2020-11-06 10:44:25 +00:00
|
|
|
All notable changes to this project will be documented in this file.
|
|
|
|
|
|
|
|
|
|
The format is based on `Keep a Changelog <https://keepachangelog.com/en/1.0.0/>`_,
|
|
|
|
|
and this project adheres to `Semantic Versioning <https://semver.org/spec/v2.0.0.html>`_.
|
|
|
|
|
|
2023-04-07 16:09:44 +00:00
|
|
|
[0.0.24] - 2023-04-07
|
|
|
|
|
=====================
|
|
|
|
|
|
2023-04-07 16:05:06 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed avatar update. :pr:`121`
|
|
|
|
|
|
2023-04-05 12:32:20 +00:00
|
|
|
[0.0.23] - 2023-04-05
|
|
|
|
|
=====================
|
|
|
|
|
|
2023-03-17 16:35:05 +00:00
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Organization field. :pr:`116`
|
2023-03-17 23:51:09 +00:00
|
|
|
- ETag and Last-Modified headers on user photos. :pr:`116`
|
2023-03-30 21:14:39 +00:00
|
|
|
- Dynamic form validation :pr:`120`
|
2023-03-17 16:35:05 +00:00
|
|
|
|
2023-03-16 18:12:23 +00:00
|
|
|
Changed
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
- UX rework. Submenu addition. :pr:`114`
|
2023-03-17 23:38:56 +00:00
|
|
|
- Properly handle LDAP date timezones. :pr:`117`
|
2023-03-16 18:12:23 +00:00
|
|
|
|
2023-03-28 18:30:29 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- CSRF protection on every forms. :pr:`119`
|
|
|
|
|
|
2023-03-13 09:08:09 +00:00
|
|
|
[0.0.22] - 2023-03-13
|
|
|
|
|
=====================
|
|
|
|
|
|
2023-03-13 08:46:17 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
- faker is not imported anymore when the `clean` command is called.
|
|
|
|
|
|
2023-03-12 22:40:06 +00:00
|
|
|
[0.0.21] - 2023-03-12
|
|
|
|
|
=====================
|
|
|
|
|
|
2023-02-14 12:51:59 +00:00
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
2023-02-14 12:53:55 +00:00
|
|
|
- Display TOS and policy URI on the consent list page. :pr:`102`
|
|
|
|
|
- Admin token deletion :pr:`100` :pr:`101`
|
2023-02-14 17:43:43 +00:00
|
|
|
- Revoked consents can be restored. :pr:`103`
|
2023-02-14 20:55:46 +00:00
|
|
|
- Pre-consented clients are displayed in the user consent list,
|
|
|
|
|
and their consents can be revoked. :issue:`69` :pr:`103`
|
2023-02-26 18:48:07 +00:00
|
|
|
- A ``populate`` command can be used to fill the database with
|
|
|
|
|
random users generated with faker. :pr:`105`
|
2023-02-28 09:07:08 +00:00
|
|
|
- SMTP SSL support. :pr:`108`
|
2023-03-09 18:30:53 +00:00
|
|
|
- Server side pagination. :issue:`114` :pr:`111`
|
2023-03-11 11:52:36 +00:00
|
|
|
- Department number support. :issue:`129`
|
2023-03-11 19:11:55 +00:00
|
|
|
- Address edition support (but not in the OIDC claims yet) :pr:`112`
|
2023-03-11 21:34:29 +00:00
|
|
|
- Title edition support :pr:`113`
|
2023-02-14 12:51:59 +00:00
|
|
|
|
2023-01-30 18:58:00 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Client deletion also deletes related Consent, Token and
|
|
|
|
|
AuthorizationCode objects. :issue:`126` :pr:`98`
|
|
|
|
|
|
2023-02-23 17:32:17 +00:00
|
|
|
Changed
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
- Removed datatables.
|
|
|
|
|
|
2023-01-28 15:01:15 +00:00
|
|
|
[0.0.20] - 2023-01-28
|
|
|
|
|
=====================
|
|
|
|
|
|
2023-01-15 08:13:14 +00:00
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
2023-01-18 22:18:49 +00:00
|
|
|
- Spanish translation. :pr:`85` :pr:`88`
|
2023-01-22 11:48:15 +00:00
|
|
|
- Dedicated connectivity test email :pr:`89`
|
2023-01-22 11:59:11 +00:00
|
|
|
- Update to jquery 3.6.3 :pr:`90`
|
2023-01-22 11:57:17 +00:00
|
|
|
- Update to fomantic-ui 2.9.1 :pr:`90`
|
2023-01-22 12:04:24 +00:00
|
|
|
- Update to datatables 1.13.1 :pr:`90`
|
2023-01-15 08:13:14 +00:00
|
|
|
|
2023-01-15 08:16:12 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
2023-01-22 12:45:59 +00:00
|
|
|
- Fix typos and grammar errors. :pr:`84`
|
|
|
|
|
- Fix wording and punctuations. :pr:`86`
|
|
|
|
|
- Fix HTML lang tag :issue:`122` :pr:`87`
|
|
|
|
|
- Automatically trims the HTML translated strings. :pr:`91`
|
2023-01-28 13:04:04 +00:00
|
|
|
- Fixed dynamic registration scope management. :issue:`123` :pr:`93`
|
2023-01-15 08:16:12 +00:00
|
|
|
|
2023-01-14 17:24:14 +00:00
|
|
|
[0.0.19] - 2023-01-14
|
|
|
|
|
=====================
|
|
|
|
|
|
2023-01-13 19:26:35 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Ensures the token `expires_in` claim and the `access_token` `exp` claim
|
|
|
|
|
have the same value. :pr:`83`
|
|
|
|
|
|
2022-12-28 01:23:00 +00:00
|
|
|
[0.0.18] - 2022-12-28
|
|
|
|
|
=====================
|
|
|
|
|
|
2022-12-27 20:48:24 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- OIDC end_session was not returning the ``state`` parameter in the
|
|
|
|
|
``post_logout_redirect_uri`` :pr:`82`
|
|
|
|
|
|
2022-12-26 13:55:12 +00:00
|
|
|
[0.0.17] - 2022-12-26
|
2022-12-15 17:00:45 +00:00
|
|
|
=====================
|
|
|
|
|
|
2022-12-15 17:06:16 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed group deletion button. :pr:`80`
|
2022-12-15 17:00:45 +00:00
|
|
|
- Fixed post requests in oidc clients views. :pr:`81`
|
2022-12-15 17:06:16 +00:00
|
|
|
|
2022-12-15 11:45:12 +00:00
|
|
|
[0.0.16] - 2022-12-15
|
|
|
|
|
=====================
|
|
|
|
|
|
2022-12-15 11:41:31 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed LDAP operational attributes handling.
|
|
|
|
|
|
2022-12-15 11:00:07 +00:00
|
|
|
[0.0.15] - 2022-12-15
|
|
|
|
|
=====================
|
|
|
|
|
|
2022-12-02 17:47:16 +00:00
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- User can chose their favourite display name. :pr:`77`
|
2022-12-06 16:46:24 +00:00
|
|
|
- Bumped to authlib 1.2. :pr:`78`
|
2022-10-24 15:18:46 +00:00
|
|
|
- Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management
|
|
|
|
|
Protocol :pr:`79`
|
2022-12-15 10:59:00 +00:00
|
|
|
- Added ``nonce`` to the ``claims_supported`` server metadata list.
|
2022-12-02 17:47:16 +00:00
|
|
|
|
2022-11-29 17:13:02 +00:00
|
|
|
[0.0.14] - 2022-11-29
|
2022-11-25 20:39:22 +00:00
|
|
|
=====================
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
- Fixed translation mo files packaging.
|
|
|
|
|
|
2022-11-21 16:50:22 +00:00
|
|
|
[0.0.13] - 2022-11-21
|
2022-10-26 15:44:50 +00:00
|
|
|
=====================
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed a bug on the contacts field in the admin client form following
|
|
|
|
|
the LDAP schema update of 0.0.12
|
2022-10-26 16:09:02 +00:00
|
|
|
- Fixed a bug happening during RP initiated logout on clients without
|
|
|
|
|
`post_logout_redirect_uri` defined.
|
2022-11-14 17:11:35 +00:00
|
|
|
- Gitlab CI fix. :pr:`64`
|
2022-11-14 17:23:19 +00:00
|
|
|
- Fixed `client_secret` display on the client administration page. :pr:`65`
|
2022-11-15 10:46:44 +00:00
|
|
|
- Fixed non-square logo CSS. :pr:`67`
|
2022-11-15 11:00:34 +00:00
|
|
|
- Fixed schema path on installation. :pr:`68`
|
2022-11-15 18:02:45 +00:00
|
|
|
- Fixed RFC7591 ``software_statement`` claim support. :pr:`70`
|
2022-11-16 16:36:16 +00:00
|
|
|
- Fixed client preconsent disabling. :pr:`72`
|
2022-10-26 15:44:50 +00:00
|
|
|
|
2022-11-01 10:49:26 +00:00
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Python 3.11 support. :pr:`61`
|
2022-11-14 17:32:31 +00:00
|
|
|
- apparmor slapd configuration instructions in CONTRIBUTING.rst :pr:`66`
|
2022-11-20 21:12:18 +00:00
|
|
|
- ``preferredLanguage`` attribute support. :pr:`75`
|
2022-11-01 10:49:26 +00:00
|
|
|
|
2022-11-01 11:56:07 +00:00
|
|
|
Changed
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
- Replaced the use of the deprecated `FLASK_ENV` environment variable by
|
|
|
|
|
`FLASK_DEBUG`.
|
2022-11-16 15:46:40 +00:00
|
|
|
- Dynamically generate the server metadata. Users won't have to copy and
|
|
|
|
|
manually edit ``oauth-authorizationserver.json`` and
|
|
|
|
|
``openid-configuration.json``. :pr:`71`
|
2022-11-14 17:59:07 +00:00
|
|
|
- The `FROM_ADDR` configuration option is not mandatory anymore. :pr:`73`
|
2022-11-17 16:44:54 +00:00
|
|
|
- The `JWT.ISS` configuration option is not mandatory anymore. :pr:`74`
|
2022-11-01 11:56:07 +00:00
|
|
|
|
2022-10-24 08:31:35 +00:00
|
|
|
[0.0.12] - 2022-10-24
|
2022-10-03 15:25:32 +00:00
|
|
|
=====================
|
|
|
|
|
|
|
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Basic WebFinger endpoint. :pr:`59`
|
2022-10-21 12:33:17 +00:00
|
|
|
- Bumped to FomanticUI 2.9.0 00ffffee
|
2022-10-19 19:57:25 +00:00
|
|
|
- Implemented Dynamic Client Registration :pr:`60`
|
2022-10-03 15:25:32 +00:00
|
|
|
|
2022-08-11 10:26:52 +00:00
|
|
|
[0.0.11] - 2022-08-11
|
2022-08-01 07:58:12 +00:00
|
|
|
=====================
|
|
|
|
|
|
|
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Default theme has a dark variant. :pr:`57`
|
|
|
|
|
|
2022-08-11 10:26:52 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed missing ``canaille`` binary. :pr:`58`
|
|
|
|
|
|
2022-07-07 15:02:16 +00:00
|
|
|
[0.0.10] - 2022-07-07
|
2022-07-07 14:05:34 +00:00
|
|
|
=====================
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
2022-07-07 15:02:16 +00:00
|
|
|
- Online demo. :pr:`55`
|
2022-07-07 14:05:34 +00:00
|
|
|
- The consent page was displaying scopes not supported by clients. :pr:`56`
|
2022-07-07 14:28:28 +00:00
|
|
|
- Fixed end session when user are already disconnected.
|
2022-07-07 14:05:34 +00:00
|
|
|
|
2022-06-05 16:30:29 +00:00
|
|
|
[0.0.9] - 2022-06-05
|
2022-04-05 07:49:45 +00:00
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- ``DISABLE_PASSWORD_RESET`` configuration option to disable password recovery. :pr:`46`
|
2022-04-05 15:16:09 +00:00
|
|
|
- ``edit_self`` ACL permission to control user self edition. :pr:`47`
|
2022-05-20 12:07:56 +00:00
|
|
|
- Implemented RP-initiated logout :pr:`54`
|
2022-06-02 15:53:58 +00:00
|
|
|
|
|
|
|
|
Changed
|
|
|
|
|
*******
|
|
|
|
|
|
2022-04-10 14:00:51 +00:00
|
|
|
- Bumped to authlib 1 :pr:`48`
|
2022-06-02 15:53:58 +00:00
|
|
|
- documentation improvements :pr:`50`
|
|
|
|
|
- use poetry instead of setuptools :pr:`51`
|
|
|
|
|
- additional nonce tests :pr:`52`
|
2022-04-05 07:49:45 +00:00
|
|
|
|
2022-04-06 15:32:11 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
- ``HIDE_INVALID_LOGIN`` behavior and default value.
|
2022-06-02 15:53:58 +00:00
|
|
|
- mo files are not versionned anymore :pr:`49` :pr:`53`
|
2022-04-05 07:49:45 +00:00
|
|
|
|
|
|
|
|
[0.0.8] - 2022-03-15
|
2022-03-15 11:15:18 +00:00
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
2022-03-15 13:42:32 +00:00
|
|
|
- Fixed dependencies
|
|
|
|
|
|
|
|
|
|
[0.0.7] - 2022-03-15
|
|
|
|
|
====================
|
2022-03-15 11:15:18 +00:00
|
|
|
|
2022-03-15 13:42:32 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed spaces and escaped special char in ldap cn/dn :pr:`43`
|
2022-03-15 11:15:18 +00:00
|
|
|
|
2022-03-08 18:43:18 +00:00
|
|
|
[0.0.6] - 2022-03-08
|
|
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Changed
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
- Access token are JWT. :pr:`38`
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Default groups on invitations :pr:`41`
|
|
|
|
|
- Schemas are shipped within the canaille package :pr:`42`
|
|
|
|
|
|
2022-03-03 09:58:25 +00:00
|
|
|
[0.0.5] - 2022-02-17
|
|
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Changed
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
- LDAP model objects have new identifiers :pr:`37`
|
|
|
|
|
|
2022-03-08 18:43:18 +00:00
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Admin menu dropdown display :pr:`39`
|
|
|
|
|
- `GROUP_ID_ATTRIBUTE` configuration typo :pr:`40`
|
|
|
|
|
|
2022-02-16 18:41:17 +00:00
|
|
|
[0.0.4] - 2022-02-16
|
|
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Client preauthorization :pr:`11`
|
|
|
|
|
- LDAP permissions check with the check command :pr:`12`
|
|
|
|
|
- Update consents when a scope required is larger than the scope of an already
|
|
|
|
|
given consent :pr:`13`
|
|
|
|
|
- Theme customization :pr:`15`
|
|
|
|
|
- Logging configuration :pr:`16`
|
|
|
|
|
- Installation command :pr:`17`
|
|
|
|
|
- Invitation links :pr:`18`
|
|
|
|
|
- Advanced permissions :pr:`20`
|
|
|
|
|
- An option to not use OIDC :pr:`23`
|
|
|
|
|
- Disable some features when no SMTP server is configured :pr:`24`
|
|
|
|
|
- Login placeholder dynamically generated according to the configuration :pr:`25`
|
|
|
|
|
- Added an option to tune object IDs :pr:`26`
|
|
|
|
|
- Avatar support :pr:`27`
|
|
|
|
|
- Dynamical and configurable JWT claims :pr:`28`
|
|
|
|
|
- UI improvemnts :pr:`29`
|
|
|
|
|
- Invitation links expiration :pr:`30`
|
|
|
|
|
- Invitees can choose their IDs :pr:`31`
|
|
|
|
|
- LDAP backend refactoring :pr:`35`
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Fixed ghost members in a group :pr:`14`
|
|
|
|
|
- Fixed email sender names :pr:`19`
|
|
|
|
|
- Fixed filter being not escaped :pr:`21`
|
|
|
|
|
- Demo script good practices :pr:`32`
|
|
|
|
|
- Binary path for Debian :pr:`33`
|
|
|
|
|
- Last name was not mandatory in the forms while this was mandatory
|
|
|
|
|
in the LDAP server :pr:`34`
|
|
|
|
|
- Spelling typos :pr:`36`
|
|
|
|
|
|
2021-10-13 10:18:45 +00:00
|
|
|
[0.0.3] - 2021-10-13
|
|
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Two-steps sign-in :issue:`49`
|
|
|
|
|
- Tokens can have several audiences. :issue:`62` :pr:`9`
|
|
|
|
|
- Configuration check command. :issue:`66` :pr:`8`
|
|
|
|
|
- Groups managament. :issue:`12` :pr:`6`
|
|
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Introspection access bugfix. :issue:`63` :pr:`10`
|
|
|
|
|
- Introspection sub claim. :issue:`64` :pr:`7`
|
2020-11-06 10:44:25 +00:00
|
|
|
|
2021-01-06 16:42:16 +00:00
|
|
|
[0.0.2] - 2021-01-06
|
|
|
|
|
====================
|
|
|
|
|
|
2020-11-06 10:44:25 +00:00
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Login page is responsive. :issue:`1`
|
|
|
|
|
- Adapt mobile keyboards to login page fields. :issue:`2`
|
|
|
|
|
- Password recovery interface. :issue:`3`
|
|
|
|
|
- User profile interface. :issue:`4`
|
|
|
|
|
- Renamed the project *canaille*. :issue:`5`
|
|
|
|
|
- Command to remove old tokens. :issue:`17`
|
|
|
|
|
- Improved password recovery email. :issue:`14` :issue:`26`
|
|
|
|
|
- Use flask `SERVER_NAME` configuration variable instead of `URL`. :issue:`24`
|
|
|
|
|
- Improved consents page. :issue:`27`
|
|
|
|
|
- Admin user page. :issue:`8`
|
|
|
|
|
- Project logo. :pr:`29`
|
2021-01-01 15:42:13 +00:00
|
|
|
- User account self-deletion can be enabled in the configuration with `SELF_DELETION`. :issue:`35`
|
2020-12-11 12:02:44 +00:00
|
|
|
- Admins can impersonate users. :issue:`39`
|
2021-01-01 14:29:55 +00:00
|
|
|
- Forgotten page UX improvement. :pr:`43`
|
2020-11-23 16:32:40 +00:00
|
|
|
- Admins can remove clients. :pr:`45`
|
2021-01-01 14:00:05 +00:00
|
|
|
- Option `HIDE_INVALID_LOGIN` that can be unactivated to let the user know if
|
|
|
|
|
the login he attempt to sign in with exists or not. :pr:`48`
|
2021-01-06 16:20:50 +00:00
|
|
|
- Password initialization mail. :pr:`51`
|
2020-11-06 10:44:25 +00:00
|
|
|
|
|
|
|
|
Fixed
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Form translations. :issue:`19` :issue:`23`
|
|
|
|
|
- Avoid to use Google Fonts. :issue:`21`
|
|
|
|
|
|
|
|
|
|
Removed
|
|
|
|
|
*******
|
|
|
|
|
|
|
|
|
|
- 'My tokens' page. :issue:`22`
|
|
|
|
|
|
|
|
|
|
[0.0.1] - 2020-10-21
|
|
|
|
|
====================
|
|
|
|
|
|
|
|
|
|
Added
|
|
|
|
|
*****
|
|
|
|
|
|
|
|
|
|
- Initial release.
|
