Roadmap and changelog

canaille 0 versions

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Removed

• Stop support for python 3.7 #131

[0.0.26] - 2023-06-03

Added

• Implemented account expiration based on OpenLDAP ppolicy overlay. Needs OpenLDAP 2.5+ #13 #118

• Timezone configuration entry. #137 #130

Fixed

• Avoid setting None in JWT claims when they have no value.

• Display password recovery button on OIDC login page. #129

[0.0.25] - 2023-05-05

🚨Configuration files must be updated.🚨 Check the new format with git diff 0.0.25 0.0.24 canaille/conf/config.sample.toml

Changed

• Renamed user model attributes to match SCIM naming convention. #123

• Moved OIDC related configuration entries in OIDC

• Moved LDAP configuration entry to BACKENDS.LDAP

• Bumped to htmx 1.9.0 #124

• ACL filters are no more LDAP filters but user attribute mappings. #125

• Bumped to htmx 1.9.2 #127

Fixed

• OIDC.JWT.MAPPING configuration entry is really optional now.

• Fixed empty model attributes registration #125

• Password initialization mails were not correctly sent. #128

[0.0.24] - 2023-04-07

Fixed

• Fixed avatar update. #122

[0.0.23] - 2023-04-05

Added

• Organization field. #116

• ETag and Last-Modified headers on user photos. #116

• Dynamic form validation #120

Changed

• UX rework. Submenu addition. #114

• Properly handle LDAP date timezones. #117

Fixed

• CSRF protection on every forms. #119

[0.0.22] - 2023-03-13

Fixed

• faker is not imported anymore when the clean command is called.

[0.0.21] - 2023-03-12

Added

• Display TOS and policy URI on the consent list page. #102

• Admin token deletion #100 #101

• Revoked consents can be restored. #103

• Pre-consented clients are displayed in the user consent list, and their consents can be revoked. #69 #103

• A populate command can be used to fill the database with random users generated with faker. #105

• SMTP SSL support. #108

• Server side pagination. #114 #111

• Department number support. #129

• Address edition support (but not in the OIDC claims yet) #112

• Title edition support #113

Fixed

• Client deletion also deletes related Consent, Token and AuthorizationCode objects. #126 #98

Changed

• Removed datatables.

[0.0.20] - 2023-01-28

Added

• Spanish translation. #85 #88

• Dedicated connectivity test email #89

• Update to jquery 3.6.3 #90

• Update to fomantic-ui 2.9.1 #90

• Update to datatables 1.13.1 #90

Fixed

• Fix typos and grammar errors. #84

• Fix wording and punctuations. #86

• Fix HTML lang tag #122 #87

• Automatically trims the HTML translated strings. #91

• Fixed dynamic registration scope management. #123 #93

[0.0.19] - 2023-01-14

Fixed

• Ensures the token expires_in claim and the access_token exp claim have the same value. #83

[0.0.18] - 2022-12-28

Fixed

• OIDC end_session was not returning the state parameter in the post_logout_redirect_uri #82

[0.0.17] - 2022-12-26

Fixed

• Fixed group deletion button. #80

• Fixed post requests in oidc clients views. #81

[0.0.16] - 2022-12-15

Fixed

• Fixed LDAP operational attributes handling.

[0.0.15] - 2022-12-15

Added

• User can chose their favourite display name. #77

• Bumped to authlib 1.2. #78

• Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management Protocol #79

• Added nonce to the claims_supported server metadata list.

[0.0.14] - 2022-11-29

Fixed

• Fixed translation mo files packaging.

[0.0.13] - 2022-11-21

Fixed

• Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12

• Fixed a bug happening during RP initiated logout on clients without post_logout_redirect_uri defined.

• Gitlab CI fix. #64

• Fixed client_secret display on the client administration page. #65

• Fixed non-square logo CSS. #67

• Fixed schema path on installation. #68

• Fixed RFC7591 software_statement claim support. #70

• Fixed client preconsent disabling. #72

Added

• Python 3.11 support. #61

• apparmor slapd configuration instructions in CONTRIBUTING.rst #66

• preferredLanguage attribute support. #75

Changed

• Replaced the use of the deprecated FLASK_ENV environment variable by FLASK_DEBUG.

• Dynamically generate the server metadata. Users won’t have to copy and manually edit oauth-authorizationserver.json and openid-configuration.json. #71

• The FROM_ADDR configuration option is not mandatory anymore. #73

• The JWT.ISS configuration option is not mandatory anymore. #74

[0.0.12] - 2022-10-24

Added

• Basic WebFinger endpoint. #59

• Bumped to FomanticUI 2.9.0 00ffffee

• Implemented Dynamic Client Registration #60

[0.0.11] - 2022-08-11

Added

• Default theme has a dark variant. #57

Fixed

• Fixed missing canaille binary. #58

[0.0.10] - 2022-07-07

Fixed

• Online demo. #55

• The consent page was displaying scopes not supported by clients. #56

• Fixed end session when user are already disconnected.

[0.0.9] - 2022-06-05

Added

• DISABLE_PASSWORD_RESET configuration option to disable password recovery. #46

• edit_self ACL permission to control user self edition. #47

• Implemented RP-initiated logout #54

Changed

• Bumped to authlib 1 #48

• documentation improvements #50

• use poetry instead of setuptools #51

• additional nonce tests #52

Fixed

• HIDE_INVALID_LOGIN behavior and default value.

• mo files are not versionned anymore #49 #53

[0.0.8] - 2022-03-15

Fixed

• Fixed dependencies

[0.0.7] - 2022-03-15

Fixed

• Fixed spaces and escaped special char in ldap cn/dn #43

[0.0.6] - 2022-03-08

Changed

• Access token are JWT. #38

Fixed

• Default groups on invitations #41

• Schemas are shipped within the canaille package #42

[0.0.5] - 2022-02-17

Changed

• LDAP model objects have new identifiers #37

Fixed

• Admin menu dropdown display #39

• GROUP_ID_ATTRIBUTE configuration typo #40

[0.0.4] - 2022-02-16

Added

• Client preauthorization #11

• LDAP permissions check with the check command #12

• Update consents when a scope required is larger than the scope of an already given consent #13

• Theme customization #15

• Logging configuration #16

• Installation command #17

• Invitation links #18

• Advanced permissions #20

• An option to not use OIDC #23

• Disable some features when no SMTP server is configured #24

• Login placeholder dynamically generated according to the configuration #25

• Added an option to tune object IDs #26

• Avatar support #27

• Dynamical and configurable JWT claims #28

• UI improvemnts #29

• Invitation links expiration #30

• Invitees can choose their IDs #31

• LDAP backend refactoring #35

Fixed

• Fixed ghost members in a group #14

• Fixed email sender names #19

• Fixed filter being not escaped #21

• Demo script good practices #32

• Binary path for Debian #33

• Last name was not mandatory in the forms while this was mandatory in the LDAP server #34

• Spelling typos #36

[0.0.3] - 2021-10-13

Added

• Two-steps sign-in #49

• Tokens can have several audiences. #62 #9

• Configuration check command. #66 #8

• Groups managament. #12 #6

Fixed

• Introspection access bugfix. #63 #10

• Introspection sub claim. #64 #7

[0.0.2] - 2021-01-06

Added

• Login page is responsive. #1

• Adapt mobile keyboards to login page fields. #2

• Password recovery interface. #3

• User profile interface. #4

• Renamed the project canaille. #5

• Command to remove old tokens. #17

• Improved password recovery email. #14 #26

• Use flask SERVER_NAME configuration variable instead of URL. #24

• Improved consents page. #27

• Admin user page. #8

• Project logo. #29

• User account self-deletion can be enabled in the configuration with SELF_DELETION. #35

• Admins can impersonate users. #39

• Forgotten page UX improvement. #43

• Admins can remove clients. #45

• Option HIDE_INVALID_LOGIN that can be unactivated to let the user know if the login he attempt to sign in with exists or not. #48

• Password initialization mail. #51

Fixed

• Form translations. #19 #23

• Avoid to use Google Fonts. #21

Removed

• ‘My tokens’ page. #22

[0.0.1] - 2020-10-21

Added

• Initial release.