Skip to content

Releases: Regional-Australia-Bank/ADR-Gateway

Merge changes from myCDRdata feature branch

15 Oct 04:36
@pcurtisrab pcurtisrab
v1.4.0
5b04b03
Compare
Choose a tag to compare
Merge changes from myCDRdata feature branch Pre-release
Pre-release

Functional improvements

  • Authentication with the register is now done by the software product instead of the brand.
  • One MTLS certificate per software product can be configured
  • redirectUrl can be provided as a parameter for consent requests
  • A configuration option to allow errors from ecosystem interactions to be returned in ADR Backend responses, while redacting sensitive material.

What's Changed

New Contributors

Full Changelog: v1.3.1...v1.4.0

Contributors

benkolera, samw2k00, and 3 other contributors
Assets 2
Loading

November Obligation Improvements

27 Oct 23:25
@pcurtisrab pcurtisrab
v1.3.1
4e29417
Compare
Choose a tag to compare
November Obligation Improvements Latest
Latest

Release notes 1.3.1

  • Fixed PUT Client Registration calling wrong URL

Release notes 1.3.0

  • New configuration ADR_GETSSA_XV allows to specify which x-v to send to Register, or none. Can be set to positive integer or false.

Release notes 1.2.8

  • Cleanup handling of claims from various sources (id_tokens and userinfo endpoint)

Release notes 1.2.7

Release notes 1.2.6

  • Fixed #11
  • Packer, Ansible, Vagrant exammple
  • CTS testing fixes
Assets 2
Loading

Consumer Data Standards November 2020 obligations

17 Sep 23:25
@pcurtisrab pcurtisrab
v1.2.5
3db985b
Compare
Choose a tag to compare
Consumer Data Standards November 2020 obligations

Release notes

This release is the culmination of a number of major changes since 1.0, both in the Security Profile of the Consumer Data Standards and in the engine which implements this in Dr. G. While there was the intention of publishing a release for 1.1 and 1.2.0, the confluence of changes resulted in an unstable state in master.

It looks like things have settled down, such that we should now have a stable state with this release. We invite the participation of the community - in testing, contributing pull requests, and defining the roadmap for this product.

Release notes 1.2.5

  • Fixed issue where expired and cached SSA could not be re-evaluated
  • Introduced new test case to fix the above
  • Obfuscate Password and Jwks from log files

Release notes 1.2.4

Added configuration variable ADR_CHECK_DH_IS_UP. By setting to false it is possible to skip DH status checking. This is useful in environments where the Data Holder does not have a status endpoint.

Release notes 1.2.3

Fixed #10

Release notes 1.2.2

Updates to support CDS 1.5.0:

  • Client Authentication at PAR endpoint
  • OIDC property changed from cdr_arrangement_endpoint to cdr_arrangement_revocation_endpoint
  • Arrangement endpoint changes: cdr_arrangement_id is a form parameter and not a url path parameter; DELETE /arrangements/:cdr_arrangement_id becomes POST /arrangements/revoke;
  • Dependency graph changed so as not to require access token for arrangement revocation

Release notes 1.2.1

  • Security patches for lodash and node-forge (node-forge is a development dependency only).
  • Updated sandbox redirect URI content to be human-readable.

Release notes 1.2

** MIGRATION NEEDED **

Please run node Common/Entities/Migrations/Migrate.js after upgrading to this version.
Migrations have not been extensively tested. Please apply caution and ensure that the database is backed up before executing.

Summary of changes:

  • A database migration script has been implemented, in this instance, to facilitate adding cdr_arrangement_id. Similar migrations in the future should be relatively painless. For the moment we have opted to use the TypeORM migration API instead of the generated SQL scripts
  • x new test cases to cover previously uncovered and new E2E revocation scenarios, as well as PAR functionality.
  • New arrangement management endpoint
  • Update DCR registration checks to include cdr_arrangement_management_endpoint

Configuration:

  • DISABLE_CACHE environment option is no longer supported. Since this kind of a hotfix and introduced more problems that it solved, it is not considered a breaking change to remove this.
  • ADR_USE_DH_ARRANGEMENT_REVOKE: This controls whether ADR Gateway will honour the post-November expectation that Data Recipients use the Data Holder Arrangement Management endpoint (as discovered at the well-known endpoint) to revoke consents. This defaults to "true". Setting this to false will result in the legacy revoke endpoint being used. Since arrangement endpoints have not been extensively tested in the ecosystem, it is suggested to set ADR_USE_DH_ARRANGEMENT_REVOKE=false in production until such time that the requirement is binding.
  • ADR_USE_PAR: This controls whether ADR Gateway will attempt to use the Pushed Authorization Request endpoint when published by a Data Holder. This is mandatory when supplying cdr_arrangement_id, and has some benefit in allowing detection of connectivity issues before redirecting the user to the authorize endpoint.

Release notes 1.1

  • New connectivity framework. Highlights:
    • Ability to set minAge for cache to reduce burden on upstream dependencies (i.e. the CDR Register) caused by downstream issues
    • Ability to set max retries (defaults to 3), such that dependency healing attempts are distributed over 3 retries.
    • No more Passthru neurons.
  • Improved and safer logging:
    • No more logging of MTLS keys.
    • Cleaned up logging of HTTP errors
Assets 2
Loading

v1.0.9

15 Jul 06:01
@pcurtisrab pcurtisrab
v1.0.9
efaf3a4
Compare
Choose a tag to compare
v1.0.9

Fixes for build and test

Assets 2
Loading

v1.0.4

17 Jun 04:22
@pcurtisrab pcurtisrab
v1.0.4
88831ee
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.4 Pre-release
Pre-release

Incorporates changes from #1

Assets 2
Loading