Skip to content

Releases: thalesdemo/safenet-auth-api

version 0.2.0

25 Jun 23:13
@thalesdemo thalesdemo
0.2.0
c1a57c0
Compare
Choose a tag to compare
version 0.2.0 Pre-release
Pre-release

Release Notes for SafeNet RESTful Authentication Gateway Version 0.2.0

This release of SafeNet RESTful Authentication Gateway introduces updates to critical components and streamlines our feature set. We've upgraded underlying frameworks and SDKs to enhance performance and security, and removed redundant demo artifacts for a more production-ready environment. Additionally, this version fixes the authentication challenge response payload handling on both success and failure.

What's Changed

  • Spring Boot Update: Upgraded to Spring Boot 3.3.1 for increased efficiency and stability.
  • SafeNet Java SDK Update: Updated to the 2.0.0 GA version, now with native support for Push OTP. For challenge-response mode, we continue to use the custom API.
  • Cryptographic Library Update: Upgraded bc-fips to the latest version for compliance with the most recent cryptographic standards.
  • TokenValidator Libraries Update: Updated from 1.3.0 to 1.4.0 for commons-1.4.0.jar and token-validator-adapter-jar-with-dependencies-1.4.0.jar, used exclusively in the Push OTP (challenge-response) flow.
  • Removal of Demo Artifacts: Eliminated demo artifacts used to generate fake grid challenges.
  • Authentication Challenge Response Fix: Improved handling of payload and challenge data on authentication success and failure.

Enhancements and Security

  • Framework Security: Spring Boot 3.3.1 brings improved security features and essential patches.
  • SDK Advancements: SafeNet Java SDK 2.0.0 GA includes native Push OTP support, though challenge-response still relies on the custom API.
  • TokenValidator Enhancements: The update to 1.4.0 enhances the stability and performance of token validation processes in the Push OTP (challenge-response) flow.
  • Cryptographic Compliance: Latest bc-fips library update ensures adherence to federal information processing standards.

Breaking Changes

  • Deprecation Notice: Demo artifacts for generating fake grid challenges are removed. Users relying on these for testing should adjust their workflows.

Configuration Update Required

No additional configuration changes are required with this update, but users should ensure all components are compatible with the new versions.

Assets 3
Loading

version 0.1.0

19 Mar 01:00
@thalesdemo thalesdemo
0.1.0
a06eb88
Compare
Choose a tag to compare
version 0.1.0 Pre-release
Pre-release

Release Notes for SafeNet RESTful Authentication Gateway Version 0.1.0

This release of SafeNet RESTful Authentication Gateway brings significant enhancements and a critical update to our configuration requirements. We've focused on security improvements, upgraded to Spring 3, and introduced new features for a streamlined authentication process.

What's Changed

  • Spring 3 and Java 17 Upgrade: Now utilizing Spring 3.2.3 and requiring Java 17 (or above) to take advantage of the latest performance and security enhancements.

Enhancements and Security

  • Improved web security configuration to align with Spring 3 standards.
  • Conducted a comprehensive overhaul of code, including significant cleanup and optimizations.
  • Refined pingConnection logic for improved remote server status evaluation.
  • Handle decryption errors encountered during the loading of the token inventory at application startup, to account for key rotation scenarios.
  • Introduced new HTTP library (OkHttp) for faster response times and correct the behavior with remote server cookies.
  • New functionality to retrieve detailed token information, or a compact and more time-efficient response (default: false) for the endpoint /list-options.
  • The default API contract for /list-options now includes token state, email_address, phone_number, push_capable, operating_system, last_auth_success, unlock_time, and failed_attempts, along with a special array item of "type": "options" that encompasses the compactResponse options list and valuable authentication metrics: remaining_attempts, num_total_failures, and max_attempt_policy.

New Features

  • API Contract Redefinition: The /list-options API now includes comprehensive attributes for a more informative response, reducing the need for multiple remote calls.

Breaking Changes

  • Configuration Update Required: To align with the latest security policies, a new configuration key has been introduced in application.yaml. Users must update their configuration to include this key:
safenet:
  user-lockout:
    max-failed-attempts: SET_TO_INTEGER_VALUE_PER_STA_SERVER_POLICY

View the changelogs

Assets 3
Loading