Release notes¶
All notable changes to this project will be documented in there.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[0.0.55] - 2024-08-30¶
Changed¶
Use poetry-core build backend. #178
[0.0.54] - 2024-07-25¶
Added¶
Changed¶
Model identifier_attributes are fixed.
Bump to htmx 1.9.12 #172
Fixed¶
Dark theme colors for better readability
Crash for passwordless users at login when no SMTP server was configured.
[0.0.53] - 2024-04-22¶
Added¶
env_prefix create_app variable can select the environment var prefix.
[0.0.52] - 2024-04-22¶
Added¶
env_file create_app variable can customize/disable the .env file
Changed¶
Locked users cannot be impersonated anymore.
Minimum python requirement is 3.9.
[0.0.51] - 2024-04-09¶
Changed¶
Display the menu bar on error pages.
[0.0.50] - 2024-04-09¶
Added¶
Sign in/out events are logged in #177
Fixed¶
HTMX and JAVASCRIPT configuration settings.
Compatibility with old sessions IDs.
[0.0.49] - 2024-04-08¶
Fixed¶
LDAP user group removal.
Display an error message when trying to remove the last user from a group.
[0.0.48] - 2024-04-08¶
Fixed¶
LDAP objectClass guessing exception.
[0.0.47] - 2024-04-08¶
Fixed¶
Lazy permission loading exception.
[0.0.46] - 2024-04-08¶
Fixed¶
Saving an object with the LDAP backend keeps the objectClass un-managed by Canaille. #171
[0.0.45] - 2024-04-04¶
Changed¶
Internal indexation mechanism of
MemoryModel
[0.0.44] - 2024-03-29¶
Fixed¶
Fix the default LDAP USER_FILTER value
Fix the OIDC feature detection
[0.0.43] - 2024-03-29¶
🚨Configuration files must be updated.🚨
Added¶
Changed¶
[0.0.42] - 2023-12-29¶
Fixed¶
Avoid to fail on imports if
cryptography
is missing.
[0.0.41] - 2023-12-25¶
Added¶
Fixed¶
Correctly set up Client audience during OIDC dynamic registration.
post_logout_redirect_uris
was ignored during OIDC dynamic registration.Group field error prevented the registration form validation.
[0.0.40] - 2023-12-22¶
Added¶
THEME
can be a relative path
[0.0.39] - 2023-12-15¶
Fixed¶
Crash when no ACL were defined
OIDC Userinfo endpoint is also available in POST
Fix redirection after password reset #159
[0.0.38] - 2023-12-15¶
Changed¶
[0.0.37] - 2023-12-01¶
Fixed¶
[0.0.36] - 2023-12-01¶
Fixed¶
Avoid crashing when LDAP groups references unexisting users.
Password reset and initialization mails were only sent to the preferred user email address.
Password reset and initialization mails were not sent at all the user addresses if one email address could not be reached.
Password comparison was too permissive on login.
Encrypt passwords in the SQL backend.
[0.0.35] - 2023-11-25¶
Added¶
Changed¶
Fixed¶
Disable HTMX boosting during the OIDC dance. #160
[0.0.34] - 2023-10-02¶
Fixed¶
Canaille installations without account lockabilty could not delete users. #153
Added¶
[0.0.33] - 2023-08-26¶
Fixed¶
OIDC jwks endpoint do not return empty kid claim
Added¶
Documentation details on the canaille models.
[0.0.32] - 2023-08-17¶
Added¶
[0.0.31] - 2023-08-15¶
Added¶
Fixed¶
The check command uses the default configuration values.
Changed¶
[0.0.30] - 2023-07-06¶
🚨Configuration files must be updated.🚨
Check the new format with git diff 0.0.29 0.0.30 canaille/conf/config.sample.toml
Added¶
Configuration option to disable javascript #141
Changed¶
Configuration
USER_FILTER
is parsed with jinja.Configuration use
PRIVATE_KEY_FILE
instead ofPRIVATE_KEY
andPUBLIC_KEY_FILE
instead ofPUBLIC_KEY
[0.0.29] - 2023-06-30¶
Fixed¶
Disabled HTMX boosting on OIDC forms to avoid errors.
[0.0.28] - 2023-06-30¶
Fixed¶
A template variable was misnamed.
[0.0.27] - 2023-06-29¶
🚨Configuration files must be updated.🚨
Check the new format with git diff 0.0.26 0.0.27 canaille/conf/config.sample.toml
Added¶
Changed¶
Bump to jquery 3.7.0 #138
Fixed¶
Removed¶
Stop support for python 3.7 #131
[0.0.26] - 2023-06-03¶
Added¶
Fixed¶
Avoid setting
None
in JWT claims when they have no value.Display password recovery button on OIDC login page. #129
[0.0.25] - 2023-05-05¶
🚨Configuration files must be updated.🚨
Check the new format with git diff 0.0.25 0.0.24 canaille/conf/config.sample.toml
Changed¶
Fixed¶
[0.0.24] - 2023-04-07¶
Fixed¶
Fixed avatar update. #122
[0.0.23] - 2023-04-05¶
Added¶
Changed¶
Fixed¶
CSRF protection on every forms. #119
[0.0.22] - 2023-03-13¶
Fixed¶
faker is not imported anymore when the clean command is called.
[0.0.21] - 2023-03-12¶
Added¶
Display TOS and policy URI on the consent list page. #102
Revoked consents can be restored. #103
Pre-consented clients are displayed in the user consent list, and their consents can be revoked. #69 #103
A
populate
command can be used to fill the database with random users generated with faker. #105SMTP SSL support. #108
Department number support. #129
Address edition support (but not in the OIDC claims yet) #112
Title edition support #113
Fixed¶
Changed¶
Removed datatables.
[0.0.20] - 2023-01-28¶
Added¶
Fixed¶
[0.0.19] - 2023-01-14¶
Fixed¶
Ensures the token expires_in claim and the access_token exp claim have the same value. #83
[0.0.18] - 2022-12-28¶
Fixed¶
OIDC end_session was not returning the
state
parameter in thepost_logout_redirect_uri
#82
[0.0.17] - 2022-12-26¶
Fixed¶
[0.0.16] - 2022-12-15¶
Fixed¶
Fixed LDAP operational attributes handling.
[0.0.15] - 2022-12-15¶
Added¶
[0.0.14] - 2022-11-29¶
Fixed¶
Fixed translation mo files packaging.
[0.0.13] - 2022-11-21¶
Fixed¶
Fixed a bug on the contacts field in the admin client form following the LDAP schema update of 0.0.12
Fixed a bug happening during RP initiated logout on clients without post_logout_redirect_uri defined.
Gitlab CI fix. #64
Fixed client_secret display on the client administration page. #65
Fixed non-square logo CSS. #67
Fixed schema path on installation. #68
Fixed RFC7591
software_statement
claim support. #70Fixed client preconsent disabling. #72
Added¶
Changed¶
Replaced the use of the deprecated FLASK_ENV environment variable by FLASK_DEBUG.
Dynamically generate the server metadata. Users won’t have to copy and manually edit
oauth-authorizationserver.json
andopenid-configuration.json
. #71The FROM_ADDR configuration option is not mandatory anymore. #73
The JWT.ISS configuration option is not mandatory anymore. #74
[0.0.12] - 2022-10-24¶
Added¶
[0.0.11] - 2022-08-11¶
Added¶
Default theme has a dark variant. #57
Fixed¶
Fixed missing
canaille
binary. #58
[0.0.10] - 2022-07-07¶
Fixed¶
[0.0.9] - 2022-06-05¶
Added¶
Changed¶
Fixed¶
[0.0.8] - 2022-03-15¶
Fixed¶
Fixed dependencies
[0.0.7] - 2022-03-15¶
Fixed¶
Fixed spaces and escaped special char in ldap cn/dn #43
[0.0.6] - 2022-03-08¶
Changed¶
Access token are JWT. #38
Fixed¶
[0.0.5] - 2022-02-17¶
Changed¶
LDAP model objects have new identifiers #37
Fixed¶
[0.0.4] - 2022-02-16¶
Added¶
Client preauthorization #11
LDAP permissions check with the check command #12
Update consents when a scope required is larger than the scope of an already given consent #13
Theme customization #15
Logging configuration #16
Installation command #17
Invitation links #18
Advanced permissions #20
An option to not use OIDC #23
Disable some features when no SMTP server is configured #24
Login placeholder dynamically generated according to the configuration #25
Added an option to tune object IDs #26
Avatar support #27
Dynamical and configurable JWT claims #28
UI improvements #29
Invitation links expiration #30
Invitees can choose their IDs #31
LDAP backend refactoring #35
Fixed¶
[0.0.3] - 2021-10-13¶
Added¶
Fixed¶
[0.0.2] - 2021-01-06¶
Added¶
Login page is responsive. #1
Adapt mobile keyboards to login page fields. #2
Password recovery interface. #3
User profile interface. #4
Renamed the project canaille. #5
Command to remove old tokens. #17
Use flask SERVER_NAME configuration variable instead of URL. #24
Improved consents page. #27
Admin user page. #8
Project logo. #29
User account self-deletion can be enabled in the configuration with SELF_DELETION. #35
Admins can impersonate users. #39
Forgotten page UX improvement. #43
Admins can remove clients. #45
Option HIDE_INVALID_LOGIN that can be unactivated to let the user know if the login he attempt to sign in with exists or not. #48
Password initialization mail. #51
Fixed¶
Removed¶
‘My tokens’ page. #22
[0.0.1] - 2020-10-21¶
Added¶
Initial release.