Skip to content

Releases: meili-NG/meiliNG.js

Ver. 0.4.2

09 Nov 12:06
@Alex4386 Alex4386
v0.4.2
421f4c5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Ver. 0.4.2 Pre-release
Pre-release

Version 0.4.2

Welcome to Meiling Gatekeeper,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

ChangeLog

  • updated dependencies
  • Fixed a security vulnerability that user can signup without proper phone verification - Reported by @RutsuKun

Contributors

RutsuKun
Assets 2
Loading

Ver. 0.4.1

22 Jun 16:03
@Alex4386 Alex4386
v0.4.1
1d9f169
Compare
Choose a tag to compare
Ver. 0.4.1 Pre-release
Pre-release

Version 0.4.1

Welcome to Meiling Gatekeeper,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

ChangeLog

  • Now supports PM2 Process Manager!
  • You can check which version of meiling you are running by calling /v1/admin even on production environments. NICE.
Assets 2
Loading

Ver. 0.4.0

20 Jun 19:14
@Alex4386 Alex4386
v0.4.0
451acc9
Compare
Choose a tag to compare
Ver. 0.4.0 Pre-release
Pre-release

Version 0.4.0

Welcome to Meiling Gatekeeper,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

Breaking Changes

Incompatible JWT Signing Scheme

In order to comply with OpenID Connect Core Specification, JWT generation scheme was totally redesigned.
therefore, "secret_token" based JWT generation is now no more.

If you startup server without any modification, Meiling Gatekeeper will generate new key for runtime and this runtime only.
The recommended solution is to generate JWT signing keys by using new command: yarn keygen

Dropped support for Debug Tokens

Until 0.3.1, You can use debug tokens to check /v1/meiling/session to check your current session information.
From 0.4.0, Support for this was dropped in favor of new /v1/admin/sessions endpoint.
If your service utilizes /v1/meiling/session for internal use, Please migrate to new admin endpoints.

ChangeLog

  • Actually Upgraded to prisma v2.25.0
  • Dropped support for node 10.x (due to prisma v2.25.0 upgrade)
  • fixed various bug on id_token generation such as:
    • fixed the bug that auth_time is sent as YYYY-MM-DDTHH:mm:ssZ00:00 style
    • fixed the bug that iat and exp was in totally wrong value
  • Add support for base64url on PKCE based authorization_code requests
  • now proper support for JWK endpoints! available at: /v1/oauth2/certs
  • Added proper support for name scope
  • Added proper support for profile scope
  • Added experimental support for Elliptic Curve based JWTs
  • Added support for client_secret_basic flows
  • Added support for housekeeping feature. Start server with --run-cleanup will clean the database (or...)
  • Added support for experimental administration feature. Such as...
    • checking user's information
    • checking application's information
    • viewing/updating meiling session
    • housekeeping on demand (same feature with --run-cleanup)
  • Dropped support for development meiling session viewer on /v1/meiling/session

Phew, I guess this is all! See you on next release!

Assets 2
Loading

Ver. 0.3.1

17 Jun 12:20
@Alex4386 Alex4386
v0.3.1
c108d8f
Compare
Choose a tag to compare
Ver. 0.3.1 Pre-release
Pre-release

Version 0.3.1

Welcome to Meiling Gatekeeper,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

Alert

This version contains a security patch, If you are in older version of meiling, Please update to latest version as soon as possible.

ChangeLog

  • upgraded to prisma v2.25.0 (Not Actually..., This was applied on v0.4.0)
  • Fixed Security Vulnerability on oAuth2 endpoint /v1/oauth2/userinfo that doesn't properly validate if access_token is expired - reported by @Baw-Appie

2021-06-17 21 17 46

Assets 2
Loading

Ver. 0.3.0

01 Jun 15:44
@Alex4386 Alex4386
v0.3.0
081b93b
Compare
Choose a tag to compare
Ver. 0.3.0 Pre-release
Pre-release

Version 0.3.0

Welcome to Meiling Gatekeeper,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

ChangeLog

  • Entirely refactored how /v1/meiling endpoints are being handled.
  • upgraded to prisma v2.24.0
Assets 2
Loading

Ver. 0.2.1

12 Apr 20:52
@Alex4386 Alex4386
v0.2.1
e0864ec
Compare
Choose a tag to compare
Ver. 0.2.1 Pre-release
Pre-release

Version 0.2.1

Welcome to Meiling Project,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

ChangeLog

  • Added basic support for application management for users
  • Users can now revoke access to application they don't use.
  • Changed the default behavior to return refresh_token when access_type was not defined.
Assets 2
Loading

Ver. 0.2.0

14 Mar 11:09
@Alex4386 Alex4386
v0.2.0
fbf9b3e
Compare
Choose a tag to compare
Ver. 0.2.0 Pre-release
Pre-release

Version 0.2.0

Welcome to Meiling Project,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

ChangeLog

  • Added Password Reset Feature
Assets 2
Loading

Ver. 0.1.0

22 Feb 04:27
@Alex4386 Alex4386
v0.1.0
3a42d0a
Compare
Choose a tag to compare
Ver. 0.1.0 Pre-release
Pre-release

Version 0.1.0

Welcome to Meiling Project,
An easy-to-use, open-source oAuth2 Authentication Provider, which is fully-customizable to meet your own needs!

ChangeLog

  • Initial Release
Assets 2
Loading