Skip to content

Latest commit

 

History

History
544 lines (451 loc) · 31.8 KB

CHANGELOG.md

File metadata and controls

544 lines (451 loc) · 31.8 KB

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

[1.46.0] - 2025-06-01

Added

  • Add filter by ids to public accounts #744

[1.45.2] - 2024-18-12

Fixed

  • Fix Case-Insensitive Sorting #741

[1.45.1] - 2024-13-10

Fixed

  • GET services/accounts returns unsorted response #733

[1.45.0] - 2024-12-10

Added

  • Public account filtering by unstructured properties #734

[1.44.1] - 2024-12-03

Fixed

  • Fix Privacy.FieldVisibility validation #729

1.44.0 - 2024-11-28

Added

  • Set up privacy settings for account directory data visibility #727

1.43.0 - 2024-10-21

Added

  • Get the account ids with FERPA filed false #724

1.42.0 - 2024-06-14

Changed

  • Provide external ids on get deleted memberships BBs API #718

1.41.0 - 2024-05-30

Added

  • Remove account from the system - all BBs #335

1.40.0 - 2024-05-09

Changed

  • Add "admin_app_access_roles" to the system POST and PUT app_orgs #712

1.39.0 - 2024-04-30

Changed

  • Admin app account creation update #710

1.38.1 - 2024-03-05

Fixed

  • Fix v2 create accounts #704

1.38.0 - 2024-03-01

Added

  • Expose Create multiple accounts admin API #702

Changed

  • Update filter accounts API to accept many UIN #700

1.37.2 - 2024-02-14

Changed

  • Clean up accounts migration legacy code #698

1.37.1 - 2024-02-14

Fixed

  • Fix nil pointer #694

1.37.0 - 2024-02-13

Fixed

  • Migration issue #692

1.36.0 - 2023-12-13

Changed

  • Accounts to tenants account migration improvement #690

1.35.1 - 2023-12-08

Fixed

  • Handle Create Admin account API issue #687
  • Fix storeSystemData #685

1.35.0 - 2023-12-01

Changed

  • Single identity within an organisation #680

Added

  • Searching follows looks for substring matches #670

Added

  • Support following accounts #667
  • Device ID not nullable #672

1.34.0 - 2023-07-06

Added

  • Enable CORS #632
  • Move the app config management APIs to the /admin subrouter from /system #652

1.33.0 - 2023-05-02

Added

  • Username and password authentication #658

1.32.2 - 2023-04-20

Changed

  • Sync Identity BB for user data on authentication event #650

1.32.1 - 2023-04-10

Fixed

  • Handle admin scopes on refresh

1.32.0 - 2023-04-08

Added:

  • Admin scopes #653
  • Admin APIs to get count and list of accounts matching query #649
  • Sync Identity BB for user data on authentication event #650

1.31.2 - 2023-04-04

Fixed

  • Ignore readOnly fields during validation #641

1.31.1 - 2023-03-14

Changed

  • Upgrade to auth library v3 #645

1.31.0 - 2023-03-02

Changed

  • Prepare for deployment in OpenShift #638

1.30.0 - 2023-02-03

Added

  • Update role admin API #516
  • Add admin application config endpoints #633

Changed

  • Upgrade dependencies #624

Fixed

  • Fix system account initialization #594

1.29.0 - 2022-11-16

Added

  • Create API to get count of accounts matching criteria #619

Fixed

  • Panic on anonymous refresh #621

1.28.0 - 2022-10-24

Added

  • Add unstructured additional properties to profile #609

1.27.0 - 2022-10-21

Added

  • BBs/TPS API to search accounts matching criteria #606
  • Add scopes to service accounts #605
  • Update application system API #549
  • Update group admin API #518

1.26.0 - 2022-10-05

Fixed

  • Services crashes on anonymous login #603

Security

  • Fix code scanning alert - Log entries created from user input #601

1.25.0 - 2022-10-04

Added

  • Update app/org endpoint #543
  • Create app/org endpoint #544
  • Expose account external IDs #582
  • Anonymous accounts #559
  • Usernames #574
  • Add release instructions to CONVENTIONS.md #519
  • Set up system app org token endpoint #493
  • Track usage info in accounts #445
  • Use signature Key ID to check specific key for service account auth #481
  • Allow overriding docs base URLs #513
  • Include account ID in request logs #562
  • Add system flag to login response #552
  • Add default assigners permission #477

Fixed

  • Fix has_permissions for existing accounts #531
  • Service registration error handling change #468
  • Update account permission duplication #545
  • Deleting application roles and groups uses bad accounts query #536

Changed

  • Update oapi-codegen usage #597
  • BREAKING: Permission assigners should be OR instead of AND #482]
  • Update profile when external user info changes #589

1.24.2 - 2022-08-08

Added

  • Allow passing nil context to WithContext storage functions #494
  • Account system configs #558

Fixed

  • Authorization policy comments not working #506

1.24.1 - 2022-07-07

Changed

  • Expose full roles/groups in accounts #528

1.24.0 - 2022-07-07

Added

  • Admin update account authorizations API #484
  • Set up admin create account endpoint #365
  • Prepare the project to become open source #129
  • Retrieve all service account tokens at once #459

Fixed

  • Fix admin authorization endpoints #515
  • Clean up authorization policies #499
  • Prevent admins from using service account management endpoints #500

Changed

  • Get all admin level accounts #486
  • Update SECURITY.md #504

1.23.0 - 2022-04-26

Added

  • Email/phone registration should populate email/phone in profile #431
  • Implement system accounts #278
  • Service accounts #306

Security

  • Update http-swagger dependency #465

1.22.0 - 2022-04-02

Added

  • Expose revoke roles from account Admin API #412
  • Expose revoke permissions from account Admin API #411
  • Expose grant permissions to role Admin API #415
  • Expose remove accounts from a group Admin API #413
  • Expose add accounts to a group Admin API #384
  • Handle external ID management #364

Security

  • Loading all roles and groups for empty query #458

1.21.1 - 2022-03-17

Fixed

  • Fix verify credential HTML template loading issues #451

1.21.0 - 2022-03-16

Added

  • Clean up verification email messaging and UI #444
  • Implement logout for users accounts #329

1.20.1 - 2022-03-07

Fixed

  • Unable to login in the Admin app #430

1.20.0 - 2022-03-01

Fixed

  • Fix broken external login #427

1.19.0 - 2022-02-25

Added

  • Expose System APIs for auth types #362
  • Expose grant roles to account Admin API #383
  • Expose grant permissions to account Admin API #382
  • Expose Admin API which gives an application account devices #359
  • Expose Admin API which logouts an account session for specific application #371
  • Unlink account auth types #393
  • Expose delete app org role admin API #313
  • Expose delete app org group admin API #312
  • Expose Admin API with the currently logged in accounts #355
  • Add app config endpoints #261

Security

  • Fix security vulnerability for roles and groups admin APIs #414

Fixed

  • Fix issues with account linking #408
  • Fix creating application group admin API #397
  • Fix create role and create group Admin APIs #386
  • Fix broken app config API and CHANGELOG.md #401
  • Fix shared profile feature #405

Changed

  • Update the filter capability for the get login sessions Admin API #394
  • Limit the returned items for get application accounts admin API #375
  • Return ordered list of account auth types on link account auth type #376

1.18.0 - 2022-01-25

Added

  • Expose create app org group admin API #309
  • Apply external auth system user data to profile #377
  • Expose create app org role admin API #308
  • Expose Admin API which gives all applications for an organization #324
  • Expose get application organization groups admin API #302
  • Expose get application organization roles admin API #301
  • Admin APIs authorization fix #372
  • Fixed date login session expiration #367
  • Expose get permissions list admin API #296
  • Expose get accounts admin API #283
  • Expose get account admin API #270

Changed

  • Clean up schemas index.yaml file #387

Fixed

  • Fix yaml files paths #352

1.17.0 - 2021-12-06

Fixed

  • Fix delete account API #341
  • Upgrade logging library for error JSON fix #347

1.16.0 - 2021-12-02

Fixed

  • Panic on nil conversion during OIDC refresh #344
  • Account exists endpoint documentation incorrect #342
  • Admin APIs issue #326

1.15.0 - 2021-12-01

Fixed

  • Panic on nil dereference during anonymous login #338

1.14.0 - 2021-11-30

Added

  • Assign device to the account on login #245
  • Add multi-factor authentication support #19
  • Handle multiple authentication methods linking to one account #64

Security

  • Return verification status on account exists endpoint #330

Fixed

  • Fix the accounts collection index for app and org #333

1.13.0 - 2021-11-22

Added

  • Expose resend verification code services API #287
  • Add password reset from client and reset links #216
  • User PII in tokens #169
  • Add authentication required auth wrapper #250

Security

  • Change string comparisons to constant time comparisons #317

Fixed

  • Auth types removed from wrong endpoint #321
  • Profile request fails for email sign up #320

1.12.0 - 2021-11-10

Added

  • Login session duration policies #258
  • Handle groups mappings from OIDC integration #276
  • Expose get account services API #217
  • Define unified responses for the APIs #286
  • Add refresh token abuse detection to login sessions #257

Changed

  • Limit number of active login sessions per account #256
  • Expose transaction interface on storage adapter #285

Fixed

  • 502 error on login when missing preferences #299

1.11.0 - 2021-11-04

Added

  • Set up permission groups #25

1.10.0 - 2021-11-03

Added

  • Merge client and Profile BB profiles and preferences #228

1.9.0 - 2021-11-01

Added

  • Disable email verification #280

Changed

  • Dissociate permissions from applications #207

1.8.0 - 2021-10-27

Added

  • Prepare Core for Admin app integration #247
  • Expose does account exist services API #255

Fixed

  • MongoDB ChangeStream Watch() does not recover #259

1.7.0 - 2021-10-25

Added

  • Handle API key validation for non-anonymous users #244
  • Implement logins sessions #172

1.6.0 - 2021-10-19

Added

  • Implement logins sessions - almost completed #172

1.5.0 - 2021-10-15

Fixed

  • Permission authorization failing on all endpoints in Docker #239

Changed

  • Switch to ROKWIRE open source libraries #232

1.4.0 - 2021-10-11

Fixed

  • Fix various issues #215

Removed

  • REVERT: Handle anonymous ID conversion #204

1.3.0 - 2021-10-08

Added

  • Expose get account preferences services API #206

Changed

  • Improve how the system sends emails #192

1.2.0 - 2021-10-07

Security

  • Fix Mongo driver vulnerability #123

Added

  • Extract IP address from reques #246
  • Populate profile data automatically from ROKWIRE 2.0 Profile BB #185
  • Add phone authentication support #24
  • Handle anonymous ID conversion #204
  • Create a Security.md #193
  • Set up authorization system #45
  • Add permissions to tokens #189
  • Set up anonymous tokens #26
  • Add Email authentication and verification #23
  • Set up delete account endpoint #180
  • Anonymous profile(non-pii) endpoints #135
  • User PII endpoints #128
  • Handle refresh tokens across multiple devices/apps/orgs #149
  • Expose admin API which gets applications list #104
  • Restructure auth package to provide APIs interface #161
  • Set up refresh tokens #95
  • Set up OIDC compliant token validation endpoints #51
  • Storage improvements #144
  • Expose admin API which creates application #82
  • Suppress logs from the AWS load balancer health checks #141
  • Set up accounts #18
  • Optional OIDC URL overrides #139
  • Automate Docker deployment process on Dev #10
  • Improve error wrapping #83
  • Set up scoped tokens #98
  • Expose admin API which gets application. #103
  • Expose auth APIs #81
  • Expose admin API which gives the organizations list #61
  • Expose admin API which gets an organization #60
  • Expose service registration handlers #75
  • Split OpenAPI yaml file #84
  • Standardize logging using logging library #78
  • Set up API documentation #8
  • Extend the storage adapter listener #76
  • Add OIDC support #17
  • Incorporate Application entity in the data model #50
  • Expose admin API which updates an organization #59
  • Set up unit tests environment #7
  • Expose admin API which creates an organization #58
  • Expose update global config admin API #36
  • Expand the model to handle the user devices #41
  • Expose get global config admin API #35
  • Set up auth framework #16
  • Expose version API #13
  • Set up project skeleton #1
  • Define data model #2
  • Expose create global config admin API #34
  • Set up logging #6

Fixed

  • Fix broken OIDC login #211
  • Fix crash on phone login #208
  • Fix email account verification #198
  • Fix build failure #196
  • Fix admin APIs after the model changes #173
  • Fix login issues #178
  • Fix base path validation issue #174
  • Fix auth credentials search for multiple apps #153
  • Fix GlobalPermission and OrganizationPermission in the doc APIs model #151
  • OIDC auth bug fixes #143
  • Fix APIs requests validation #89
  • Fixing the Log and the Changelog for issues #35 and #36 #54

Changed

  • Login API issues #182
  • Move temporary claims to auth library #183
  • Prepare the service to be deployed into Rokwire infrastructure #176
  • Users authentication polish #155
  • Optimise the Mongo DB collections indexes usage #146