lib/fixtures: v0.2.1

0.2.1 (2024-05-07)

Features

• ers: Create entity resolution service, replace idp plugin (#660) (ff44112)
• sdk: Adds TLS Certificate Exchange Flow (#667) (0e59213)

service: v0.4.0

0.4.0 (2024-04-30)

Features

• chore: move db to pkg so types are exported (#707) (94d3d9d), closes #706

service: v0.3.0

0.3.0 (2024-04-29)

Features

• core: add service scoped database clients (#647) (019a3bf)

Bug Fixes

• config: update docs for enforce dpop config and clean up markdown tables (#697) (983ce71)
• policy: normalize FQN lookup to lower case (#668) (cd8a875), closes #669

service: v0.2.0

0.2.0 (2024-04-26)

Features

• policy: move key access server registry under policy (#655) (7b63394)
• provisioning: Keycloak provisioning from custom config (#573) (f9e9d72)
• sdk: make enforcement of DPoP optional (#617) (028064c)

Bug Fixes

• core: remove unused db argument (#653) (cfbd168)
• db: invalid uuid error message (#633) (c8f61aa)
• sdk: this (enforceDPoP) flag needs to be flipped (#649) (dd65db1)

sdk: v0.2.0

0.2.0 (2024-04-26)

Features

• policy: move key access server registry under policy (#655) (7b63394)

protocol/go: v0.2.0

0.2.0 (2024-04-25)

Features

• policy: move key access server registry under policy (#655) (7b63394)

lib/fixtures: v0.2.0

0.2.0 (2024-04-26)

Features

• allow --insecure in provision keycloak cmd (#629) (a672325)
• provisioning: Keycloak provisioning from custom config (#573) (f9e9d72)

service: v0.1.0

0.1.0 (2024-04-22)

⚠ BREAKING CHANGES

• Singular platform/service (#511)

Features

• ability to add public routes that bypass authn middleware (#601) (7c65308)
• ability to set config key or config file from root cmd (#502) (56a0131)
• allow --insecure in provision keycloak cmd (#629) (a672325)
• kas: support HSM and standard crypto (#497) (f0cbe03)
• opa: Adding jq OPA builtin for selection (#527) (d4ab17a)
• policy: add created_at and updated_at timestamps to metadata (#538) (e812563)
• policy: update fixtures, proto comments, and proto field names to reflect use of jq selector syntax within Conditions of Subject Sets (#523) (16f40f7)
• sdk: don't require client_id in the auth token (#544) (a1e70f9)
• sdk: normalize token exchange (#546) (9059dff)

Bug Fixes

• authorization: Hierarchy working in GetDecisions (#519) (2856485)
• core: allow org-admin casbin role to call KAS rewrap endpoint (#579) (a64c62a)
• core: fix panic on nil pointer dereference by passing KAS the SDK instance on registration (#574) (327bfca)
• core: fixes fixtures provisioning after filepath change with repo restructuring (#521) (f128e9f)
• load extraprops for a service config with remainder values (#524) (d3d72dc)
• PLAT-3069: opentdf/platform, gRPC: Namespace with existed attribute(s) can be deactivated w/o any prompts (#489) (e5a3324)
• policy: remove hardcoded schema in goose migration 20240405000000 (#596) (36c3b16)
• policy: return created_at and updated_at timestamps in CREATE metadata (#557) (fcaaeea)
• resolves issues auth policy configuration (#498) (08e67cf)
• service: go.mod version fix sync (#604) (6323efd)
• url encode db password field to handle special characters (#624) (5069f9d)

Code Refactoring

• Singular platform/service (#511) (40c8b97)

sdk: v0.1.0

0.1.0 (2024-04-22)

Features

• add structured schema policy config (#51) (8a6b876)
• auth: add authorization via casbin (#417) (292f2bd)
• in-process service to service communication (#311) (ec5eb76)
• kas: support HSM and standard crypto (#497) (f0cbe03)
• key access server assignments (#111) (a48d686), closes #117
• key access server registry impl (#66) (cf6b3c6)
• namespaces CRUD: protos, generated SDK, db interactivity for namespaces table (#54) (b3f32b1)
• PLAT-3112: Initial consumption of ec_key_pair functions by nanotdf (#586) (5e2cba0)
• policy: add FQN pivot table (#208) (abb734c)
• policy: add soft-delete/deactivation to namespaces, attribute definitions, attribute values #96 #108 (#191) (02e92a6)
• resourcemapping: resource mapping implementation (#83) (c144db1)
• sdk: BACK-1966 get auth wired up to SDK using Options (#271) (f1bacab)
• sdk: BACK-1966 implement fetching a DPoP token (#45) (dbd3cf9)
• sdk: BACK-1966 make the unwrapper retrieve public keys as well (#260) (7d051a1)
• sdk: BACK-1966 pull rewrap into auth config (#252) (84017aa)
• sdk: Include auth token in grpc (#367) (75cb5cd)
• sdk: normalize token exchange (#546) (9059dff)
• sdk: Pass dpop key through to rewrap (#435) (2d283de)
• sdk: read expires_in from token response and use it to refresh access tokens (#445) (8ecbe79)
• sdk: sdk stub (#10) (8dfca6a)
• sdk: take a function so that callers can use this the way that they want (#340) (72059cb)
• subject-mappings: refactor to meet db schema (#59) (59a073b)
• tdf: implement tdf3 encrypt and decrypt (#73) (9d0e0a0)
• tdf: sdk interface changes (#123) (2aa2422)
• tdf: sdk interface cleanup (#201) (6f7d815)
• tdf: TDFOption varargs interface (#235) (b3fb720)

Bug Fixes

• archive: remove 10gb zip file test (#373) (6548f55)
• attribute missing rpc method for listing attribute values (#69) (1b3a831)
• attribute value: fixes attribute value crud (#86) (568df9c)
• issue 90: remove duplicate attribute_id from attribute value create/update, and consumes schema setup changes in namespaces that were introduced for integration testing (#100) (e0f6d07)
• issue-124: SDK kas registry import name mismatch (#125) (112638b), closes #124
• proto/acre: fix resource encoding service typo (#30) (fe709d2)
• remove padding when b64 encoding (#437) (d40e94a)
• SDK Quickstart (#628) (f27ab98)
• sdk: change unwrapper creation (#346) (9206435)
• sdk: double bearer token in auth config (#350) (1bf4699)
• sdk: fixes Manifests JSONs with OIDC (#140) (a4b6937)
• sdk: handle err (#548) (ebabb6c)
• sdk: make KasInfo fields public (#320) (9a70498)
• sdk: shutdown conn (#352) (3def038)
• sdk: temporarily move unwrapper creation into options func. (#309) (b34c2fe)
• sdk: use the dialoptions even with no client credentials (#400) (a7f1908)
• security: add a new encryption keypair different from dpop keypair (#461) (7deb51e)

protocol/go: v0.1.0

0.1.0 (2024-04-22)

Features

• attr value lookup by fqn: adds GetAttributesByFqns rpc in attributes service #243 (#250) (b810d33)
• auth: add authorization via casbin (#417) (292f2bd)
• authorization service: Gets the attributes from the in-memory service connection inside the GetDecisions request (#273) (ce57117)
• authorization: entitlements (#247) (42c4f27)
• core: exposes new well-known configuration endpoint (#299) (d52cd21)
• idp-add-on: PLAT-3005 Add keycloak idp add on and idp add on protos (#233) (2365e61)
• kas: authorization decisions (#431) (82e8895)
• PLAT-2950: Update buf generated interface code for java (#240) (d7e2642)
• policy object selectors: adds initial selector protos, moves policy object type messages to top-level to avoid circular imports, and provides subject mappings in response to GetAttributeValuesByFqns (#372) (e9d9241)
• policy subject mappings condition sets / migrations: adds DB schema, fixes migrate down command, adds migrate up command, bumps goose (#286) (4d7a032)
• policy: adds support for match subject request to get entitlements without FQN scopes (#347) (63c34a5)
• policy: enhance and expand metadata and normalize API (#314) (9389f3b)
• policy: enhance subject mappings with subject condition sets (#321) (df692eb)
• policy: list attrs by namespace (#479) (92d8f8c)
• policy: list attrs by namespace name (#487) (04e723f)
• policy: rework attribute value members (#398) (1cb7d0c)
• policy: support attribute value creation (#454) (432ee6b)
• policy: update fixtures, proto comments, and proto field names to reflect use of jq selector syntax within Conditions of Subject Sets (#523) (16f40f7)

Bug Fixes

• authorization: remove access pdp internal AttributeInstance type and use policy proto generated struct types instead (#485) (8435f59)
• policy: Adds policy package infix (#280) (57e8ef9)
• protos: authorization service's ResourceAttribute message should map to updated platform policy schema (#238) (bf381dc)