Skip to content

Releases: kaancfidan/bouncer

Go 1.18 upgrade

28 Aug 18:09
@kaancfidan kaancfidan
v1.0.0
dd386ee
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Go 1.18 upgrade Latest
Latest

This release includes Go and dependency upgrades.

The upgrade to the underlying JWX library also includes security patches.

Breaking changes

  • BOUNCER_SIGNING_METHOD (-m) environment variable renamed to BOUNCER_SIGNING_ALG (-a) which has more granular control.
Assets 2
Loading

Modernization release

03 Jun 09:08
@kaancfidan kaancfidan
v0.1.0
7d48bf1
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Modernization release
  • Backing JWT library switched to lestrrat-go/jwx.
  • Upgraded to Go 1.16.
  • Elliptic curve signing method parameter renamed from EC to ECDSA.
  • ignoreNotBefore and ignoreExpiration settings removed. These claims are now always validated if they are included in the token.
Assets 2
Loading

Route matching bugs fixed

25 Mar 09:46
@kaancfidan kaancfidan
v0.0.2
49b1042
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Route matching bugs fixed

This version fixes route matching problems arising in scenarios where original request paths are received in request headers and original URI includes query parameters.

Assets 2
Loading

Original request headers

11 Jun 23:40
@kaancfidan kaancfidan
v0.0.1
0c9d6bc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
Original request headers Pre-release
Pre-release

This release is intended to fix the auth server use-case with nginx.

Assets 2
Loading

First release

31 May 23:09
@kaancfidan kaancfidan
v0.0.0
f70104b
Compare
Choose a tag to compare
First release Pre-release
Pre-release
  • Static signing key configuration w/ HMAC, RSA and EC support
  • Single valid issuer and audience configuration
  • Token expiration, "not before" and "issued at" checks with clock skew tolerance
  • Authorization policy config with YAML
  • Reverse proxy mode without TLS termination
Assets 2
Loading