Releases: dexidp/dex
v2.0.0-alpha.2
v2.0.0-alpha.2
v2.0.0-alpha.1
v2.0.0-alpha.1
v0.6.1
v0.6.0
Changes since last release:
- Deprecate --email-from flag and clean up email config options (#487)
- Add "groups" scope to return list of groups in claims, LDAP only supported implementation (#510)
- Dex can no be used at a relative path (#520, #521, #522, #558)
- Fix API for bearer tokens with multiple audiences (#531)
- Set display name when registering a user (#537)
- Added UAA connector (#542)
- Added refresh token rotation, aka refresh tokens can only be used once (#540)
- Added option to use client credentials against worker API (#529)
- Token response now includes mandatory "expires_in" field (#575)
v0.5.1
v0.5.0
Features:
- Enable automatic registration for non-local login (#463)
- Cross-client refresh tokens through the "authorized party" claim (#465, #426)
- "public" clients which can use oob flows (#471)
- Clients ID and secrets may now be specified in the bootstrapping API (#479)
Bug fixes:
- Dex now works when backed by Azure AD (#466)
Deprecated:
- Removed APIs which only use client_id and client_secret. Use admin API for this functionality. (#468)
v0.4.0
This release consists of a bunch of minor bug fixes, and example and doc tweaks.
Features
- None!
Bugs Fixed
- remove outdated godep hack, since we use glide now (#417)
- example app uses passed redirect instead of hard-coded one (#420)
- Fix examples/README.md doc (#421)
- Fix kubernetes example (#422)
- git-version creates valid docker tags if dirty (#425)
- Update to latest go-oidc to fix JWT parse issues (#430)
Misc
v0.3.0
Features
- LDAP connector added (#178)
- Dynamic client registration (#267)
- dexctl can read connectors from stdin (#277)
- Generated API docs added to repo (#285)
- dex now uses sqlite for --no-db mode and tests (does not add general sqlite support) (#304)
- New API endpoint for resending an invite email (#331)
- example app's default flags now work with --no-db mode (#333)
Bugs Fixed
- API status codes now differentiate between unauthenticated and unauthorized requests (#280)
- dex now uses 302 for redirects rather than 307 (#288)
- Emails now use case insensitive comparison (#339)
- When consuming OAuth2 credentials through basic auth, dex now correctly expects URL escaped values (#357)
Migration Note:
Duplicate Emails
The former use of case insensitive comparison for emails may have resulted in duplicate emails in the dex database for some instances.
For this release, dex will refuse to migrate the database if it detects duplicated emails in the authd_user table. In this case admins must resolve this by editing the table manually, dropping the rows they feel appropriate.
Admins who wish to delete duplicate emails in their database but don’t care which row is preserved can run the following SQL command:
DELETE FROM authd_user
WHERE id IN (SELECT id
FROM (SELECT id,
ROW_NUMBER() OVER (partition BY LOWER(email) ORDER BY id) AS rnum
FROM authd_user) t
WHERE t.rnum > 1);v0.2.3
This is a minor point release to update dex's automated build process from Go version 1.5.2 to 1.5.3 which fixes a bug that impacts RSA private keys. See the write up by the Go team here.
This release is primarily for users who pull dex from quay.io and updates that image to use dex binaries built with Go 1.5.3.
Features
- Better command line error message when secrets have bad length (#259)
Security fixes
- Update Go version in TravisCI from 1.5.2 to 1.5.3 for tests and Docker image builds (#269).
v0.2.2
This is a minor point release to include a critical bug fix to 0.2.1