Roadmap and changelog
canaille 0 versions
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
Removed
Stop support for python 3.7 #131
[0.0.26] - 2023-06-03
Added
Fixed
Avoid setting
None
in JWT claims when they have no value.Display password recovery button on OIDC login page. #129
[0.0.25] - 2023-05-05
🚨Configuration files must be updated.🚨
Check the new format with git diff 0.0.25 0.0.24 canaille/conf/config.sample.toml
Changed
Fixed
OIDC.JWT.MAPPING
configuration entry is really optional now.Fixed empty model attributes registration #125
Password initialization mails were not correctly sent. #128
[0.0.24] - 2023-04-07
Fixed
Fixed avatar update. #122
[0.0.23] - 2023-04-05
Added
Changed
Fixed
CSRF protection on every forms. #119
[0.0.22] - 2023-03-13
Fixed
faker is not imported anymore when the clean command is called.
[0.0.21] - 2023-03-12
Added
Display TOS and policy URI on the consent list page. #102
Revoked consents can be restored. #103
Pre-consented clients are displayed in the user consent list, and their consents can be revoked. #69 #103
A
populate
command can be used to fill the database with random users generated with faker. #105SMTP SSL support. #108
Department number support. #129
Address edition support (but not in the OIDC claims yet) #112
Title edition support #113
Fixed
Changed
Removed datatables.
[0.0.20] - 2023-01-28
Added
Fixed
Fix typos and grammar errors. #84
Fix wording and punctuations. #86
Automatically trims the HTML translated strings. #91
[0.0.19] - 2023-01-14
Fixed
Ensures the token expires_in claim and the access_token exp claim have the same value. #83
[0.0.18] - 2022-12-28
Fixed
OIDC end_session was not returning the
state
parameter in thepost_logout_redirect_uri
#82
[0.0.17] - 2022-12-26
Fixed
[0.0.16] - 2022-12-15
Fixed
Fixed LDAP operational attributes handling.
[0.0.15] - 2022-12-15
Added
User can chose their favourite display name. #77
Bumped to authlib 1.2. #78
Implemented RFC7592 OAuth 2.0 Dynamic Client Registration Management Protocol #79
Added
nonce
to theclaims_supported
server metadata list.
[0.0.14] - 2022-11-29
Fixed
Fixed translation mo files packaging.
[0.0.13] - 2022-11-21
Fixed
Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12
Fixed a bug happening during RP initiated logout on clients without post_logout_redirect_uri defined.
Gitlab CI fix. #64
Fixed client_secret display on the client administration page. #65
Fixed non-square logo CSS. #67
Fixed schema path on installation. #68
Fixed RFC7591
software_statement
claim support. #70Fixed client preconsent disabling. #72
Added
Changed
Replaced the use of the deprecated FLASK_ENV environment variable by FLASK_DEBUG.
Dynamically generate the server metadata. Users won’t have to copy and manually edit
oauth-authorizationserver.json
andopenid-configuration.json
. #71The FROM_ADDR configuration option is not mandatory anymore. #73
The JWT.ISS configuration option is not mandatory anymore. #74
[0.0.12] - 2022-10-24
Added
Basic WebFinger endpoint. #59
Bumped to FomanticUI 2.9.0 00ffffee
Implemented Dynamic Client Registration #60
[0.0.11] - 2022-08-11
Added
Default theme has a dark variant. #57
Fixed
Fixed missing
canaille
binary. #58
[0.0.10] - 2022-07-07
Fixed
Online demo. #55
The consent page was displaying scopes not supported by clients. #56
Fixed end session when user are already disconnected.
[0.0.9] - 2022-06-05
Added
Changed
Fixed
[0.0.8] - 2022-03-15
Fixed
Fixed dependencies
[0.0.7] - 2022-03-15
Fixed
Fixed spaces and escaped special char in ldap cn/dn #43
[0.0.6] - 2022-03-08
Changed
Access token are JWT. #38
Fixed
[0.0.5] - 2022-02-17
Changed
LDAP model objects have new identifiers #37
Fixed
[0.0.4] - 2022-02-16
Added
Client preauthorization #11
LDAP permissions check with the check command #12
Update consents when a scope required is larger than the scope of an already given consent #13
Theme customization #15
Logging configuration #16
Installation command #17
Invitation links #18
Advanced permissions #20
An option to not use OIDC #23
Disable some features when no SMTP server is configured #24
Login placeholder dynamically generated according to the configuration #25
Added an option to tune object IDs #26
Avatar support #27
Dynamical and configurable JWT claims #28
UI improvemnts #29
Invitation links expiration #30
Invitees can choose their IDs #31
LDAP backend refactoring #35
Fixed
Fixed ghost members in a group #14
Fixed email sender names #19
Fixed filter being not escaped #21
Demo script good practices #32
Binary path for Debian #33
Last name was not mandatory in the forms while this was mandatory in the LDAP server #34
Spelling typos #36
[0.0.3] - 2021-10-13
Added
Fixed
[0.0.2] - 2021-01-06
Added
Login page is responsive. #1
Adapt mobile keyboards to login page fields. #2
Password recovery interface. #3
User profile interface. #4
Renamed the project canaille. #5
Command to remove old tokens. #17
Use flask SERVER_NAME configuration variable instead of URL. #24
Improved consents page. #27
Admin user page. #8
Project logo. #29
User account self-deletion can be enabled in the configuration with SELF_DELETION. #35
Admins can impersonate users. #39
Forgotten page UX improvement. #43
Admins can remove clients. #45
Option HIDE_INVALID_LOGIN that can be unactivated to let the user know if the login he attempt to sign in with exists or not. #48
Password initialization mail. #51
Fixed
Removed
‘My tokens’ page. #22
[0.0.1] - 2020-10-21
Added
Initial release.