From 7a85038c11632bd9dab06e573f7e6d565f4708c8 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Tue, 7 Feb 2023 22:52:29 +0100 Subject: [PATCH] website/docs: prepare 2023.2 release notes Signed-off-by: Jens Langhammer --- website/docs/releases/2023/v2023.2.md | 368 +++++++++++++++++++++++++- 1 file changed, 367 insertions(+), 1 deletion(-) diff --git a/website/docs/releases/2023/v2023.2.md b/website/docs/releases/2023/v2023.2.md index fcb5a77fe..d1926bd46 100644 --- a/website/docs/releases/2023/v2023.2.md +++ b/website/docs/releases/2023/v2023.2.md @@ -9,6 +9,10 @@ slug: "/releases/2023.2" In previous versions, logging out of a single proxied application would only invalidate that application's session. Starting with this release, when logging out of a proxied application (via the _/outpost.goauthentik.io/sign_out_ URL), all the users session within the outpost are terminated. Sessions in other outposts and with other protocols are unaffected. +- UX Improvements + + As with the previous improvements, we've made a lot of minor improvements to the general authentik UX to make your life easier. + ## Upgrading This release does not introduce any new requirements. @@ -29,6 +33,368 @@ image: ## Minor changes/fixes +- \*/saml: disable pretty_print, add signature tests +- blueprints: don't update default tenant +- blueprints: handle error when blueprint entry identifier field does not exist +- core: delete session when user is set to inactive +- core: fix inconsistent branding in end_session view +- core: fix token's set_key accessing data incorrectly +- events: improve sanitising for tuples and sets +- events: prevent error when request fails without response +- internal: fix cache-control header +- providers/ldap: add unbind flow execution (#4484) +- providers/ldap: fix error not being checked correctly when fetching users +- providers/oauth2: add user id as "sub" mode +- providers/oauth2: only set auth_time in ID token when a login event is stored in the session +- providers/oauth2: optimise client credentials JWT database lookup (#4606) +- providers/proxy: outpost wide logout implementation (#4605) +- stages/authenticator_validate: fix error with passwordless webauthn login +- stages/prompt: field name (#4497) +- stages/prompt: fix mismatched name field in migration +- stages/user_write: fix migration setting wrong value, fix form +- web/admin: fix certificate filtering for SAML verification certificate +- web/admin: fix dark theme for hover on tables +- web/admin: fix token edit button +- web/admin: rework event info page to show all event infos +- web/elements: add dropdown css to DOM directly instead of including +- web/elements: fix ak-expand not using correct font +- web/elements: fix clashing page url param +- web/elements: fix click propagation from modal into table +- web/elements: improve codemirror contrast in dark theme +- web/elements: make table rows clickable to select items +- web/elements: persist table page in URL parameters +- web/flows: improve handling of flow info +- web/user: filter tokens by username +- web/user: refactor loading of data in userinterface + ## API Changes -_Insert output of `make gen-diff` here_ +#### What's New + +--- + +##### `POST` /admin/system/ + +#### What's Changed + +--- + +##### `POST` /core/tokens/{identifier}/set_key/ + +##### `GET` /providers/oauth2/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `PUT` /providers/oauth2/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `PATCH` /providers/oauth2/{id}/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `POST` /providers/oauth2/ + +###### Request: + +Changed content type : `application/json` + +- Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `GET` /providers/oauth2/ + +###### Parameters: + +Changed: `sub_mode` in `query` + +> Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > OAuth2Provider Serializer + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `GET` /oauth2/authorization_codes/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `GET` /oauth2/refresh_tokens/{id}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `GET` /oauth2/authorization_codes/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for BaseGrantModel and ExpiringBaseGrant + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `GET` /oauth2/refresh_tokens/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Serializer for BaseGrantModel and RefreshToken + + - Changed property `provider` (object) + + > OAuth2Provider Serializer + + - Changed property `sub_mode` (string) + + > Configure what data should be used as unique User Identifier. For most cases, the default should be fine. + + Added enum value: + + - `user_id` + +##### `GET` /stages/prompt/prompts/{prompt_uuid}/ + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `name` + + * Added property `name` (string) + +##### `PUT` /stages/prompt/prompts/{prompt_uuid}/ + +###### Request: + +Changed content type : `application/json` + +New required properties: + +- `name` + +* Added property `name` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `name` + + * Added property `name` (string) + +##### `PATCH` /stages/prompt/prompts/{prompt_uuid}/ + +###### Request: + +Changed content type : `application/json` + +- Added property `name` (string) + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + New required properties: + + - `name` + + * Added property `name` (string) + +##### `POST` /stages/prompt/prompts/ + +###### Request: + +Changed content type : `application/json` + +New required properties: + +- `name` + +* Added property `name` (string) + +###### Return Type: + +Changed response : **201 Created** + +- Changed content type : `application/json` + + New required properties: + + - `name` + + * Added property `name` (string) + +##### `GET` /stages/prompt/prompts/ + +###### Parameters: + +Added: `name` in `query` + +###### Return Type: + +Changed response : **200 OK** + +- Changed content type : `application/json` + + - Changed property `results` (array) + + Changed items (object): > Prompt Serializer + + New required properties: + + - `name` + + * Added property `name` (string)