Canonical reference for changes, improvements, and bugfixes for cap.
- Add case insensitive user attribute keys configs for LDAP by @jasonodonnell in #132
- chore (oidc, jwt, ldap): update deps by @jimlambrt in #133
- Add empty anonymous group search configs by @jasonodonnell in #134
- JWT
- Adds ability to specify more than one
KeySetused for token validation (#128)
- Adds ability to specify more than one
- SAML
- Truncate issue instant to microseconds to support Microsoft Entra ID enterprise applications (#126)
- SAML
- Adds support for SAML authentication (#99).
- LDAP
- Add worker pool for LDAP token group lookups (PR)
- OIDC/examples/cli
- Use free port if OIDC_PORT is not set for the example (PR)
- LDAP
- A more compete fix for
escapeValue(...)and we've stopped exporting it (PR)
- A more compete fix for
- Address a set of LDAP issues (PR):
- Properly escape user filters when using UPN domains
- Increase max tls to 1.3
- Improve
EscapeValue(...) - Use text template for rendering filters
- Fixes integer overflow in
auth_timeclaim validation when compiled for 32-bit architecture (PR)
- Add
ProviderConfigwhich creates a provider that doesn't support OIDC discovery. It's probably better to use NewProvider(...) with discovery whenever possible (PR and issue). - Improve WSL detection (PR)
- Add option to allow all of IAT, NBF, and EXP to be missing (PR)
- Validate sub and aud are present in an id_token (PR)
- Add better (more consistent) timeouts (PR)
- Add better error msgs on failed search queries (PR)
- Add new config fields for including/excluding user attrs (PR)
- Add
WithUserAttributes(...)option to the ldap package that allows callers to request that attributes be returned for the authenticating user (PR)
- Add support for LDAP/AD authentication (PR)
- oidc: remove extra unused parameter to Info logging in TestProvider.startCachedCodesCleanupTicking (PR).
v0.1.0 is the first release. As a result there are no changes, improvements, or bugfixes from past versions.