github ory/oathkeeper v0.39.0
on GitHub

latest releases: v0.40.7, v0.40.7-pre.0, v0.40.6...
2 years ago

This release ships several improvements to cache logic and request detection. Additionally, the bearer_token and cookie_session handlers pass only the needed header (Authorization, Cookie) to the check URL. To pass additional headers, use the forward_http_headers configuration key.

Breaking Changes

From now on, the bearer_token and cookie_session handlers pass only the needed header (Authorization, Cookie) to the check URL. To pass additional headers, use the forward_http_headers configuration key.

Closes #954
Closes ory/cloud#76

Co-authored-by: hackerman 3372410+aeneasr@users.noreply.github.com

Bug Fixes

  • Cache behavior with TTL (#968) (c4836f5):

    This test will fail since everytime Authenticate() succeeds the token
    is cached, even if it was already cached. This behavior makes it
    possible to keep a token in cache if it is authenticated in a period
    less than the TTL.

  • Less flaky rule tests (#973) (6ee6a73):

    Instead of (flaky) fixed sleeps, we now use assert.Eventually
    to wait until the rule changes were propagated.

  • Update format (#970) (17c4214)

Code Generation

  • Pin v0.39.0 release commit (f96f2be)

Features

  • JWT should only respect JWT-formats (#958) (6959524)
  • Pass only essential and configured headers to authenticator (#952) (e5e4de4)

Changelog

  • 84a0fe0 autogen(docs): generate and bump docs
  • 353635e autogen(docs): regenerate and update changelog
  • 83097aa autogen(docs): regenerate and update changelog
  • 1d5b187 autogen(docs): regenerate and update changelog
  • 6243059 autogen(docs): regenerate and update changelog
  • 022f7c5 autogen(openapi): regenerate swagger spec and internal client
  • 59b0d9b autogen(openapi): regenerate swagger spec and internal client
  • 5fa3cbc autogen(openapi): regenerate swagger spec and internal client
  • 93cbdd6 autogen(openapi): regenerate swagger spec and internal client
  • 7f370a1 autogen(openapi): regenerate swagger spec and internal client
  • f714cd3 autogen(openapi): regenerate swagger spec and internal client
  • fb938d4 autogen(openapi): regenerate swagger spec and internal client
  • 9731100 autogen(openapi): regenerate swagger spec and internal client
  • f96f2be autogen: pin v0.39.0 release commit
  • 8908ddb chore: apply prettier formatting (#972)
  • 988c3b7 chore: format (#971)
  • e49c0c5 chore: update repository templates
  • a06464b chore: update repository templates
  • 58c7fdf chore: update repository templates
  • 7618fec chore: update repository templates
  • cc5ac32 chore: update repository templates
  • ddf20ea chore: update repository templates
  • 6721bed chore: update to ory-prettier-styles 1.3.0 (#975)
  • 6959524 feat: JWT should only respect JWT-formats (#958)
  • e5e4de4 feat: pass only essential and configured headers to authenticator (#952)
  • c4836f5 fix: cache behavior with TTL (#968)
  • 6ee6a73 fix: less flaky rule tests (#973)
  • 17c4214 fix: update format (#970)

Artifacts can be verified with cosign using this public key.

Check out latest releases or
releases around ory/oathkeeper v0.39.0

Don't miss a new oathkeeper release

NewReleases is sending notifications on new releases.

Get notifications