- Fix panic when cert not found in Windows cert store
- Correctly set RelayState during IDP initiated login
- Add env vars for Windows Certificate Store
- Improve error handling in OIDC connectors
- Add support for reloadable cache
- Allow SAML client to support both IDP initiated login and verified SP login
Internal improvements and maintenance updates.
- Add windowsclientauthenticator connector to orchestrator
- Expose jose.JSONWebKeySet in v2 SE
Internal improvements and maintenance updates.
Internal improvements and maintenance updates.
- Add support for GetFloat and SetFloat in Service Extensions
- Add support for GetTime and SetTime in Service Extensions
Internal improvements and maintenance updates.
- Add support for GetInt and SetInt in Service Extensions
- Fix issue of cache manager not being repopulated on reload
- Add support for GetBool and SetBool in Service Extensions
Internal improvements and maintenance updates.
Internal improvements and maintenance updates.
- Set maverics cookie in proxy apps and API SEs
- OIDCProvider validate HTTP method used in token and auth endpoints
Internal improvements and maintenance updates.
Internal improvements and maintenance updates.
- Correct policy matching in proxy apps to be case-insensitive
- Add optional nameIDFormat configuration to samlprovider app
- Register SAML endpoints in case-insensitive manor
- OIDC endpoints should are registered in case-insensitive manor
Internal improvements and maintenance updates.
- Implement TAIProvider interface for Service Extensions
- Update log package to fix panic observed when running as non windows admin
- Rotate refresh tokens on use per OAuth security best practices
Internal improvements and maintenance updates.
- Implement token revocation for JWT
- Store JWT tokens in the cache
Internal improvements and maintenance updates.
Internal improvements and maintenance updates.
- Expose GetBytes, GetAny, and SetBytes on Service Extension session provider implementations
Internal improvements and maintenance updates.
- SAMLProvider validates signed authn requests received via HTTP-Redirect binding
- Implement v2.Session API for Service Extensions for OIDC Provider
- Add post logout redirect URL to proxy apps
- Return all claims for opaque access token
- Add logout to proxy apps
Internal improvements and maintenance updates.
- Add clock skew leeway for SAML Authn requests
- Stop Maverics process on failure to bind to a port
- Add support for IDP initiated login for app of type SAML
- Add support for HTTP Redirect binding in the SAML auth provider
- Organize LDAP Provider in preparation for SASL / GSS-SPNEGO / NTLM work
- Improve attribute loading error handling in proxy apps
- Add query params matching in proxy apps policies
- Add handleUnauthorizedSE to proxy apps
- Add upstream login extension to proxy apps
- Add support for IDP initiated login for the SAML provider
- Add ModifyRequest and ModifyResponse Service Extensions to proxy apps
- Add LoadAttrsSE to proxy apps
- Expose ‘goPath’ on v2 Service Extensions
- Add CreateHeader service extension to proxy apps
- Add IsAuthorized service extension to proxy apps
- Add IsAuthenticated and Authenticate extensions to proxy apps
Internal improvements and maintenance updates.
Internal improvements and maintenance updates.
Internal improvements and maintenance updates.
- Add TLS to proxy apps
Internal improvements and maintenance updates.
- Resolved CVE-2023-45683
- Support multiple route patterns on a proxy app
- Add Orchestrator Groups cache support
- Add regexp policy matching to proxyapps
- Add attribute provider to proxy apps
- Resolved CVE-2023-39325
Internal improvements and maintenance updates.
- Support policy-level header definitions on proxy apps