All notable changes to this project will be documented in this file.
- Upgrade to JAVA 21
- Add prompt=consent when requesting offline_access
- Allow using without eduID
- Add GET /assiciations/{personID}
- BREAKING: When using the default file-base database, this update will require the removal of the H2 database as the new version is incompatible with the old data format.
- Feature toggle not to requre an eduID,
require_eduid
- Added support for EC JWT signing
- extra logging for access tokens
- Do not save associationID if enrollment is denied
- Configuration for JWK set timeout and max size
- Configure connection pool settings for long waits
- Improve handling database connections under load
Extra config in application.yml for JWK set JWK set retrieval
jwk:
# The HTTP connect timeout for JWK set retrieval, in millisecond
connect-timeout: 1500
# The HTTP read timeout for JWK set retrieval, in milliseconds
read-timeout: 1500
# The HTTP entity size limit for JWK set retrieval, in bytes
size-limit: 153_600Extra config in application.yml for connections to backend
config:
connection_timeout_millis: 20_000
connection_pool_keep_alive_duration_millis: 300_000
# Set to 0 to disable connection-pooling. If responses are slow, connection-pooling does not matter anyway
connection_pool_max_idle_connections: 256- Return error messages to broker (instead of whitelabel error pages)
- Do not store the resultsendpoint, but save the homeinstitution and get the resultendpoint from service-registry when sending the sesult.
- Store the access- and refreshtoken when refreshed
- Return errors from remote results-endpoint to SIS
Use broker.service_registry_base_url instead of
broker.validation_service_registry_endpoint. This should point to the base
url of the broker
First release