Skip to content

Prevent Infinite Access Tokens
Compare
Choose a tag to compare
@johnfrancismccann johnfrancismccann released this 16 Jul 15:50
· 228 commits to master since this release
0.3.2
3f58479
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Release Notes

For: uc-cdis/workspace-token-service

Notes since tag: 0.3.1

Notes to tag/commit: 3f58479

Generated: 2021-07-16

Bug Fixes

  • Do not allow a user to indefinitely generate access tokens via the /token
    endpoint (#35)
  • Fix image build failures caused by the absence of g++ (#29)

New Features

  • Enable authentication with access token for GET /token endpoint (#31)

Improvements

  • add optional redirect_uri property in idp config to support centralized
    authorization redirect (#23)
  • bump to latest authlib and related dependencies (#23)
  • add pre-commit-config (#23)

Dependency Updates

  • pin cryptography 2.8 b/c of known bug with 2.9 (#22)
Assets 2
Loading