Skip to content

INDIGO Identity and Access Management Service v1.8.3
Compare
Choose a tag to compare
@enricovianello enricovianello released this 20 Dec 10:18
· 73 commits to master since this release
v1.8.3
07b5dd4
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Recommendations

It is strongly recommended to make a backup of your database before upgrading to v1.8.3 because several migrations are planned. Also, remember that for updates from versions prior to v1.7.2 you must first upgrade to v1.7.2.
The migration to v1.8.3 will take an amount of time which will be proportional to the amount of currently active access tokens. This means that if you are deploying IAM with some kind of liveness and readiness probes, it's probably better to switch them off before upgrading. This migration may take a long time.

Changed

  • Save access token value as an hash in order to use lighter db indexes and avoid conflicts by @rmiccoli in #613
  • Avoid upper case characters into VO names by @SteDev2 in #616
  • Enable Redis scope matchers and well-known endpoint caching by @federicaagostini in #633
  • Consider scope matcher based on string equality for custom scopes by @rmiccoli in #642

Added

Fixed

  • Allow to add certificates with the same subject DN by @rmiccoli in #624
  • Delete unsupported response types by @rmiccoli in #610
  • Fix management of tokens lifetime following RFC9068 by @federicaagostini in #620
  • Fix CERN Restore workflow by @hannahshort in #645
  • Fix authz code flow with PKCE for IAM test client application by @rmiccoli in #653
  • Fix authorization on IAM APIs such to avoid cases where access is granted to already approved scopes instead of effective token scopes by @enricovianello in #664

New Contributors

Contributors

enricovianello, hannahshort, and 4 other contributors
Assets 2
Loading