v3.1.0 - Return key ID from CreateKey request, authenticate /api-key endpoints

Added

• Return key ID (and metadata) from the CreateKey request.

Fixed

• Fixed the build workflow to push images on git tags.

Changed

• Require authentication by x-mfa-apikey and x-mfa-apisecret for both /api-key endpoints. This may be a breaking change if these endpoints are in an automated workflow. Since these are generally not used for production and are rarely-used endpoints, no major version bump is necessary.

What's Changed

• sil-org rename by @jason-jackson in #151
• Rename silinternational to sil-org by @briskt in #152
• simplify by removing unnecessary use of the compact function by @briskt in #153
• rename silinternational to sil-org by @briskt in #154
• Push an image for tags by @briskt in #155
• Release 3.1.0 - Return key ID from CreateKey request by @briskt in #156

Full Changelog: v3.0.3...v3.1.0

v3.0.3

What's Changed

• Release 3.0.3 -- fix Sentry reporting by @briskt in #150

Full Changelog: v3.0.2...v3.0.3

v3.0.2

What's Changed

• set up Sentry logger to report all 500 errors by @briskt in #146
• Release 3.0.2 -- Remove credentialId output by @briskt in #145

Full Changelog: v3.0.1...v3.0.2

v3.0.1 -- fix IAM naming conflict

What's Changed

• Release 3.0.1 -- name cdk user to include app_env to avoid conflict by @briskt in #144

Full Changelog: v3.0.0...v3.0.1

v3.0.0 -- unconditionally define the DynamoDB tables

What's Changed

• Update README to reference compose.yaml instead of docker-compose.yml by @briskt in #141
• define the DynamoDB tables unconditionally by @briskt in #143
• Release 3.0.0 -- Import DynamoDB tables by @briskt in #142

Full Changelog: v2.6.0...v3.0.0

v2.6.0 -- add TOTP capabilities

Added

• Added new endpoints to support TOTP and allow the decommissioning of the serverless-mfa-api services.
  • POST /totp
  • POST /totp/{id}/validate
  • DELETE /totp/{id}

Changed

• Various refactorings and development improvements.

What's Changed

• IDP-1511: Upgrade to go 1.24 and upgrade dependencies by @jason-jackson in #126
• merge back to develop by @briskt in #127
• Update CODEOWNERS by @ethancanne in #128
• add the POST /totp endpoint which creates a new TOTP by @briskt in #129
• refactor router to reduce duplication and remove an external dependency by @briskt in #130
• Misc cleanup by @briskt in #131
• use CDK and SAM to serve the Lambda locally by @briskt in #132
• implement DELETE /totp/{uuid} endpoint by @briskt in #133
• remove satori/go-uuid by @briskt in #134
• implement POST /totp/{uuid}/validate endpoint by @briskt in #135
• simplify route table by @briskt in #136
• fix TOTP Validate - decrypt and use the actual secret by @briskt in #137
• log errors but don't send the details to the client by @briskt in #138
• remove unused code by @briskt in #139
• Release 2.6.0 -- add TOTP endpoints by @briskt in #140

New Contributors

• @ethancanne made their first contribution in #128

Full Changelog: v2.5.0...v2.6.0

v2.5.0 -- API endpoint to rotate API key

What's Changed

• Move U2F decryption into Load by @briskt in #116
• move the storage client out of the Context by @briskt in #117
• use string argument and return value by @briskt in #118
• Release -- refactoring for easier maintenance by @briskt in #119
• add functions to re-encrypt using a new key to prepare for key rotation by @briskt in #120
• re-encrypt WebAuthn records by @briskt in #121
• Merge main back to develop by @briskt in #122
• use AWS CDK for deployment by @briskt in #123
• Finish conversion from Serverless Framework to AWS CDK by @briskt in #124
• Release 2.5.0 -- rotate an API key by @briskt in #125

Full Changelog: v2.4.1...v2.5.0

v2.4.1 -- internal refactoring and preparatory work

What's Changed

• add the ability to scan the WebAuthn table by apiKey by @briskt in #106
• remove redundant bool return value from IsCorrect by @briskt in #107
• extract function newCipherBlock by @briskt in #109
• add new function EncryptLegacy to prepare for credential rotation by @briskt in #110
• include check for key activation in IsCorrect by @briskt in #111
• use GitHub Actions environments by @briskt in #113
• add configuration for TOTP table by @briskt in #114
• remove pkg/errors by @briskt in #115
• Release -- more groundwork for credential rotation by @briskt in #112

Full Changelog: v2.4.0...v2.4.1

v2.4.0 -- add api-key endpoints and a small bugfix

What's Changed

• fix bug in DecryptData function and remove workarounds by @briskt in #105
• add endpoints to create and activate API keys by @briskt in #103
• Release - key management API by @briskt in #108

Full Changelog: v2.3.8...v2.3.9

v2.3.8 -- bugfix

Changed

• Internal refactoring to prepare for additional features for API Key management

Fixed

• Added a missing return in BeginRegistration

What's Changed

• Create an OpenAPI spec by @briskt in #91
• add code docs for functions in webauthn.go and user.go by @briskt in #93
• add code docs for functions in apikey.go and rename a couple functions by @briskt in #94
• minor fixes by @briskt in #95
• remove workaround for bug in webauthn library, now fixed by @briskt in #98
• rename DynamoUser to WebauthnUser by @briskt in #99
• Release 2.3.8 -- cleanup and docs by @briskt in #97
• move webauthn functions into separate files by @briskt in #102
• Release 2.3.8 -- refactoring to prepare for api-key features by @briskt in #104

Full Changelog: v2.3.7...v2.3.8