All notable changes to this project will be documented in this file automatically by Versionist. DO NOT EDIT THIS FILE MANUALLY! This project adheres to Semantic Versioning.
- Fix safari header issue [nopbyte]
- Oauth2 Password Grant (#18) [Eduard Brehm]
- .travis: use ARG to redefine baseimage [Csaba Kiraly]
- Use ARG for Docker base image [Csaba Kiraly]
- Update port to db entity [nopbyte]
- Add port to database configuration (#17) [Eduard Brehm]
- Add database entity type but hidden, to support agile-sql [dp]
- Lint [dp]
- Constantly update auto-generated urls for the AGILE_HOST [dp]
- Include group lock [dp]
- Enable loading locks from modules inside upfront and start versioning separate agile-upfront-locks repository [dp]
- Refactor locks to external repo and update configuration file and code across repos [david]
- Update configuration for new features on the ui [david]
- Fix issue with group deletion detected through the UI [david]
- Upgrade to [email protected] inside agile-idm-core and here [david]
- Set ui configurations. Inital version of configuration files. [david]
- Do not declassify empty objects (unless the policy for the attribute instructs idm to do so) [david]
- Move keyword to set host on AGILE clients to just replace the hostname [david]
- Add endpoint to retrieve entity schema to have a more flexible UI for entities [david]
- Enable more flexible CORS [david]
- Remove old restriction for credentials.dropbox to be a string in default schema [david]
- Include meta policies and audit lock along with updates required for the idm-core configuration [david]
- Use agile-idm-core using new agile-policies component [david]
- New release including the Policy Decision Point, the Policy Administration Point and Audit component. [david]
- Add more information to the authentication information returned by IDM and fix config for idm-example, it got replaced at some point. [david]
- Remove node modules to avoid issues with travis before building in the Docerfile [david]
- Avoid building in the host which has side effects on docker build [david]
- Travis: upgrading build template [Csaba Kiraly]
-
policy enforcement over nested attributes, i.e. credentials.dropbox
-
support for the enforcement of strict json schema tdegrunt/jsonschema#173
-
Dropbox authentication
-
change the console-based script to generate users and clients to use the API without enforcement to ensure that policies were created for every entity
-
hash users' passwords
-
endpoints to reset passwords for own and other users if admin
-
endpoints to fetch and write attribute's policies
-
initial mockup of pdp for actions in the AGILE API (for initial integration)
-
add endpoint to delete an attribute
-
add endpoint to list all users, and groups
-
fix non-deterministic behaviour during login (sometimes another user was chosen).
-
fix group issue reported in agile-idm-entity-storage: groups now can be deleted without removing entities first. Before there was an inconsistency when this was the case.
-
fix issue when the same user logs is with different clients: when the same user used different clients simultaneously, there was only one session valid.
-
fix to ensure that the client id is propagated to the provider strategies. This allows strategies to create tokens for a particular oauth2 flow and for a particular client, to ensure that there are no race conditions.
-
fix add expiration time, and deletion of tokens that expired (when they are queried). Also a general cleanup of the token db happens whenever tokens are iterated, so we keep only tokens that are valid.
-
fix session sync issue between passport and tokens stored in the db (this was generating an error when integrated with OS.js from which the only way to recover is to delete cookies from the browser)
-
Oauth Server functionality:
-
implements the authorization code authorization flow see example here
-
implements the client credential authorization flow see example here
-
implements the implicit grant see example here
-
Storage:
-
Proper handling of Oauth2 clients (through entities of type client)
-
Storage of tokens
-
Generic storage of entities in leveldb
-
Policy Enforcement
-
Uses owner policies to handle visibility of private attributes, such as the user's password
-
Uses role policies (admin) to protect creation of new entities and setting of roles and passwords.