OSIAM v2.5 Release Notes
Release Date: 2015-12-22 // over 8 years ago-
๐ Changelog
OSIAM Auth Server 2.5
๐ Features
๐ Use JDBC connection pooling
0๏ธโฃ By default the pool has a size of 10 and a timeout of 30s to acquire a connection.
๐ง These settings can be changed with the following configuration properties:org.osiam.auth-server.db.maximum-pool-size
-
org.osiam.auth-server.db.connection-timeout-ms
๐ Support retrieving list of clients
๐ Use the resource endpoint
/Client
withGET
.๐ง Make number of parallel connections to the auth-server configurable
๐ง The default is 40 and can be changed with the following configuration property:
-
org.osiam.resource-server.connector.max-connections
๐ง Make timeouts of connections to auth-server configurable
0๏ธโฃ By default the read timeout is set to 10000ms and the connect timeout to 5000ms.
๐ง These settings can be changed with the following configuration properties:org.osiam.resource-server.connector.read-timeout-ms
org.osiam.resource-server.connector.connect-timeout-ms
๐ Changes
โ Add Flyway migration to replace method-based scopes
๐ The migration removes all method-based scopes from the auth-server client and adds the scope
ADMIN
.0๏ธโฃ Increase default timeouts for connections to resource-server
0๏ธโฃ By default the read timeout is set to 10000ms and the connect timeout to 5000ms.
0๏ธโฃ Increase default maximum number of parallel connections to resource-server
0๏ธโฃ The default is 40.
Switch to Spring Boot
๐จ Refactor database schema
Note: Some fields in table
osiam_client
have been renamed:accesstokenvalidityseconds
becomesaccess_token_validity_seconds
refreshtokenvalidityseconds
becomesrefresh_token_validity_seconds
validityinseconds
becomesvalidity_in_seconds
โก๏ธ Update your SQL scripts, if you add OAuth 2 clients via direct database manipulation.
It's recommended to use the RESTful endpoints under/Client
to manage Clients.๐ Fixes
Make sure
access_token
,refresh_token
andtoken_type
are added only
๐ once to the returned Access Token (Fixes #42).โ Remove
scopes
from the Access Token (Fixes #51).Prevent NPE when
User#active
is null๐ Handle duplicate client creation error on application level
Respond with Conflict 409 when a client with a requested client id already
existsโก๏ธ Updates
- OSIAM connector4java 1.8
- MySQL JDBC driver 5.1.37
- PostgreSQL JDBC driver 9.4-1205
- ๐ OAuth2 for Spring Security 2.0.8
OSIAM Resource Server 2.5
๐ Features
๐ Use JDBC connection pooling
0๏ธโฃ By default the pool has a size of 10 and a timeout of 30s to acquire a connection.
๐ง These settings can be changed with the following configuration properties:org.osiam.resource-server.db.maximum-pool-size
-
org.osiam.resource-server.db.connection-timeout-ms
Populate the
type
field of aGroup
's membersMembers of a
Group
have theirtype
field set to eitherUser
orGroup
.๐ง Make number of parallel connections to the auth-server configurable
๐ง The default is 40 and can be changed with the following configuration property:
-
org.osiam.auth-server.connector.max-connections
๐ง Make timeouts of connections to auth-server configurable
0๏ธโฃ By default the read timeout is set to 10000ms and the connect timeout to 5000ms.
๐ง These settings can be changed with the following configuration properties:org.osiam.auth-server.connector.read-timeout-ms
org.osiam.auth-server.connector.connect-timeout-ms
๐ Changes
0๏ธโฃ Increase default timeouts for connections to auth-server
0๏ธโฃ By default the read timeout is set to 10000ms and the connect timeout to 5000ms.
0๏ธโฃ Increase default maximum number of parallel connections to auth-server
0๏ธโฃ The default is 40.
Switch to Spring Boot
๐จ Refactor database schema
Note: Some fields in table
scim_extension_field
have been renamed:extension_internal_id
becomesextension
;is_required
becomesrequired
;
โก๏ธ Update your SQL scripts, if you add SCIM 2 extensions via direct database
manipulation.๐ฒ Produce a meaningful log message and respond with
503 TEMPORARILY UNAVAILABLE
instead of409 CONFLICT
if the auth-server cannot be reached to validate or
revoke an access token.All invalid search queries now respond with a
400 BAD REQUEST
instead of
409 CONFLICT
status code.Respond with
401 UNAUTHORIZED
when revoking or validating an access token
fails because of invalid access token.โ Remove configuration property
org.osiam.resource-server.db.dialect
โ Remove self written profiling solution since we now use the Metrics
๐ง framework. This removes the configuration propertyorg.osiam.resource-server.profiling
๐ Make the generated errors SCIM compliant
Error responses look like this according to Scim 2:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"], "detail": "Resource 2819c223-7f76-453a-919d-413861904646 not found", "status": "404" }
๐ Fixes
Only set
UserEntity#active
if value is not nullPrevents a NPE when storing users that have no value for the
active
field.๐ Use correct schema for Scim resources
Affected resources and the changes are:
User
:urn:scim:schemas:core:2.0:User
becomesurn:ietf:params:scim:schemas:core:2.0:User
Group
:urn:scim:schemas:core:2.0:Group
becomesurn:ietf:params:scim:schemas:core:2.0:Group
ListResponse
:urn:scim:schemas:core:2.0:User
/urn:scim:schemas:core:2.0:Group
becomesurn:ietf:params:scim:api:messages:2.0:ListResponse
ServiceProviderConfig
:urn:scim:schemas:core:2.0:ServiceProviderConfig
becomesurn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig
โก๏ธ Updates
- OSIAM connector4java 1.8
- MySQL JDBC driver 5.1.37
- PostgreSQL JDBC driver 9.4-1205
- AspectJ 1.8.7
- Metrics Spring Integration 3.1.2