Changes
Documentation Updates
Updated sections in the documentation for:
- Choose database in Getting Started
- Started a new page for production setup
- Info on Android passkey status
- Encryption section
- Getting Started with Kubernetes
More strict origin checking
More strict checking and validation for allowed_origins has been implemented, when you configure clients. Before,
the regex only checked for the input to be a valid URI, which is not strict enough for validation an origin.
This should improve the UX and prevents hard to debug bugs, when someone enters an invalid origin.
At the same time, a better visual separation has been added to the Origins / URI section in the UI when configuring
clients.
Small performance optimizations
Small improvements have been made in a lot of places, which resulted in less memory allocations.
9144f2a
POST /authorize simplification
The logic on POST /authorize has been simplified internally. The code grew to an over-complicated state with new
features coming in all the time until a point where it was hard to follow. This has been simplified.
This makes the software better maintainable in the future.
af0db9d
Bugfix
- add all
/fed_cm/routes as exceptions to the new CSRF protection middleware
360ce46 - upstream auth provider templates could get stuck in the UI when switching between them
d2b928a - when a problem with an upstream provider occurs on
/callback, you will now see the detailed error in the UI
8041c95
Images
Postgres
ghcr.io/sebadob/rauthy:0.23.3
SQLite
ghcr.io/sebadob/rauthy:0.23.3-lite