Releases: OpenConext/Stepup-Gateway
Releases · OpenConext/Stepup-Gateway
5.0.0-beta4
Full Changelog: 5.0.0-beta3...5.0.0-beta4
5.0.0-beta3
What's Changed
- Finish work on the SSO on 2FA feature by @MKodde in #288
- Bump semver from 5.7.1 to 5.7.2 by @dependabot in #289
- Resolve SF deprecation warnings by @MKodde in #290
- Repair the Selenium Behat tests by @MKodde in #291
- Verify the SSO cookie expiration date by @MKodde in #293
- Update SSO docs by @pmeulen in #292
- Ensure the SF is not revoked before SSO is given by @MKodde in #294
- Require step up auth when cookie is broken by @MKodde in #296
- Address some remaining SSO on 2FA issues by @MKodde in #295
- Clean up unused, and confusing parameter by @MKodde in #300
- Set SameSite response header to None by @MKodde in #298
- Reset the SSO cookie on every real 2FA authentication by @MKodde in #301
- Simplify cookie write conditions and other improvements by @MKodde in #302
- Remove "Stepup Gateway" title from header by @phavekes in #303
- Bump postcss from 8.4.25 to 8.4.31 by @dependabot in #305
- Bump @babel/traverse from 7.22.8 to 7.23.2 by @dependabot in #306
- Bump symfony/twig-bridge from 4.4.49 to 4.4.51 by @dependabot in #309
- Feature/docker configs by @quartje in #308
- Verify the GSSP response is valid by @MKodde in #307
- Fix missing negation in test for issuing "failed" log message by @thijskh in #311
- Ensure consume_assertion.html.twig is rendered once by @MKodde in #313
- Bump follow-redirects from 1.15.2 to 1.15.4 by @dependabot in #314
- Prevent state issues by actually clearing the state by @MKodde in #315
- Store SSO cookie only when authn was a success by @MKodde in #316
- Bump follow-redirects from 1.15.4 to 1.15.6 by @dependabot in #317
- GHA: Add action to build and publish a test container by @quartje in #310
New Contributors
Full Changelog: 4.1.3...5.0.0-beta3
Contributors
pmeulen, phavekes, and 4 other contributors
Assets 4
5.0.0-beta2
Full Changelog: 5.0.0-beta1...5.0.0-beta2
4.2.6
Store SSO cookie only when authn was a success When the user would cancel the authentication, the response rendering service would still write the SSO cookie. Handing out SSO without an actual successful authentication taken place This was issue was fixed in the three scenarios where a SSO cookie can be created. 1. On the regular gateway authentication 2. On the second factor only respond action 3. When the response is an ADFS response https://www.pivotaltracker.com/story/show/186951513
4.2.6-beta1
New Features
- OpenConext/Stepup-Gateway into feature/sso-doc-update (e4c6e2a by @pmeulen)
- ADFS SFO plugin specific parameters are not returned on GSSP error (b08bdd1 by @pmeulen)
- esi, fragments not used so disable (9f2a23f by @thijskh)
- OpenConext/Stepup-Gateway into develop (ca94210 by @MKodde)
- OpenConext/Stepup-Gateway into feature/implement-state-handling-to-allow-sfo-and-sso (cac8dbd by @pablothedude)
- "server_version" configurable (d59845e by @MKodde)
- typo (bca700d by @pmeulen)
- AuthnRequest description contains RequestedID instead of Subject (560d33e by @pmeulen)
- setNameId expects key 'Value', not 'ValueValue'. (c716907 by @thijskh, 2d9c20a by @thijskh)
- Require PHP 5.6.x, test on 5.6 and 7.0 (3e4edde)
- make explicit that verivyAuthnContextClassRef returns a string or null (39383b7)
- false' to enable CI on Travis' new container infrastructure (9343e46)
- DENY header (8a0a4d4)
- SURFnet/Stepup-Gateway into maintenance/update-symfony-2.6.6 (3d85160)
- Match reference to button text in {gateway.form.gateway_send_sms_challenge.button.send_challenge} (aab3b2d by @pmeulen)
- Typos (867dfc1 by @pmeulen)
- Missing translation for gateway.form.verify_sms_challenge.text.challenge (a700fa7 by @pmeulen)
- ( (f034751)
- hammer: YAML syntax. (2a0d467)
Full Changelog: 4.2.5...4.2.6-beta1
Contributors
pmeulen, thijskh, and 2 other contributors
Assets 4
4.2.5-beta1
Full Changelog: 4.2.4...4.2.5-beta1
4.2.5
Full Changelog: 4.2.4...4.2.5
4.2.4
Full Changelog: 4.2.3...4.2.4
4.2.4-beta2
New Features
- OpenConext/Stepup-Gateway into feature/sso-doc-update (e4c6e2a by @pmeulen)
- ADFS SFO plugin specific parameters are not returned on GSSP error (b08bdd1 by @pmeulen)
- esi, fragments not used so disable (9f2a23f by @thijskh)
- OpenConext/Stepup-Gateway into develop (ca94210 by @MKodde)
- OpenConext/Stepup-Gateway into feature/implement-state-handling-to-allow-sfo-and-sso (cac8dbd by @pablothedude)
- "server_version" configurable (d59845e by @MKodde)
- typo (bca700d by @pmeulen)
- AuthnRequest description contains RequestedID instead of Subject (560d33e by @pmeulen)
- setNameId expects key 'Value', not 'ValueValue'. (c716907 by @thijskh, 2d9c20a by @thijskh)
- Require PHP 5.6.x, test on 5.6 and 7.0 (3e4edde)
- make explicit that verivyAuthnContextClassRef returns a string or null (39383b7)
- false' to enable CI on Travis' new container infrastructure (9343e46)
- DENY header (8a0a4d4)
- SURFnet/Stepup-Gateway into maintenance/update-symfony-2.6.6 (3d85160)
- Match reference to button text in {gateway.form.gateway_send_sms_challenge.button.send_challenge} (aab3b2d by @pmeulen)
- Typos (867dfc1 by @pmeulen)
- Missing translation for gateway.form.verify_sms_challenge.text.challenge (a700fa7 by @pmeulen)
- ( (f034751)
- hammer: YAML syntax. (2a0d467)
Full Changelog: 4.2.4-beta...4.2.4-beta2
Contributors
pmeulen, thijskh, and 2 other contributors
Assets 4
4.2.4-beta
Full Changelog: 4.2.3...4.2.4-beta