Version 0.12.0

Bug Fixes

• Fix token validation with custom domain.

Feature Enhancements

• Adds tokenclient module. It allows to request client credentials tokens as documented here. It is integrated into middleware, and the mockserver.
• Adds httpclient module, that serves default tls config and http client, that is used as fallback by the middleware and the tokenclient.

Incompatible Changes

• Move/rename auth.OAuthConfig interface to env.Identity and enhance interface incompatible with:

  IsCertificateBased() bool 

• Rename env.Identity interface to env.DefaultIdentity
• Rename GetIASConfig to ParseIdentityConfig

  env.GetIASConfig() (*DefaultIdentity, error)

  to

  env.ParseIdentityConfig() (Identity, error)

Dependency Upgrades

• github.com/lestrrat-go/jwx from 1.2.6 to 1.2.12

Version 0.11.0

• Go1.15 is deprecated and no longer supported. Bump minimum required version to go1.16.
• env.GetIASConfig() supports kubernetes secrets (service catalog) as documented here.

Version 0.10.1

For the sake of compatibility mockserver should by default accept any zone.
Configure mockserver with claims.ZoneID = mocks.InvalidZoneID to provoke such an error.

Version 0.10.0

• Support of ias custom domains.
  Identity service provides the ias issuer with ias_iss claim in case token was issued for ias custom domain. #19
• Multi-tenancy support.
  Checks IAS domain only, and validates whether zone is known by IAS tenant every 15 minutes #16
• upgrade dependencies
  • github.com/lestrrat-go/jwx from 1.1.7 to 1.2.4
  • github.com/google/uuid from 1.2.0 to 1.3.0.

Version 0.9.0

Identity service provides list of domains via VCAP_SERVICES credentials. This is now supported. Instead of domain make use of domains.