Ver. 0.4.0

Version 0.4.0

Welcome to Meiling Gatekeeper,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

Breaking Changes

Incompatible JWT Signing Scheme

In order to comply with OpenID Connect Core Specification, JWT generation scheme was totally redesigned.
therefore, "secret_token" based JWT generation is now no more.

If you startup server without any modification, Meiling Gatekeeper will generate new key for runtime and this runtime only.
The recommended solution is to generate JWT signing keys by using new command: yarn keygen

Dropped support for Debug Tokens

Until 0.3.1, You can use debug tokens to check /v1/meiling/session to check your current session information.
From 0.4.0, Support for this was dropped in favor of new /v1/admin/sessions endpoint.
If your service utilizes /v1/meiling/session for internal use, Please migrate to new admin endpoints.

ChangeLog

• Actually Upgraded to prisma v2.25.0
• Dropped support for node 10.x (due to prisma v2.25.0 upgrade)
• fixed various bug on id_token generation such as:
  • fixed the bug that auth_time is sent as YYYY-MM-DDTHH:mm:ssZ00:00 style
  • fixed the bug that iat and exp was in totally wrong value
• Add support for base64url on PKCE based authorization_code requests
• now proper support for JWK endpoints! available at: /v1/oauth2/certs
• Added proper support for name scope
• Added proper support for profile scope
• Added experimental support for Elliptic Curve based JWTs
• Added support for client_secret_basic flows
• Added support for housekeeping feature. Start server with --run-cleanup will clean the database (or...)
• Added support for experimental administration feature. Such as...
  • checking user's information
  • checking application's information
  • viewing/updating meiling session
  • housekeeping on demand (same feature with --run-cleanup)
• Dropped support for development meiling session viewer on /v1/meiling/session

Phew, I guess this is all! See you on next release!