3.1.0-20200122150853Z-5adb0c2a7a9797ef269399b3b58873d841c5d53e

Merge pull request #291 from OpenConext/bugfix/institution-mixed-casing

Fix sho mixed casing once and for all

3.0.2

Bugfix
The composer lockfile was not in sync with the changes in composer.json.

3.0.2-20191107152854Z-b754930f35b65ec1fa211ff51ce7cd3be69f970a

Merge remote-tracking branch 'origin/develop' into release/3.0

3.0.1

This is a security release that will harden the application against CVE 2019-346

• Upgrade Stepup-saml-bundle to version 4.1.8 #286

2.9.4

This is a security release that will harden the application against CVE 2019-346

• Upgrade xmlseclibs to version 3.0.4 #287

2.9.4-20191107143229Z-f2a26de02fb182d96a3f9dc8c7a3c319ced5413d

Merge pull request #287 from OpenConext/feature/cve-2019-3465-r16

Upgrade xmlseclibs to version 3.0.4

3.0.0 Fine grained authaorization (FGA)

The new fine grained authorization logic will allow Ra's from other institutions to accredidate RA's on behalf of another organisation.
This is determined based on the institution configuration.
https://github.com/OpenConext/Stepup-Deploy/wiki/rfc-fine-grained-authorization/b6852587baee698cccae7ebc922f29552420a296

New features

• New institution configuration options can be configured (useRa, useRaa and selectRaa) #232 #233
• Update the institution configuration projections with the new FGA settings #235 #236
• Update middleware to work with the new Fine Grained AuthorizationContext #239 #240 #241 #242 #243 #244 #245 #248 #249 #250 #280 #281 #279 #278 #274 #272 #270 #271 #269 #268 #267 #266 #265 #264 #263 #260 #259 #257 #255
• Update identity aggregate root to enhance the bounded context with RA info for multiple institutions #246 #247 #251 #254
• Update auditlog to enhance the logs with additional ra institution data #252 #253
• The previously hardcoded "server_version" config option (Doctrine DBAL) is now configurable

Improvements

• Install security upgrades

Backwards compatibility breaking changes
The introduction of the FGA changes resulted in new versions of serveral events. This complicates reverting to an onlder version of Stepup-Middleware after applying one of these new events. Also, existing projections have been updated (ra_listing and ra_candidates) introducing further complications when rolling back to a previous version.

See individual stories and commits for more details.

** Bugfix**

• Fix RA removal when token gets removed #284
• Whitelist missing toString methods #282

3.0.0-20190731084752Z-181f4bdb597a16c0457c6be87a3fcdd84af1857d

Update changelog.md

2.9.3-20190115135113Z-31edf17a2d3dcf7f5df54f385926fcb5833c76c1

Release-16

2.9.3

Bugfix

• Be less specific in which validator is used in InstitutionConfigurationController, this is correctly configured in the
  application configuration. This to prevent cache warming issues in production.