mytoken-server 0.6.1-c

mytoken 0.6.1-c

API

• Changed the restriction ip key to hosts:
  • Backward compatibility is preserved. The legacy key ip is still accepted.
  • The hosts entry can contain:
    • Single ip address
    • Subnet address
    • Host name (with or without wildcard)
      • To compare against this, on request a reverse dns lookup is done for the request's ip address

Enhancements

• Location restriction can now be done with host names, not only plain ip addresses, see above for more details.
• Webinterface: Added message to tokeninfo after MT creation and TC exchange to indicate that users must copy the
  mytoken to persist it.
• Improved code quality

Bugfixes

• Fixed a bug in the web interface where the scope selection indicator for access tokens where not updated.

Dependencies

• Bump go version to 1.19
• Bump golang.org/x/mod from 0.5.1 to 0.6.0
• Bump github.com/gofiber/fiber/v2 from 2.37.1 to 2.38.1
• Bump github.com/gofiber/helmet/v2 from 2.2.16 to 2.2.17

mytoken-server 0.6.1-b

mytoken 0.6.1-b

API

• Changed the restriction ip key to hosts:
  • Backward compatibility is preserved. The legacy key ip is still accepted.
  • The hosts entry can contain:
    • Single ip address
    • Subnet address
    • Host name (with or without wildcard)
      • To compare against this, on request a reverse dns lookup is done for the request's ip address

Enhancements

• Location restriction can now be done with host names, not only plain ip addresses, see above for more details.
• Webinterface: Added message to tokeninfo after MT creation and TC exchange to indicate that users must copy the
  mytoken to persist it.
• Improved code quality

Bugfixes

• Fixed a bug in the web interface where the scope selection indicator for access tokens where not updated.

Dependencies

• Bump go version to 1.19
• Bump golang.org/x/mod from 0.5.1 to 0.6.0
• Bump github.com/gofiber/fiber/v2 from 2.37.1 to 2.38.1
• Bump github.com/gofiber/helmet/v2 from 2.2.16 to 2.2.17

mytoken-server 0.6.1-a

mytoken 0.6.1-a

API

• Changed the restriction ip key to hosts:
  • Backward compatibility is preserved. The legacy key ip is still accepted.
  • The hosts entry can contain:
    • Single ip address
    • Subnet address
    • Host name (with or without wildcard)
      • To compare against this, on request a reverse dns lookup is done for the request's ip address

Enhancements

• Location restriction can now be done with host names, not only plain ip addresses, see above for more details.
• Improved code quality

Bugfixes

• Fixed a bug in the web interface where the scope selection indicator for access tokens where not updated.

Dependencies

• Bump go version to 1.19
• Bump golang.org/x/mod from 0.5.1 to 0.6.0
• Bump github.com/gofiber/fiber/v2 from 2.37.1 to 2.38.1
• Bump github.com/gofiber/helmet/v2 from 2.2.16 to 2.2.17

mytoken-server 0.6.0

mytoken 0.6.0

API

• Dropped subtoken_capabilities, since the benefit was minimal, but made things more complex
  • Removed subtoken_capabilities from all API requests and responses
  • Removed subtoken_capabilities from the mytoken

Enhancements

• Added introduction text in the web interface
• Session mytoken in web interface no longer uses subtoken_capabilities due to the drop, moved subtoken
  capabilities to the session mytoken as capabilities; added rotation on AT requests, added auto revocation

Bugfixes

• Fixed a bug where mytokens with the revoke_any_token capabilities could revoke mytokens of other users if they
  can get possesion of the revocation_id
• Fixed problems in the web interface with restrictions / issuer selection when not logged in.

Dependencies

• Bump github.com/coreos/go-oidc/v3 from 3.2.0 to 3.4.0
• Bump github.com/gofiber/template from 1.6.30 to 1.7.1
• Bump github.com/gofiber/fiber/v2 from 2.36.0 to 2.37.1
• Bump github.com/valyala/fasthttp from 1.39.0 to 1.40.0
• Bump github.com/gliderlabs/ssh from 0.3.4 to 0.3.5
• Bump github.com/gofiber/helmet/v2 from 2.2.15 to 2.2.16

mytoken-server 0.5.4

mytoken 0.5.4

Bugfixes

• Fixed a bug in the webinterface where scope restrictions did not update correctly when not logged in and issuer
  changed

mytoken-server 0.5.3

mytoken 0.5.3

Bugfixes

• Fixed a bug in the webinterface where mytokens could not be created when not logged-in

mytoken-server 0.5.2

mytoken 0.5.2

Bugfixes

• Fixed a bug with requesting a consent screen for mytoken requests

mytoken-server 0.5.1

mytoken 0.5.1

Enhancements

• In the tokeninfo - subtokens pane of the webinterface now only show the subtokens of the token in question,
  leaving out the actual token as their parent

Bugfixes

• Fixed two bugs in the tokeninfo webinterface when introspecting mytokens issued by another server
• Fixed CORS of jwks

mytoken-server 0.5.0

mytoken 0.5

Features

• Trusted web applications can skip the consent screen
• Reworked and improved major parts of the web interface:
  • Consent Screen:
    • On default a more compressed view is shown, where sections can be expanded if needed.
    • Displays the content of the application_name parameter if given.
    • Added possibility for clients to create a consent screen for mytoken-from-mytoken requests
  • Home Screen:
    • Replaced the tokeninfo pane with a new one
      • Removed tokeninfo about the session's mytoken
      • Added a tokeninfo pane to display tokeninfo for arbitrary mytokens (incl. introspection, history, subtokens)
      • Added possibility to create a transfer code
      • Moved the list of mytokens to a separate pane
      • Improved displaying the tree structure of mytokens
      • Reversed the token history order
    • Added "Exchange transfercode" pane, where a transfercode can be exchanged into a mytoken
    • Some parts can be used without being logged-in
  • Token Revocation:
    • Added possibility to revoke a mytoken in the tokeninfo pane
    • Added possibility to revoke listed tokens in the "My Mytokens" pane and in the "Tokeninfo - Subtokens" pane.
  • Capabilities:
    • Simplified the checking of capabilities
    • Read/Write capabilities are now not split but can be toggled
  • Create Mytoken:
    • After creation the mytoken is displayed in the tokeninfo pane, where it can be copied and of course
      information about the token is displayed
  • Settings:
    • Grant Types:
      • Include pages of different grant types in this view.
      • Grant Types can be expanded (collapsed on default).
      • Link to grant type page that was not clear enough is no longer needed.

API

• Added application_name to mytoken requests.
• Added token_type to token introspection response.
• Added possibility to revoke tokens by revocation_id:
  • Added new revoke_any_token capability.
  • Added revocation_id parameter to responses that list tokens.

Enhancements

• Admins can adapt the webinterface, i.e. for a custom style

Bugfixes

• Fixed a bug in the mytoken webinterface where token introspection did not work on the settings page
• Fixed a bug in the mytoken webinterface restrictions editor, where audiences would always be set to zero when
  switching from the JSON editor to the GUI editor
• Fixed a bug where non-expiring mytokens would be revoked when database cleanup was enabled.
• Fixed a bug where the server could potentially crash

Dependencies

• Bump github.com/valyala/fasthttp from 1.37.0 to 1.39.0
• Bump github.com/gofiber/fiber/v2 from 2.34.0 to 2.35.0
• Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
• Bump github.com/gofiber/template from 1.6.28 to 1.6.30
• Bump github.com/gofiber/helmet/v2 from 2.2.13 to 2.2.15

mytoken-server 0.4.3

Dependencies

• Bumped github.com/jmoiron/sqlx from 1.3.4 to 1.3.5
• Bumped github.com/lestrrat-go/jwx from 1.2.18 to 1.2.23
• Bumped github.com/gofiber/template from 1.6.22 to 1.6.27
• Bumped github.com/gofiber/helmet/v2 from 2.2.6 to 2.2.12
• Bumped github.com/pires/go-proxyproto from 0.6.1 to 0.6.2
• Bumped github.com/gofiber/fiber/v2 from 2.26.0 to 2.32.0
• Bumped github.com/valyala/fasthttp from 1.33.0 to 1.36.0