- Use a SAML (entitlement) attribute to decide what activation flows a user may use #336
- Redirect to initial uri after successful login #443
- Correct a route name with a missing namespace part (self vetting acs) #320
- Repair exeption screens
- Fix flash messages
- Read flash messages from the correct bag #314
- Simplify exception logical condition, showing the attribute missing error message once again #315
- Multiple updates of Composer/Node dependencies
- Removed a piece of dead authentication code #312
- Upgrade code to run on Symfony 6.4
- Updated code to be PHP 8.2 compatible
- Installed (and moved) QA tests. For example, we now include PHPStan. But no longer run the security tests in the test-integration workflow
Maintenance:
- Framework: esi, fragments not used so disable
- Security upgrades are installed
Bugfixes:
- SMS prove possession route not found #288
- Repair return type inconsistency in recovery token trait #287
- Support self-vetting using a self-asserted token #284
- Do not send activation mail when verify email required #280
- Upgrade Stepup SAML bundle #278
- Upgrade js dependencies #277
- Improve verification mail message timing #276
- Explain the potential consequences of token removal #270
- Add toggles to disable recovery token types #274
Self-asserted token registration
- Nudge the vetting type more aggressively c67201bc
- Integrate Recovery tokens in SelfService #261
- Require step up authentication for Recovery Token create and delete actions #264
- Support the new loa-self-asserted level of assurance #265
- Allow expression of a preferred activation flow (vetting type) #266
- Display the Institutional vetting type hint #268
- Allow recovery token revocation without second factor token possession #269
- Make the info and health endpoints available on both
/
and/internal/
paths. 'Deprecating' the original /health and /info endpoints. - Give a concrete error message when a required attribute is missing
- Enhance logging of Yubico API errors
- Update dependencies
- Introduce a Github Actions workflow for auto-building tags
- Added browserlist entry in package.json to ensure IE 11 support
Update Stepup Bundle and Http Foundation to prevent deprecation warnings
Update stepup-saml-bundle and stepup-bundle
Feature
- Self vetting (vet token with previously RA vetted token) #227
Feature
- Add GSSP UserAttributes extensions to registration-SAMLAuthnRequest to pass user-information to GSSP's
- Add GSSP UserAttributes extensions to registration-SAMLAuthnRequest to pass user-information to GSSP's
- Update dependencies
Platform update
- Drop support for php 5.6, Use PHP7.2
- Upgrade to Synfony 4
- Allow HTML in explanation/description
- Update dependencies
A release with bugfixes after initial FGA tests
- Fix exception controller authentication exceptions #179
- Update MW-client-bundle #178
- Install various security updates #177
This is a security release that will harden the application against CVE 2019-346
- Upgrade Stepup-saml-bundle to version 4.1.8 #176
The new fine grained authorization logic will allow Ra's from other institutions to accredidate RA's on behalf of another organisation. This is determined based on the institution configuration. https://github.com/OpenConext/Stepup-Deploy/wiki/rfc-fine-grained-authorization/b6852587baee698cccae7ebc922f29552420a296
Features & Bugfixes The changes to SelfService in regards to the FGA changes only where to remain compatible with API changes made for Stepup-RA. No new features have been added.
This is a security release that will harden the application against CVE 2019-346
- Upgrade Stepup-saml-bundle to version 4.1.8 #175
Bugfix
- Create a pdf base template to support local url's #168
Bugfix
- Create a pdf base template to support local url's #168
Improvement
- Optimized the PSR-4 autoload configuration
Bugfix
- Rebuilt the Composer lockfile
Improvements
- Open help in new tab #165
- Introduce multi-lingual logout redirect #164
Improvments for testing
- Ensure middleware API is used in test mode #157
- Use 'shared' certificates and private keys when in test mode #157
- Provide behat support #156
- Set Symfony environment from cookie if available #229
Bugfixes
- Fix art for authentication #163
- Fix mpdf relative url's and logging #162
Bugfixes
- Prevent form loading issue #155
Features & Bugfixes
- Fixed missing translations for validation messages on forms #154
Improvements
- Symfony 3.4.15 upgrade #153
- Behat test support #152