2018-11-27 13:23:37 +02:00
|
|
|
# Vx.x.x (Pre-release)
|
|
|
|
|
2019-04-12 11:27:42 +02:00
|
|
|
## Changes since v3.2.0
|
2019-02-15 20:29:24 +02:00
|
|
|
- [#52](https://github.com/pusher/oauth2_proxy/pull/52) Logging Improvements
|
|
|
|
- Implement flags to configure file logging
|
|
|
|
- `-logging-filename` Defines the filename to log to
|
|
|
|
- `-logging-max-size` Defines the maximum
|
|
|
|
- `-logging-max-age` Defines the maximum age of backups to retain
|
|
|
|
- `-logging-max-backups` Defines the maximum number of rollover log files to retain
|
|
|
|
- `-logging-compress` Defines if rollover log files should be compressed
|
|
|
|
- `-logging-local-time` Defines if logging date and time should be local or UTC
|
|
|
|
- Implement two new flags to enable or disable specific logging types
|
|
|
|
- `-standard-logging` Enables or disables standard (not request or auth) logging
|
|
|
|
- `-auth-logging` Enables or disables auth logging
|
|
|
|
- Implement two new flags to customize the logging format
|
|
|
|
- `-standard-logging-format` Sets the format for standard logging
|
|
|
|
- `-auth-logging-format` Sets the format for auth logging
|
2019-04-12 11:27:42 +02:00
|
|
|
|
|
|
|
# v3.2.0
|
|
|
|
|
|
|
|
## Release highlights
|
|
|
|
- Internal restructure of session state storage to use JSON rather than proprietary scheme
|
|
|
|
- Added health check options for running on GCP behind a load balancer
|
|
|
|
- Improved support for protecting websockets
|
|
|
|
- Added provider for login.gov
|
|
|
|
- Allow manual configuration of OIDC providers
|
|
|
|
|
|
|
|
## Important notes
|
|
|
|
- Dockerfile user is now non-root, this may break your existing deployment
|
|
|
|
- In the OIDC provider, when no email is returned, the ID Token subject will be used
|
|
|
|
instead of returning an error
|
|
|
|
- GitHub user emails must now be primary and verified before authenticating
|
|
|
|
|
2019-02-08 13:57:17 +02:00
|
|
|
## Changes since v3.1.0
|
|
|
|
|
2019-03-11 19:55:02 +02:00
|
|
|
- [#96](https://github.com/bitly/oauth2_proxy/pull/96) Check if email is verified on GitHub (@caarlos0)
|
2019-03-20 23:44:01 +02:00
|
|
|
- [#110](https://github.com/pusher/oauth2_proxy/pull/110) Added GCP healthcheck option (@timothy-spencer)
|
2019-03-22 23:41:55 +02:00
|
|
|
- [#112](https://github.com/pusher/oauth2_proxy/pull/112) Improve websocket support (@gyson)
|
2019-03-20 15:59:24 +02:00
|
|
|
- [#63](https://github.com/pusher/oauth2_proxy/pull/63) Use encoding/json for SessionState serialization (@yaegashi)
|
|
|
|
- Use JSON to encode session state to be stored in browser cookies
|
|
|
|
- Implement legacy decode function to support existing cookies generated by older versions
|
|
|
|
- Add detailed table driven tests in session_state_test.go
|
2019-04-09 14:00:17 +02:00
|
|
|
- [#120](https://github.com/pusher/oauth2_proxy/pull/120) Encrypting user/email from cookie (@costelmoraru)
|
2019-03-20 15:44:51 +02:00
|
|
|
- [#55](https://github.com/pusher/oauth2_proxy/pull/55) Added login.gov provider (@timothy-spencer)
|
|
|
|
- [#55](https://github.com/pusher/oauth2_proxy/pull/55) Added environment variables for all config options (@timothy-spencer)
|
2019-03-15 09:18:37 +02:00
|
|
|
- [#70](https://github.com/pusher/oauth2_proxy/pull/70) Fix handling of splitted cookies (@einfachchr)
|
2019-03-08 10:15:21 +02:00
|
|
|
- [#92](https://github.com/pusher/oauth2_proxy/pull/92) Merge websocket proxy feature from openshift/oauth-proxy (@butzist)
|
2019-03-08 14:41:15 +02:00
|
|
|
- [#57](https://github.com/pusher/oauth2_proxy/pull/57) Fall back to using OIDC Subject instead of Email (@aigarius)
|
2019-03-05 21:42:11 +02:00
|
|
|
- [#85](https://github.com/pusher/oauth2_proxy/pull/85) Use non-root user in docker images (@kskewes)
|
2019-02-22 09:49:57 +02:00
|
|
|
- [#68](https://github.com/pusher/oauth2_proxy/pull/68) forward X-Auth-Access-Token header (@davidholsgrove)
|
2019-03-04 15:54:22 +02:00
|
|
|
- [#41](https://github.com/pusher/oauth2_proxy/pull/41) Added option to manually specify OIDC endpoints instead of relying on discovery
|
2019-03-05 16:07:10 +02:00
|
|
|
- [#83](https://github.com/pusher/oauth2_proxy/pull/83) Add `id_token` refresh to Google provider (@leki75)
|
2019-03-05 16:58:26 +02:00
|
|
|
- [#10](https://github.com/pusher/oauth2_proxy/pull/10) fix redirect url param handling (@dt-rush)
|
2019-04-09 23:42:17 +02:00
|
|
|
- [#122](https://github.com/pusher/oauth2_proxy/pull/122) Expose -cookie-path as configuration parameter (@costelmoraru)
|
2019-04-12 12:15:29 +02:00
|
|
|
- [#124](https://github.com/pusher/oauth2_proxy/pull/124) Use Go 1.12 for testing and build environments (@syscll)
|
2019-02-22 09:49:57 +02:00
|
|
|
|
2019-02-08 13:57:17 +02:00
|
|
|
# v3.1.0
|
|
|
|
|
|
|
|
## Release highlights
|
|
|
|
|
|
|
|
- Introduction of ARM releases and and general improvements to Docker builds
|
|
|
|
- Improvements to OIDC provider allowing pass-through of ID Tokens
|
|
|
|
- Multiple redirect domains can now be whitelisted
|
|
|
|
- Streamed responses are now flushed periodically
|
|
|
|
|
|
|
|
## Important notes
|
|
|
|
|
2019-02-08 16:16:41 +02:00
|
|
|
- If you have been using [#bitly/621](https://github.com/bitly/oauth2_proxy/pull/621)
|
|
|
|
and have cookies larger than the 4kb limit,
|
|
|
|
the cookie splitting pattern has changed and now uses `_` in place of `-` when
|
|
|
|
indexing cookies.
|
|
|
|
This will force users to reauthenticate the first time they use `v3.1.0`.
|
|
|
|
- Streamed responses will now be flushed every 1 second by default.
|
|
|
|
Previously streamed responses were flushed only when the buffer was full.
|
|
|
|
To retain the old behaviour set `--flush-interval=0`.
|
|
|
|
See [#23](https://github.com/pusher/oauth2_proxy/pull/23) for further details.
|
2019-02-08 13:57:17 +02:00
|
|
|
|
2019-01-14 12:07:22 +02:00
|
|
|
## Changes since v3.0.0
|
|
|
|
|
2019-01-22 13:36:52 +02:00
|
|
|
- [#14](https://github.com/pusher/oauth2_proxy/pull/14) OIDC ID Token, Authorization Headers, Refreshing and Verification (@joelspeed)
|
|
|
|
- Implement `pass-authorization-header` and `set-authorization-header` flags
|
|
|
|
- Implement token refreshing in OIDC provider
|
|
|
|
- Split cookies larger than 4k limit into multiple cookies
|
|
|
|
- Implement token validation in OIDC provider
|
2019-02-08 16:16:41 +02:00
|
|
|
- [#15](https://github.com/pusher/oauth2_proxy/pull/15) WhitelistDomains (@joelspeed)
|
2019-01-22 14:01:37 +02:00
|
|
|
- Add `--whitelist-domain` flag to allow redirection to approved domains after OAuth flow
|
2019-01-22 12:11:40 +02:00
|
|
|
- [#21](https://github.com/pusher/oauth2_proxy/pull/21) Docker Improvement (@yaegashi)
|
|
|
|
- Move Docker base image from debian to alpine
|
|
|
|
- Install ca-certificates in docker image
|
2019-02-08 16:16:41 +02:00
|
|
|
- [#23](https://github.com/pusher/oauth2_proxy/pull/23) Flushed streaming responses
|
2019-01-31 16:02:15 +02:00
|
|
|
- Long-running upstream responses will get flushed every <timeperiod> (1 second by default)
|
2019-01-29 14:13:02 +02:00
|
|
|
- [#24](https://github.com/pusher/oauth2_proxy/pull/24) Redirect fix (@agentgonzo)
|
|
|
|
- After a successful login, you will be redirected to your original URL rather than /
|
2019-01-31 20:52:08 +02:00
|
|
|
- [#35](https://github.com/pusher/oauth2_proxy/pull/35) arm and arm64 binary releases (@kskewes)
|
|
|
|
- Add armv6 and arm64 to Makefile `release` target
|
2019-02-02 01:08:19 +02:00
|
|
|
- [#37](https://github.com/pusher/oauth2_proxy/pull/37) cross build arm and arm64 docker images (@kskewes)
|
2019-01-22 12:11:40 +02:00
|
|
|
|
2019-01-14 12:07:22 +02:00
|
|
|
# v3.0.0
|
|
|
|
|
|
|
|
Adoption of OAuth2_Proxy by Pusher.
|
|
|
|
Project was hard forked and tidied however no logical changes have occurred since
|
|
|
|
v2.2 as released by Bitly.
|
|
|
|
|
2018-11-27 13:23:37 +02:00
|
|
|
## Changes since v2.2:
|
|
|
|
|
2019-01-14 12:47:01 +02:00
|
|
|
- [#7](https://github.com/pusher/oauth2_proxy/pull/7) Migration to Pusher (@joelspeed)
|
2019-01-14 12:07:22 +02:00
|
|
|
- Move automated build to debian base image
|
|
|
|
- Add Makefile
|
|
|
|
- Update CI to run `make test`
|
|
|
|
- Update Dockerfile to use `make clean oauth2_proxy`
|
|
|
|
- Update `VERSION` parameter to be set by `ldflags` from Git Status
|
|
|
|
- Remove lint and test scripts
|
|
|
|
- Remove Go v1.8.x from Travis CI testing
|
|
|
|
- Add CODEOWNERS file
|
|
|
|
- Add CONTRIBUTING guide
|
|
|
|
- Add Issue and Pull Request templates
|
|
|
|
- Add Dockerfile
|
|
|
|
- Fix fsnotify import
|
|
|
|
- Update README to reflect new repository ownership
|
|
|
|
- Update CI scripts to separate linting and testing
|
|
|
|
- Now using `gometalinter` for linting
|
|
|
|
- Move Go import path from `github.com/bitly/oauth2_proxy` to `github.com/pusher/oauth2_proxy`
|
|
|
|
- Repository forked on 27/11/18
|
|
|
|
- README updated to include note that this repository is forked
|
|
|
|
- CHANGLOG created to track changes to repository from original fork
|