Skip to content

Releases: networknt/light-4j

1.5.15

18 Jun 15:02
Compare
Choose a tag to compare

1.5.15 (2018-06-18)

Full Changelog

Implemented enhancements:

  • Dynamic server listener port configuration #210
  • Unexpected behavior when Status is created for non-existent status code #169

Closed issues:

  • add datasource module for most popular relational databases #220
  • create LightHttpHandler with default method to handle the error status #217
  • A default content-type is not set #216
  • add a new status code in status.yml for authenticate class not found #215
  • Add a Build Number to the server.yml #214
  • add constants to utility Constants for light-router #212
  • OAuthHelper needs to handle the error status from OAuth 2.0 provider #202

Merged pull requests:

Upgrade Guidelines:

All changes in this release are backward-compatible, so you can just update the version number in your pom.xml file. The following enhancements might be useful for you though:

  • A new property buildNumber has been added to the server.yml from light-codegen. This variable can be used for auditing in your API.

  • It is highly recommended to use LightHttpHandler interface instead of HttpHandler as it contains a default method to handle error status.

1.5.14

19 May 22:26
Compare
Choose a tag to compare

1.5.14 (2018-05-19)

Full Changelog

Closed issues:

  • update client.yml and secret.yml in other modules #211
  • Rename resources module to resource for consistency #209
  • update client module to support refresh token flow for light-spa-4j #208
  • update verifyJwt with ignoreExpiry flag #207
  • add default method setExchangeStatus into MiddlewareHandler #206
  • move auth and csrf to light-spa-4j repository #205
  • add error code for light-spa-4j stateless-token handler #204
  • switch StatelessAuthHandler to middleware handler #203
  • add stateless auth and csrf handlers for SPA application #201
  • pass csrf token in oauth token request #200
  • add status code for light-proxy tableau authentication handler #199
  • move password in jwt.yml to secret.yml #198
  • share the connections to consul in ConsulClientImpl #196

Merged pull requests:

Upgrade Guidelines

There is no API change for this release; however, the following three config files have been updated:

  • Add refresh token client secret in secret.yml
# Fresh token client secret for OAuth2 server
refreshTokenClientSecret: f6h1FTI8Q3-7UScPZDzfXA
  • Remove oauthHttp2Support from security.yml to client.yml
# If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true.
oauthHttp2Support: true

  • Add enableHttp2 and refresh token section in client.yml
    # set to true if the oauth2 provider supports HTTP/2
    enableHttp2: true
    refresh_token:
      # token endpoint for refresh token grant
      uri: "/oauth2/token"
      # client_id for refresh token grant flow. client_secret is in secret.yml
      client_id: f7d42348-c647-4efb-a52d-4c5787421e72
      # optional scope, default scope in the client registration will be used if not defined.
      scope:
      - petstore.r
      - petstore.w

For details, please refer to https://github.com/networknt/light-4j/blob/master/client/src/main/resources/config/client.yml

1.5.13

20 Apr 17:41
Compare
Choose a tag to compare

1.5.13 (2018-04-20)

Full Changelog

Implemented enhancements:

  • create a middleware handler for Prometheus #150
  • Sanitizer mangles content #51

Closed issues:

  • light-codegen command line error handling #195
  • upgrade jackson library to 2.9.4 #187
  • put client credentials token into authorization header instead of X-Scope-Token header #185
  • name convention between metrics and prometheus #165

1.5.12

08 Apr 17:11
Compare
Choose a tag to compare

1.5.12 (2018-04-08)

Full Changelog

Closed issues:

  • upgrade to prometheus 0.3.0 #192
  • rollback zkclient to 0.3 #191
  • remove consul client and update version for zkclient and curator #190
  • remove antlr4 from dependencies #189
  • upgrade jackson 2.9.5 remove swagger from light-4j dependencies #188
  • add two more test cases for Http2Client #186

Upgrade Guidelines:

There is no functional change in this release but only upgrade the versions of dependencies after black duck security scan. Here is the new version of each library.

        <version.jackson>2.9.5</version.jackson>
        <version.slf4j>1.7.25</version.slf4j>
        <version.jose4j>0.6.3</version.jose4j>
        <version.commons.codec>1.11</version.commons.codec>
        <version.encoder>1.2.1</version.encoder>
        <version.logback>1.2.3</version.logback>
        <version.junit>4.12</version.junit>
        <version.mockito>2.10.0</version.mockito>
        <version.undertow>1.4.23.Final</version.undertow>
        <version.swagger-parser>1.0.34</version.swagger-parser>
        <version.hamcrest>1.3</version.hamcrest>
        <version.assertj>3.8.0</version.assertj>
        <version.hdrhistogram>2.1.10</version.hdrhistogram>
        <version.jsr305>3.0.2</version.jsr305>
        <version.json-schema-validator>0.1.18</version.json-schema-validator>
        <version.zookeeper>3.5.3-beta</version.zookeeper>
        <version.zkclient>0.3</version.zkclient>
        <version.curator>4.0.1</version.curator>
        <version.snakeyaml>1.20</version.snakeyaml>
        <version.caffeine>2.6.2</version.caffeine>
        <version.prometheus>0.3.0</version.prometheus>
        <version.javamail>1.6.1</version.javamail>

1.5.11

31 Mar 22:57
Compare
Choose a tag to compare

1.5.11 (2018-03-31)

Full Changelog

Fixed bugs:

  • JWT signing private key cannot be externalized #178
  • scope encoding changes space to plus sign in OAuthHelper #172

Closed issues:

  • add ERR11300 FAIL_TO_GET_TABLEAU_TOKEN error code in status.yml #184
  • check if trace is enabled in Http2Client logger #183
  • add isBlank to StringUtil in utility class #180
  • split JwtHelper to JwtHelper for token verification and JwtIssuer to issue token #179
  • remove Apache commons-lang dependency from mask #177
  • remove commons-io dependencies #176
  • refactor CorsHttpHandlerTest to use Http2Client #175
  • add status code ERR11202 for hybrid-4j get request #173
  • remove unused import in DecryptUtil #171

Merged pull requests:

  • feat(util): Add toByteBuffer overload util method to convert files. #174 (NicholasAzar)

1.5.10

02 Mar 14:40
Compare
Choose a tag to compare

1.5.10 (2018-03-02)

Full Changelog

Closed issues:

  • add subject_claims and access_claims constants #170
  • Port enabling indicator #168
  • add prometheus to the module list in parent pom.xml #164

Merged pull requests:

1.5.9

21 Feb 01:45
Compare
Choose a tag to compare

1.5.9 (2018-02-21)

Full Changelog

Closed issues:

  • Support dynamic port binding for Kubernetes hostNetwork #162
  • switch light-config-server connection to HTTP 2.0 #159

Merged pull requests:

Upgrade Guide:

  • To support Kubernetes cluster deployment and client side service discovery, the server cannot be started with both http and https. If both are enabled, then https will be used.

  • The server module has been enhanced to support dynamic port allocation and self registration on Kubernetes cluster. The following section has been added to the server.yml config file. If you are not using the feature, you don't need to include the block. This change is backward compatible. Example can be found at https://github.com/networknt/light-example-4j/blob/master/discovery/api_a/kubernetes/src/main/resources/config/server.yml

There is Kubernetes tutorial on how to use it as part of the service registry and discovery.

# Dynamic port is used in situation that multiple services will be deployed on the same host and normally
# you will have enableRegistry set to true so that other services can find the dynamic port service. When
# deployed to Kubernetes cluster, the Pod must be annotated as hostNetwork: true
dynamicPort: false

# Minimum port range. This define a range for the dynamic allocated ports so that it is easier to setup
# firewall rule to enable this range. Default 2400 to 2500 block has 100 port numbers and should be
# enough for most cases unless you are using a big bare metal box as Kubernetes node that can run 1000s pods
minPort: 2400

# Maximum port rang. The range can be customized to adopt your network security policy and can be increased or
# reduced to ease firewall rules.
maxPort: 2500

1.5.8

03 Feb 01:21
Compare
Choose a tag to compare

1.5.8 (2018-02-03)

Full Changelog

Closed issues:

  • fix a typo in variable JwT_CLOCK_SKEW_IN_SECONDS #158
  • accept other optional fields in OAuth2 token response #156
  • handle a list of string instead of list of maps in BodyHandler #154
  • Add a status code ERR12042 SERVICE_ENDPOINT_NOT_FOUND #153

Merged pull requests:

** Upgrade guideline: **

This release contains small enhancements so no config file changes. Just change the pom.xml version number to 1.5.8 from 1.5.7 will do.

1.5.7

09 Jan 01:23
Compare
Choose a tag to compare

1.5.7 (2018-01-09)

Full Changelog

Implemented enhancements:

  • provide a utility to substitute environment variables in config #149

Closed issues:

  • change secret.yml loading from SecretConfig to Map for flexibility #151
  • Remove docs folder and repo specific document site once all contents are migrated #139

1.5.6

30 Dec 00:31
Compare
Choose a tag to compare

1.5.6 (2017-12-29)

Full Changelog

Fixed bugs:

  • Get token un Http2Client line 367 is hard coded using Http2 #146

Closed issues:

  • some compiler warnings #148
  • Add email sender module and update secret.yml #147
  • Add host header for getkey in oauthHelper for HTTP 1.1 #145

Upgrade Guide:
In this release, a new email module is added for sending emails and the emailPassword is added to the secret.yml file. Other than this, the release is backward compatible with 1.5.5

# EmailSender password default address is noreply@lightapi.net
emailPassword: change-to-real-password