Releases: networknt/light-4j
1.5.15
1.5.15 (2018-06-18)
Implemented enhancements:
- Dynamic server listener port configuration #210
- Unexpected behavior when Status is created for non-existent status code #169
Closed issues:
- add datasource module for most popular relational databases #220
- create LightHttpHandler with default method to handle the error status #217
- A default content-type is not set #216
- add a new status code in status.yml for authenticate class not found #215
- Add a Build Number to the server.yml #214
- add constants to utility Constants for light-router #212
- OAuthHelper needs to handle the error status from OAuth 2.0 provider #202
Merged pull requests:
- Adding InputStream to String conversion utility #219 (NicholasAzar)
- Fix216 #218 (rpinaa)
- testing addition of graceful shutdown handler #213 (NicholasAzar)
Upgrade Guidelines:
All changes in this release are backward-compatible, so you can just update the version number in your pom.xml file. The following enhancements might be useful for you though:
-
A new property buildNumber has been added to the server.yml from light-codegen. This variable can be used for auditing in your API.
-
It is highly recommended to use LightHttpHandler interface instead of HttpHandler as it contains a default method to handle error status.
1.5.14
1.5.14 (2018-05-19)
Closed issues:
- update client.yml and secret.yml in other modules #211
- Rename resources module to resource for consistency #209
- update client module to support refresh token flow for light-spa-4j #208
- update verifyJwt with ignoreExpiry flag #207
- add default method setExchangeStatus into MiddlewareHandler #206
- move auth and csrf to light-spa-4j repository #205
- add error code for light-spa-4j stateless-token handler #204
- switch StatelessAuthHandler to middleware handler #203
- add stateless auth and csrf handlers for SPA application #201
- pass csrf token in oauth token request #200
- add status code for light-proxy tableau authentication handler #199
- move password in jwt.yml to secret.yml #198
- share the connections to consul in ConsulClientImpl #196
Merged pull requests:
Upgrade Guidelines
There is no API change for this release; however, the following three config files have been updated:
- Add refresh token client secret in secret.yml
# Fresh token client secret for OAuth2 server
refreshTokenClientSecret: f6h1FTI8Q3-7UScPZDzfXA
- Remove oauthHttp2Support from security.yml to client.yml
# If OAuth2 provider support http2 protocol. If using light-oauth2, set this to true.
oauthHttp2Support: true
- Add enableHttp2 and refresh token section in client.yml
# set to true if the oauth2 provider supports HTTP/2
enableHttp2: true
refresh_token:
# token endpoint for refresh token grant
uri: "/oauth2/token"
# client_id for refresh token grant flow. client_secret is in secret.yml
client_id: f7d42348-c647-4efb-a52d-4c5787421e72
# optional scope, default scope in the client registration will be used if not defined.
scope:
- petstore.r
- petstore.w
For details, please refer to https://github.com/networknt/light-4j/blob/master/client/src/main/resources/config/client.yml
1.5.13
1.5.12
1.5.12 (2018-04-08)
Closed issues:
- upgrade to prometheus 0.3.0 #192
- rollback zkclient to 0.3 #191
- remove consul client and update version for zkclient and curator #190
- remove antlr4 from dependencies #189
- upgrade jackson 2.9.5 remove swagger from light-4j dependencies #188
- add two more test cases for Http2Client #186
Upgrade Guidelines:
There is no functional change in this release but only upgrade the versions of dependencies after black duck security scan. Here is the new version of each library.
<version.jackson>2.9.5</version.jackson>
<version.slf4j>1.7.25</version.slf4j>
<version.jose4j>0.6.3</version.jose4j>
<version.commons.codec>1.11</version.commons.codec>
<version.encoder>1.2.1</version.encoder>
<version.logback>1.2.3</version.logback>
<version.junit>4.12</version.junit>
<version.mockito>2.10.0</version.mockito>
<version.undertow>1.4.23.Final</version.undertow>
<version.swagger-parser>1.0.34</version.swagger-parser>
<version.hamcrest>1.3</version.hamcrest>
<version.assertj>3.8.0</version.assertj>
<version.hdrhistogram>2.1.10</version.hdrhistogram>
<version.jsr305>3.0.2</version.jsr305>
<version.json-schema-validator>0.1.18</version.json-schema-validator>
<version.zookeeper>3.5.3-beta</version.zookeeper>
<version.zkclient>0.3</version.zkclient>
<version.curator>4.0.1</version.curator>
<version.snakeyaml>1.20</version.snakeyaml>
<version.caffeine>2.6.2</version.caffeine>
<version.prometheus>0.3.0</version.prometheus>
<version.javamail>1.6.1</version.javamail>
1.5.11
1.5.11 (2018-03-31)
Fixed bugs:
- JWT signing private key cannot be externalized #178
- scope encoding changes space to plus sign in OAuthHelper #172
Closed issues:
- add ERR11300 FAIL_TO_GET_TABLEAU_TOKEN error code in status.yml #184
- check if trace is enabled in Http2Client logger #183
- add isBlank to StringUtil in utility class #180
- split JwtHelper to JwtHelper for token verification and JwtIssuer to issue token #179
- remove Apache commons-lang dependency from mask #177
- remove commons-io dependencies #176
- refactor CorsHttpHandlerTest to use Http2Client #175
- add status code ERR11202 for hybrid-4j get request #173
- remove unused import in DecryptUtil #171
Merged pull requests:
- feat(util): Add toByteBuffer overload util method to convert files. #174 (NicholasAzar)
1.5.10
1.5.9
1.5.9 (2018-02-21)
Closed issues:
- Support dynamic port binding for Kubernetes hostNetwork #162
- switch light-config-server connection to HTTP 2.0 #159
Merged pull requests:
Upgrade Guide:
-
To support Kubernetes cluster deployment and client side service discovery, the server cannot be started with both http and https. If both are enabled, then https will be used.
-
The server module has been enhanced to support dynamic port allocation and self registration on Kubernetes cluster. The following section has been added to the server.yml config file. If you are not using the feature, you don't need to include the block. This change is backward compatible. Example can be found at https://github.com/networknt/light-example-4j/blob/master/discovery/api_a/kubernetes/src/main/resources/config/server.yml
There is Kubernetes tutorial on how to use it as part of the service registry and discovery.
# Dynamic port is used in situation that multiple services will be deployed on the same host and normally
# you will have enableRegistry set to true so that other services can find the dynamic port service. When
# deployed to Kubernetes cluster, the Pod must be annotated as hostNetwork: true
dynamicPort: false
# Minimum port range. This define a range for the dynamic allocated ports so that it is easier to setup
# firewall rule to enable this range. Default 2400 to 2500 block has 100 port numbers and should be
# enough for most cases unless you are using a big bare metal box as Kubernetes node that can run 1000s pods
minPort: 2400
# Maximum port rang. The range can be customized to adopt your network security policy and can be increased or
# reduced to ease firewall rules.
maxPort: 2500
1.5.8
1.5.8 (2018-02-03)
Closed issues:
- fix a typo in variable JwT_CLOCK_SKEW_IN_SECONDS #158
- accept other optional fields in OAuth2 token response #156
- handle a list of string instead of list of maps in BodyHandler #154
- Add a status code ERR12042 SERVICE_ENDPOINT_NOT_FOUND #153
Merged pull requests:
- Fix HTTP verbs #152 (morganseznec)
** Upgrade guideline: **
This release contains small enhancements so no config file changes. Just change the pom.xml version number to 1.5.8 from 1.5.7 will do.
1.5.7
1.5.6
1.5.6 (2017-12-29)
Fixed bugs:
- Get token un Http2Client line 367 is hard coded using Http2 #146
Closed issues:
- some compiler warnings #148
- Add email sender module and update secret.yml #147
- Add host header for getkey in oauthHelper for HTTP 1.1 #145
Upgrade Guide:
In this release, a new email module is added for sending emails and the emailPassword is added to the secret.yml file. Other than this, the release is backward compatible with 1.5.5
# EmailSender password default address is [email protected]
emailPassword: change-to-real-password