:
- Make it possible for travis-ci to build forked repos #295
- core: add sql support #292
- travis: execute gox build only when new commit is a new tag #285
- cmd: prettify the
hydra token useroutput #281 - warden: make it clear that ladon.Request.Subject is not required or break bc and remove it #270
- connections: remove connections API #265
- consider signing up for Core Infrastructure Initiative badge #246
- oauth2: token revocation endpoint #233
- oauth2/rethinkdb: clear expired access tokens from memory #228
- 0.6.0 #293 (arekkas)
Fixed bugs:
- all: coverage report is missing covered lines of nested packages #296
- oauth2/introspect: make endpoint rfc7662 compatible #289
- rethink: figure out how to deal with unreliable changefeed #269
- oauth2: requests waste a lot of time in fosite storer
requestFromRDB\(\)routine #260 - 0.6.0 #293 (arekkas)
Closed issues:
- docs: fix typo in consent.md #294
- docs/apiary: add at_ext note to warden endpoints #287
- core/storage: with rethinkdb being closed, what is our path forward? #286
- docs: warden resource names are wrong on apiary #268
- Request for Comment: Fair Source License / Business Source License #227
- core: (health) monitoring endpoint #216
- add much simpler identity provider and oauth2 consumer example #172
- 2fa: add two factor authentication helper API #69
Merged pull requests:
- cmd: fix typo in host command help text #291 (faxal)
- travis: Only gox build on tags and go1.7 #288 (emilva)
- docs: improve introduction #267 (arekkas)
v0.5.8 (2016-10-06)
Fixed bugs:
- oauth2: refresh token does not migrate session object to new token #283
- oauth2: refresh token does not migrate session object to new token #284 (arekkas)
v0.5.7 (2016-10-04)
Implemented enhancements:
- jwk: add use parameter to generated JWKs #279
- jwk: add use parameter to generated JWKs - closes #279 #280 (arekkas)
v0.5.6 (2016-10-03)
Implemented enhancements:
- oauth2: scopes should be separated by %20 and not +, to ensure javascript compatibility #278 (arekkas)
Fixed bugs:
Closed issues:
- Scopes should be separated by %20 and not +, to ensure javascript compatibility #277
Merged pull requests:
- cmd: fix #272 typos in the host command controls #276 (cixtor)
- Fix #274 - replace HYDRA_PROFILING with PROFILING #275 (otremblay)
v0.5.5 (2016-09-29)
v0.5.4 (2016-09-29)
v0.5.3 (2016-09-29)
Implemented enhancements:
Fixed bugs:
- investigate if and why slow rethinkdb connection causes client root to be recreated #191
Closed issues:
- Consider extract Go SDK package into separate repository #266
- Showcase: How and where are you using Hydra? #115
v0.5.2 (2016-09-23)
v0.5.0 (2016-09-22)
v0.5.1 (2016-09-22)
Implemented enhancements:
- oauth2: include original request query parameters in the consent challenge #256
- Need a better health check for a load balancer #251
- client: add ability to update client #250
- oauth2: allow access token validation for public clients #245
- all: improve error messages regarding token validation #244
- all: resolve naming inconsistencies in jwk set names used in hydra #239
- sdk: resolve naming inconsistencies #226
- oidc: support kid hint in header #222
- 0.5.0-errors #263 (arekkas)
- 0.5.0 #243 (arekkas)
Fixed bugs:
- When invalid/expired token is used for /warden/allowed endpoint, status 500 is returned #262
- docs: fix images in readme #261
- Bad HTML encoding of the scope parameter #259
- docs: images are broken #258
- oauth2: id token hashes are not base64 url encoded #255
- oauth2: state parameter is missing when response_type=id_token #254
- jwk: anonymous request can't read public keys #253
- travis: ld flags are wrong #242
- cmd: hydra token user should show id token in browser #224
- oidc: hybrid flow using
token+code+id\_tokenreturns multiple tokens of the same type #223 - hydra clients import doesn't print client's secret #221
- 0.5.0-errors #263 (arekkas)
- 0.5.0 #243 (arekkas)
Closed issues:
Merged pull requests:
v0.4.2-alpha.4 (2016-09-03)
v0.4.2 (2016-09-03)
v0.4.3 (2016-09-03)
v0.4.2-alpha.3 (2016-09-02)
v0.4.2-alpha.2 (2016-09-01)
v0.4.2-alpha.1 (2016-09-01)
0.4.2-alpha (2016-09-01)
Implemented enhancements:
- Add version option to Hydra's CLI #218
- autobuild #240 (arekkas)
- Update jwt-go and resolve warden regression issue #232 (arekkas)
Fixed bugs:
- warden: firewal.Audience overridden with requesting clients subject #236 (faxal)
- Update jwt-go and resolve warden regression issue #232 (arekkas)
Closed issues:
- how to use hydra without "--dangerous-auto-logon"? #241
- warden: firewal.Audience overridden with requesting clients subject #237
- Vendor: Upgrade to jwt-go 3.0.0 #229
- docs: warden sdk example is misleading #225
- Typo in the apiary documentation #220
- Importing clients with the CLI doesn't work #219
- doc: add "what is hydra not?" section to readme #217
- figure out a process to autobuild releases #210
Merged pull requests:
- fix broken link for tutorial in README.md #213 (allan-simon)
v0.4.1 (2016-08-18)
Fixed bugs:
v0.4.0 (2016-08-17)
Implemented enhancements:
Fixed bugs:
Closed issues:
- docs/guide: warden docs are outdated #206
- fix sdk examples in readme #196
- add tests for clients import #163
- remove go get -t ./... from travis #71
v0.3.1 (2016-08-17)
Implemented enhancements:
- oauth2: introspection should return custom session values #205
- warden: move IntrospectToken from warden sdk to oauth2 #201
- warden: rename InspectToken to IntrospectToken #200
Fixed bugs:
- AccessTokens get overridden during startup of hydra #207
- warden: IntrospectToken always throws an error on Hydra logs #199
- resolve issue with at extra data #198
- Fix 207 #208 (arekkas)
v0.3.0 (2016-08-09)
Implemented enhancements:
Fixed bugs:
v0.2.0 (2016-08-09)
Implemented enhancements:
- warden sdk should not make distinction between token and request #190
- core scope should not be mandatory #189
- id token claims should be set by consent challenge
id\_tokenclaim #188 - provide default consent endpoint in hydra #185
- make bcrypt cost configurable #184
- make lifespans configurable #183
- improve env to config #182
- add memory profiling and cpu profiling #179
- add basic http request logging #178
- support edge tls termination #177
- Make client HTTPManager not compatible with fosite.Storage #173
- clean up stale branches #171
- improve hydra connect dialogue #170
- investigate if token creation can be speeded up #168
- consent: allow proxying of id token claims #167
- warden: rename authorized / allowed endpoints to something more meaningful #162
- warden: rename
assertiontotoken#158 - Implement strict mode for warden #156
- Implement token introspection endpoint #155
- Don't log database credentials #147
- OpenID Connect Session Management #143
- [Feature request] Import clients on startup #140
- Warden for anonymous users #139
- oauth2/consent: id token expiry should be configurable #127
- warden: endpoint should only require valid client, not policy based access control #121
- Improve error message of wrong system secret #104
- warden: rename authorized / allowed endpoints to something more meaningful #187 (arekkas)
- 0.2.0 #165 (arekkas)
- all: add test cases for methods returning slices or maps of entities #152 (arekkas)
- Resolve rethinkdb connection when idle #148 (arekkas)
- all: resolve issues with the sdk and cli #142 (arekkas)
- cli: add token validation #134 (arekkas)
- Add wrapper library for HTTP Managers #130 (faxal)
Fixed bugs:
- investigate runtime panic on warden allowed #181
- oauth2 implicit flow should allow custom protocols #180
- support edge tls termination #177
- Token generation should be always consistent, not eventually consistent #176
- consent: allow proxying of id token claims #167
- config: do not store database config in hydra config #164
- OAuth2 token endpoint does not allow GET method but reads query parameters #160
- OAuth2 token endpoint should be able to handle simple form encoded requests #159
- --dry option does not work correctly #157
- client.GetClients() returns invalid information #150
- RethinkDB connection dies after a certain amount of inactive time #146
- Fails to startup when a SSO connection is added. #141
- id_token: at_hash / c_hash is null #129
- oauth2: some scopes are included twice #126
- warden: iat / exp values are not being set #125
- investigate missing scopes issue #124
- rethinkdb: resolve an issue where missing refresh tokens cause duplicate key error #122
- 0.2.0 #165 (arekkas)
- ensure client endpoint is initialised for CLI "clients import" command #149 (boyvinall)
- Resolve rethinkdb connection when idle #148 (arekkas)
- all: resolve issues with the sdk and cli #142 (arekkas)
- Resolve warden issues #128 (arekkas)
- Various bugfixes #123 (arekkas)
Closed issues:
- Error trying to create a token via curl #174
- gorethink: could not decode type []uint8 into Go value of type string #169
- document warden interface sdk #166
- Document what OpenID Connect is and how to use it #154
- Warden endpoints #137
- Environment variables naming scheme #136
- Implicit Flow redirect_uri does not match #133
- hydra 2FA on cloud providers #132
- Document HTTP client libraries for go #101
- Document error redirect to identity provider #96
- use dropbox example to explain oauth2 #95
Merged pull requests:
- client: fix client.GetClients() for multiple clients #151 (boyvinall)
- readme: Fix table of contents links #145 (smithrobs)
- doc: Minor grammar/spelling fixes for README #144 (smithrobs)
- Add some precisions to installation #131 (yageek)
0.1-beta.4 (2016-06-26)
Implemented enhancements:
- Connect to rethinkdb over SSL with self-signed certificate #114
Fixed bugs:
- clients endpoint returns client secret base64 encoded #119
- firewall 403s on warden endpoints #118
- Client secrets should not be hashed when POSTing #113
- Resolve issues with warden and client api #120 (arekkas)
- client: return client secret on POST and remove it from GET #117 (arekkas)
Merged pull requests:
- Connect to rethinkdb with a custom certificate #116 (matteosuppo)
- dist: fix typos in exemplary policies #112 (arekkas)
0.1-beta.3 (2016-06-20)
Implemented enhancements:
Fixed bugs:
- Warden handlers are not mounted #109
Closed issues:
- Installation fails #108
- Exchange token from browser client #107
- Temporary Client not working #106
- Could not fetch initial state with docker-compose #103
Merged pull requests:
- all: update jwt-go to versioned package and update dependencies #111 (arekkas)
- Mount warden handler #110 (faxal)
0.1-beta.2 (2016-06-14)
Implemented enhancements:
- CLI should have
-dryoption to show what the HTTP request looks like #99 - Add offline scope for refresh tokens #97
- extend jwk cert store #92
- Creating clients with predefined credentials #91
- Passing key and certificate to hydra #88
- AES-GCM key should be sha256(secret)[:32] #86
- Update GoRethink imports #78
- link exemplary policies in the docs #75
- support SAML in addition to OAuth2 #29
- 0.1-beta2 #90 (arekkas)
- vendor: switch to versioned gorethink api #81 (arekkas)
Fixed bugs:
- fix issue where tls certificate is regenerated on boot #93
- typo: singing instead of signing #89
- 404 in the gitbook #85
- Update GoRethink imports #78
- client: resolved that secrets can not be set when using http or cli #102 (arekkas)
Closed issues:
Merged pull requests:
- Fix typo of weather #100 (smurfpandey)
- readme: add security section #87 (arekkas)
- Fix idiom in README #79 (neuhaus)
0.1-beta1 (2016-05-29)
Implemented enhancements:
- client rest endpoint: rename
nametoclient\_name#72 - allow using not self-signed TLS certificates #70
- Implement OpenID Connect Dynamic Client Registration 1.0 #65
- Implement default identity provider using postgres #63
- Implement generic connectors #61
- Replace osin with ory-am/fosite #46
- Remove dockertest dependency from handlers #43
- adding RethinkDB as a Store #39
- Add more IdPs #33
- Make JWT as access tokens optional and replace with a custom strategy #32
- support for ldap for user storage #28
- Migrate from mux to httprouter #14
- Decompositioning, implement Fosite #62 (arekkas)
Fixed bugs:
- spec: /jwk/:set/:kid must return array #74
- client rest endpoint: rename
nametoclient\\_name#72 - Too many open files probably caused by http client #47
Closed issues:
- Add Dockerfile for autobuild #60
- CLI refactor and initial account set up #59
- ory-am ssl cert invalid #58
- Granted Endpoint Proposal: Performant access decisions for resource providers using REST #48
- Security "audit" pre-analysis (based on rfc6749) #41
- wrong repo #40
- Rename providers to connectors #38
- Are there standards for connecting to third party providers #37
- Add support for scopes #36
- Readme: Accounts CLI Usage #31
- Continue using JWT as access tokens? #22
- remove refresh token claims #21
- godeps should only be commited on release #19
- refactor POST workflow #13
- JWT assertions #5
- Check JWT Algorithm #3
Merged pull requests:
- Remove go get of govet in .travis.yml #67 (sbani)
- Hydra is now using Go 1.6 vendoring and is deployable to heroku #56 (arekkas)
- Heroku #55 (arekkas)
- Update README.md #54 (leetal)
- RethinkDB #53 (leetal)
- handler.go:300: no formatting directive in Sprintf call #52 (QuentinPerez)
- providers: added microsoft and improved existing providers #51 (arekkas)
- oauth: added google provider #50 (arekkas)
- handle multiple return values from gopass #49 (timothyknight)
- doc: create MAINTAINERS #45 (arekkas)
- docs: create CONTRIBUTING.md #44 (arekkas)
- update accounts CLI Usage #34 (akhedrane)
- Add a Gitter chat badge to README.md #30 (gitter-badger)
- Extra arguments #27 (QuentinPerez)
- all: oauth and guard endpoints now accept basic auth instead of token… #26 (arekkas)
- account: refactor, more endpoints and tests #25 (arekkas)
- all: username instead of email, token revocation, introspect spec ali… #24 (arekkas)
- Tutorial #23 (arekkas)
- Unstaged #20 (arekkas)
- client: now tries to refresh when token is invalid #18 (arekkas)
- client: added possibility to skip CA check #17 (arekkas)
- cli: fixed default TLS and JWT filepaths #16 (arekkas)
- Policy changes and more tests #15 (arekkas)
- unstaged #12 (arekkas)
- Ladon api update & policy http endpoint #11 (arekkas)
- Improved CLI
client createand provider workflow. #10 (arekkas) - cli #9 (arekkas)
- all: increased test coverage #8 (arekkas)
- Handlers and cleanup #7 (arekkas)
- Single Sign On #6 (arekkas)
- tests: increased coverage #4 (arekkas)
- Implemented jwt, middleware, test coverage and handlers. #2 (arekkas)
- Refactor #1 (arekkas)
* This Change Log was automatically generated by github_changelog_generator