- Extra JWT metrics for token validation success and error
- Fixed a bug for the
oauth serverswhen rows were empty it was returnignullon the json reponse.
- Check GitHub permissions. Sets
is_admininto the jwt token when the chosen provider is Github - Jaeger support as distributed tracing backend
- Added Proxy Listen Path validation to prevent
chifrom panicking in case of invalid listen path - Added load balancing for upstream targets. Now you can add multiple upstream targets and Janus will balance the requests.
- Added support for url parameters both in listen path and upstreams.
- Monitor health check endpoints only of active proxies. Reported on #203
- Fix hot reload was not working when using in memory storage implementation
- Fix oauth servers post endpoint incorrect behaviour. Reported on #234
- Add constant time compare to basic auth password. Reported on #194
- Appdash support
- THe docker image does not depend on a github release anymore
upstream_urlis now deprecated in favor of using theupstreamsobject. This will allow Janus to balance requests if you have more than one upstream target.
- Added response transformer plugin
- Added basic auth plugin
- Added github login for the Admin API
- Changed our dependency management tool from glide to Dep
- Fixed problems when using -c flag to specify a configuration file
- Fixed oAuth2 introspection token strategy when configuring an oauth server
- Added request body limit plugin
- Track application start/restart with stats metrics
<prefix>.app.init.<host>.<app-file>
- Concurrent map writes in stats-go
- Non sampled spans recording in gcloud-opentracing
- Added support for JWT signature validation chain for
jwttoken strategy - Added support for OAuth2
introspectiontoken strategy - Added rate limit configurations for all endpoints of an OAuth2 server
- Dropped support for
storagetoken strategy
- Moved Concourse CI scripts to another repo
- Changed health check JSON output to be in alignment with health-go
- Logging configuring is now handled by logging-go, so more logging options now
- Bumped Chi router to 3.0, see changelog if you're using parametrised urls
- Added plugin to transform a request to an upstream. You can now modify headers and query string before the request is sent
- Added godog for behaviour tests
- Allow insecure upstream SSL certificate
- Added health-check statement on the Dockerfile. This will allow you to deploy the container to swarm/kubernetes/ecs and have it checked the
/statusendpoint.
- Using viper to load the API definitions when using file based configurations. This allows you to configure your API definitions in YAML, JSON and TOML.
- The underling router was changed from httptreemux to Chi.
- Proper Mux reload when an API or OAuth server is changed
- Adds the ability to hot reload proxy definitions. To enable this feature you MUST use Redis as your datastore. If you use
in memorystorage this feature will not be enabled. - Added the ability to enable or disable plugins per API definitions. This will bring us a lot of flexibility in developing new plugins and hooking them up. This feature is a BC and we should upgrade the major version because of that.
- Added health checks to any API definition
- Rate limit bug that was around for quite a while.
- Problems when creating a new API definition
- Now the docker image is super tiny, less then 14mb when decompressed.
- Using commands to start Janus. This way we can improve the organization on how we want the binary to work. Also, this will allow us to probably move towards an ideal solution for hot reload of configs.
- Added coveralls as our coverage tool.
- Added plugins specifically for the round tripper. This allows us to decouple the token logic from the tripper.
- The CI pipeline now bumps the patch version automatically.
- Updated docker compose to use the TOML config file
- Replaced the statsd implementation for our stats-go package
- Added Open Tracing support. Available tracers are Google Cloud Platform and Jaeger.
- Split the application in two different ports, an administrative port (defaults to
8081) and proxies port (defaults to8080). This way we avoid route collision with the admin routes and also we don't need to load tons of middlewares for the admin routes that are not necessary. - Now the docker image is super tiny, less then 14mb when decompressed.
- API Definition and OAuth Server Definition don't depend on an ID anymore, now the name becomes the unique identifier. This works both in MongoDB and file based configurations.
- Handled 404 in a more elegant way
- Added possibility to create configurations using YAML, JSON, TOML or environemnt variables.
- Added a host matcher middleware.