0.5.0

[0.5.0] - 2024-11-13

This release includes a user-mapping plugin system that enables dynamic user-mapping between OpenID Connect users and iRODS users. It also includes improved security through token validation.

User-mapping functionality from previous versions of the HTTP API is now provided through the user-mapping plugin system. See Mapping OpenID Users to iRODS for details.

Changed

• Improve documentation for tls_certificates_directory OIDC property (#243).
• Provide clear message on OIDC connection error (#244).
• Collapse management of version number to single point of control (#269).
• Improve handling of inaccessible configuration file on startup (#337).

Fixed

• Disable SIGPIPE signal for iRODS connections (#333).
• Server no longer enters infinite loop when listening socket is already bound (#335).
• Server verifies OIDC-mapped iRODS username exists in catalog before returning bearer token (#338).
• Server terminates on startup if configuration received from OIDC Provider does not contain required information (#356).
• Leave space for null-terminating byte in destination buffer when using std::string::copy (#365).

Added

• Implement validation of OIDC ID tokens in client mode (#107).
• Implement validation of OAuth Token Introspection response (#270).
• Implement user-mapping plugin system (#293).
• Implement local validation of JWT Access Tokens (#343, #359).

0.4.0

0.4.0 Release

0.3.0

0.3.0 Release

0.2.0

0.2.0 Release

0.1.0

0.1.0 Release