From cf36da2e5d53c96a55262a8291eb104c181b7eed Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sun, 12 Feb 2023 17:44:53 +0100 Subject: [PATCH] website/docs: prepare 2023.2 release notes Signed-off-by: Jens Langhammer --- website/docs/releases/2023/v2023.2.md | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/website/docs/releases/2023/v2023.2.md b/website/docs/releases/2023/v2023.2.md index a50be6697..ecd85c660 100644 --- a/website/docs/releases/2023/v2023.2.md +++ b/website/docs/releases/2023/v2023.2.md @@ -9,6 +9,8 @@ slug: "/releases/2023.2" In previous versions, logging out of a single proxied application would only invalidate that application's session. Starting with this release, when logging out of a proxied application (via the _/outpost.goauthentik.io/sign_out_ URL), all the users session within the outpost are terminated. Sessions in other outposts and with other protocols are unaffected. + Additionally, different providers now have different cookies, instead of all using the same "authentik_proxy" token. + - UX Improvements As with the previous improvements, we've made a lot of minor improvements to the general authentik UX to make your life easier. @@ -17,6 +19,10 @@ slug: "/releases/2023.2" The OAuth2 provider has been reworked to be closer to OAuth specifications and better support refresh tokens and offline access. Additionally the expiry for access tokens and refresh tokens can be adjusted separately now. +- Generated avatars, multiple avatar modes + + authentik now supports multiple avatar modes, and will use the next configured mode when a mode doesn't have an avatar. For example, the new default configuration attempts to use gravatar, but if the user's email does not have a gravatar setup, it will instead use the new generated avatars. See [Configuration](../../installation/configuration.md#authentik_avatars) + ## Upgrading This release does not introduce any new requirements. @@ -40,34 +46,45 @@ image: - \*/saml: disable pretty_print, add signature tests - blueprints: don't update default tenant - blueprints: handle error when blueprint entry identifier field does not exist +- core: Add support for auto generating unique avatars based on the user's initials (#4663) - core: delete session when user is set to inactive - core: fix inconsistent branding in end_session view +- core: fix missing uniqueness validator on user api - core: fix token's set_key accessing data incorrectly +- events: dont log oauth temporary model creation - events: improve sanitising for tuples and sets - events: prevent error when request fails without response +- internal: better error message when outpost API controller couldn't fetch outposts - internal: fix cache-control header +- policies/event_matcher: fix empty app label not being allowed, require at least 1 criteria - providers/ldap: add unbind flow execution (#4484) - providers/ldap: fix error not being checked correctly when fetching users - providers/oauth2: add user id as "sub" mode +- providers/oauth2: don't use policy cache for token requests - providers/oauth2: only set auth_time in ID token when a login event is stored in the session - providers/oauth2: optimise client credentials JWT database lookup (#4606) +- providers/oauth2: rework OAuth2 Provider (#4652) +- providers/proxy: add token support for basic auth +- providers/proxy: different cookie name based on hashed client id (#4666) - providers/proxy: outpost wide logout implementation (#4605) +- providers/saml: fix invalid SAML provider metadata, add schema tests +- providers/saml: fix mismatched SAML SLO Urls (#4655) - stages/authenticator_validate: fix error with passwordless webauthn login - stages/prompt: field name (#4497) -- stages/prompt: fix mismatched name field in migration - stages/user_write: fix migration setting wrong value, fix form +- web: fix token delete form not showing token identifiers +- web/admin: add notice for user_login stage session cookie behaviour +- web/admin: clarify access code expiration +- web/admin: default to disable policy execution logging - web/admin: fix certificate filtering for SAML verification certificate -- web/admin: fix dark theme for hover on tables -- web/admin: fix token edit button - web/admin: rework event info page to show all event infos - web/elements: add dropdown css to DOM directly instead of including - web/elements: fix ak-expand not using correct font - web/elements: fix clashing page url param -- web/elements: fix click propagation from modal into table - web/elements: improve codemirror contrast in dark theme - web/elements: make table rows clickable to select items - web/elements: persist table page in URL parameters -- web/flows: improve handling of flow info +- web/flows: fix flow background overlay on firefox - web/user: filter tokens by username - web/user: refactor loading of data in userinterface