Changelog

1.18.0 (October 18th, 2024)

- Add: user name, request path, query and body to AccessLogger (#541)
- Add: Access Logger Patterns to match to Access Logger (#541)
- Fix: ensure Origin of AccesLogger show x-forwarderd-for header if exists
- Fix: use pipe-separeted format in Access Logger instead of JSON (closer to pep regular log)
- Upgrade body-parser dep from 1.20.0 to 1.20.3
- Upgrade express from 4.19.2 to 4.20.0

1.17.0 (June 12th, 2024)

- Upgrade express dep from 4.18.1 to 4.19.2 due to a vulnerability
- Remove: operations no longer supported in CB API (aligned with Orion 4.0.0)
- Remove: RPM stuff

1.16.0 (November 20th, 2023)

- Remove: dependency on deprecated `domain` node module, improving performance (#498)
- Remove: `disableDomainMiddleware` config option
- Remove: `DISABLE_DOMAIN_MIDDLEWARE` environment variable
- Remove: operations no longer supported in CB API (aligned with Orion 3.10.1)
- Upgrade NodeJS version from 14-slim to 16-slim in Dockerfile

1.15.0 (May 23rd, 2022)

- Add: INSPECT_ENABLED env var to enable node inspection/debuging (#489)
- Add: conf and env var (DISABLE_DOMAIN_MIDDLEWARE) to disable domain middleware to reduce overhead (but loosing some info in logs) (#498)
- Add: new API to retrieve and reset cache stats (GET, DELETE /admin/cacheStats)
- Add: new API to reset cache (DELETE /admin/cache)
- Fix: Dockerfile to include initial packages upgrade
- Remove: unrequired dep underscore
- Upgrade winston dep from ~2.3.1 to 2.4.6
- Upgrade mustache dep from 2.2.1 to 2.3.2
- Upgrade node-cache dep from 1.0.3 to 5.1.2
- Upgrade uuid dep from ~3.0.0 to 8.3.2 
- Upgrade sax dep from 0.6.0 to 1.2.4
- Upgrade body-parser dep from 1.18.3 to 1.20.0
- Upgrade express dep from 4.16.4 to 4.18.1
- Upgrade async dep from 0.9.0 to 2.6.4 
- Set Nodejs 12 as minimum version in packages.json (effectively removing Nodev10 from supported versions)

1.14.0 (March 24th, 2022)

- Add: Add graceful shutdown listening to SIGINT (#487)
- Fix: use logops library instead of direct console.log printing in all cases (#487)
- Upgrade logops dep from 2.1.0 to 2.1.2 due to colors dependency corruption
- Upgrade NodeJS version from 10.19.0 to 14-slim in Dockerfile

1.13.0 (December 21st, 2021)

- Add: url to get perseo-fe version
- Add: Docker healthcheck by asking to pep admin API
- Fix: URL for get orion version
- Fix: possible race condition on variable requestTemplate and roleTemplate at server startup (#477)

1.12.0 (November 24th, 2021)

- Add: support both WARN and WARNING log levels
- Fix: propagate correlator in FWD request (#468)
- Fix: propagate correlator in validation (Access Control) requests
- Fix: request log properly, based in its content-type
- Upgrade requests dep from 2.88.0 to 2.88.2
- Upgrade underscore dep from 1.7.0 to 1.12.1

1.11.0 (April 28th, 2021)

- Add: print object detail in debug logs about cache
- Fix: not logrotate logs of PEP in deploy no Docker (#457)
- Remove: availability subscription related actions in Orion plugin

1.10.0 (January 12th, 2021)

- Add PUT action for perseo /rules plugin

1.9.0 (October 29th, 2020)

- Add `from` based on fowarder header in log context
- Check 401 status response before body content in retrieveSubserviceId
- Set Nodejs 10 as minimum version in packages.json (effectively removing Nodev8 from supported versions)
- Compatibility with RedHat 7 (or Centos 7) RPM

1.8.0 (June 30th, 2020)

- Add: docker env vars for tune authentication cacheTTL
- Fix: logs about invalid PEP token to debug level (#439)
- Fix: to info all access account logs (#376)
- Fix: Check boolean access account config value against right boolean value
- Upgrade NodeJS version from 8.16.0 to 10.19.0 in Dockerfile due to Node 8 End-of-Life
- Make optional PM2 usage in docker entrypoint

1.7.0 (November 11th, 2019)

- Add URL /v2/registration actions for ContextBroker
- Set body parser limit to 1 MB explicitly

1.6.0 (July 29th, 2019)

- Add: version to orion urls as read action (#416)
- Add: access control disabled flag as config environment variable (for docker)
- Add: support REPLACE (NGSIv1), replace (NGSIv2) and appendStrict (NGSIv2) as action type for ContextBroker requests (#422)
- Upgrade from node:8.12.0-slim to node:8.16.0-slim as base image in Dockerfile

1.5.0 (December 19th, 2018)

- Set Nodejs 8.12.0 as minimum version in packages.json (effectively removing Nodev4 and Nodev6 as supported versions)
- Add: use NodeJS 8 in Dockerfile
- Add: use PM2 in Dockerfile
- Upgrade: update logops depedence from 1.0.0 to 2.1.0
- Upgrade: update express dependence from 3.5.1 to 4.16.4
- Upgrade: update request dependence from 2.39.0 to 2.88.0
- Upgrade: update mocha development dependence from ~1.13.0 to 5.2.0
- Upgrade: update istanbul development dependence from ~0.1.34 to 0.4.5
- Remove: old unused development dependencies (closure-linter-wrapper, chai, sinon, sinon-chai, grunt and grunt related module)

1.4.0 (October 22nd, 2018)

- Add: init script in RPM is able to deal with multiple instances of PEP running on the same system (#390)
- Fix: init script in RPM fixes start stop errors in pep service (#390)
- Fix: check boolean config fields against right boolean value
- Fix: mustache dependence version to 2.2.1 due to detected medium vulnerability
- Fix: allow log level in uppercase for access logger and lowercase for tracerequest
- Using precise dependencies (~=) in packages.json

1.3.0 (October 18th, 2017)

- FEATURE update node version to 4.8.4
- FEATURE access accounting in a file of each operation (including user, service/servicepath and action) [#350]
- FIX text/plain bodies are not forwarded (impacting on "PUT /v2/entities/E/attrs/A/value" operation for CB) [#345]
- FIX size of validation cache according with cacheTTLS.validation instead of cacheTTLS.users [#349]

1.2.0 (October 4th, 2016)

- Update Context Broker plugin with v2 operations (#325).
- Add an administrative operation to get the log level (#323).
- Add the 'comp' field to the PEP log (#328)
- Create a cache for Keypass requests (#324).

0.7.2 (December 17th, 2015)

- FIX Makes loading of xacml templates relative to source code (not working directory).
- FIX Race condition causes requests that will never be responsed (#269).
- FIX Nginx error when transfer-encoding: chunked is specified (#268).
- FIX Race condition causes "The token doesn't belong to the provided service" (#272).

0.7.1 (October 29th, 2015)

- Bugfix: init.d service script start PEP Proxy correctly (#236)
- Make the PEP Proxy die when an error is received in a request resend (#225)
- Added environment variable to customize component name (#240)
- Remove query parameters from the FRN generated by the REST plugin (#244)
- Init script fixed due to a COMPONENT_NAME was used in PEP proxy configuration (#246)
- Add Dockerfile for the PEP.
- PEP Crashes when unable to authenticate (#256)
- ADD First NGSIv2 operations to the convenience list (#259)
- Distinguish POST actions in NGSIv2 using query parameters (#262)

0.7.0 (May 21st, 2015)

- Add capacity to start several instances of PEP Proxy using init.d script (#211)
- Add log debug statements for role extraction
- Fix error obtaining subservice ID from its name (208).
- Add integration with Travis CI.

0.6.0 (April 13th, 2015)

- FIX Service not found for tokens coming from a trust.
- FIX XAuth Token not checked if validation is off (#197)
- FIX Wrong JSON payload generates wrong type of error (#194)
- ADD Tests for the IOTAgent plugin (using the generic REST plugin).
- ADD Remove slow operations in debug logs (#48).
- ADD Tracing debug mode (#64).
- ADD Rest component plugin to the executable and environment variables.

0.5.0 (February 27th, 2015)

- Added /v1/contextTypes to the URL Mappings of Orion.
- Fix right plugins directory in pepProxy binary.
- Fix accept content-type header with charset
- Fix proxy query params 
- Fix some urls are not recognized with query params (#148)
- Add "effective" flag to the request to Keystone (#147)
- Fix UpdateContext operations with query parameters are not recognized (#155)
- Remove specific setup for RPM installation in Context Broker uses (#159)
- Add administration port with Version resource (#164)
- Check all the mandatory headers before processing the request (#165) (#110)
- Group and redefine error codes.
- Add execution mode without Access Control authorization for the PEP Proxy (#173)
- Check the service and subservice headers for content (#176)
- Fix the Keystone user authentication error was raised as a connection one (#174)
- Fix type of error when authenticating PEP Proxy (#182)
- Fix some errors appear in the API documentation and don't ever occur (#180)
- Add a guard in the release script to abort if there are unstagged git changes (#181)

0.4.1 (January 16th, 2015)

- FIX XML requests wrongly forwarded as an empty JSON (#103).
- FIX Logs don't show Access Control response due to a wrong format placeholder (#105).

0.4.0 (December 18th, 2014)

- ADD: Environment variable to select the plugin to execute (#49).
- ADD: Process the "/" value for the fiware-servicepath header as a domain-scoped request instead of project scoped (#70).
- ADD: Cache for every call to Keystone (#46).
- FIX: Slash scaped in Access Control Templates (#73).
- FIX: Capture request forwarding errors (#82).
- FIX: Wrong roles attribute in cached value (#84).
- FIX: Missing "v1" prefix in some standard ops (#86).
- FIX: Make the retries on Keystone requests dependent on the error type (#78)
- FIX: Fixed subscribe action (it was 'suscribe') (#94)

0.3.0 (December 2nd, 2014)

- Add: Reuse the token instead of authenticating for each request (Issue #22).
- Add: Support for Keystone as the authentication mechanism.
- Add: Admin role bypass for privileged usage of the proxy.
- Add: Plugin to sucure Keypass PAP.
- Add: Plugin to secure Perseo CEP Rules API.
- Add: Change expected headers form UUIDs to Names (and resolve UUIDs against Keystone).