Planned intervention: On Thursday 19/09 between 05:30-06:30 (UTC), Zenodo will be unavailable because of a scheduled upgrade in our storage cluster.

There is a newer version of the record available.

Published August 23, 2022 | Version v0.5.0
Software Open

oidc-mytoken/server: mytoken-server 0.5.0

Creators

  • 1. @KIT-SCC
  • 2. @deepsourcelabs

Description

mytoken 0.5 Features

  • Trusted web applications can skip the consent screen
  • Reworked and improved major parts of the web interface:
    • Consent Screen:
      • On default a more compressed view is shown, where sections can be expanded if needed.
      • Displays the content of the application_name parameter if given.
      • Added possibility for clients to create a consent screen for mytoken-from-mytoken requests
    • Home Screen:
      • Replaced the tokeninfo pane with a new one
        • Removed tokeninfo about the session's mytoken
        • Added a tokeninfo pane to display tokeninfo for arbitrary mytokens (incl. introspection, history, subtokens)
        • Added possibility to create a transfer code
        • Moved the list of mytokens to a separate pane
        • Improved displaying the tree structure of mytokens
        • Reversed the token history order
      • Added "Exchange transfercode" pane, where a transfercode can be exchanged into a mytoken
      • Some parts can be used without being logged-in
    • Token Revocation:
      • Added possibility to revoke a mytoken in the tokeninfo pane
      • Added possibility to revoke listed tokens in the "My Mytokens" pane and in the "Tokeninfo - Subtokens" pane.
    • Capabilities:
      • Simplified the checking of capabilities
      • Read/Write capabilities are now not split but can be toggled
    • Create Mytoken:
      • After creation the mytoken is displayed in the tokeninfo pane, where it can be copied and of course information about the token is displayed
    • Settings:
      • Grant Types:
        • Include pages of different grant types in this view.
        • Grant Types can be expanded (collapsed on default).
        • Link to grant type page that was not clear enough is no longer needed.
API
  • Added application_name to mytoken requests.
  • Added token_type to token introspection response.
  • Added possibility to revoke tokens by revocation_id:
    • Added new revoke_any_token capability.
    • Added revocation_id parameter to responses that list tokens.
Enhancements
  • Admins can adapt the webinterface, i.e. for a custom style
Bugfixes
  • Fixed a bug in the mytoken webinterface where token introspection did not work on the settings page
  • Fixed a bug in the mytoken webinterface restrictions editor, where audiences would always be set to zero when switching from the JSON editor to the GUI editor
  • Fixed a bug where non-expiring mytokens would be revoked when database cleanup was enabled.
  • Fixed a bug where the server could potentially crash
Dependencies
  • Bump github.com/valyala/fasthttp from 1.37.0 to 1.39.0
  • Bump github.com/gofiber/fiber/v2 from 2.34.0 to 2.35.0
  • Bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0
  • Bump github.com/gofiber/template from 1.6.28 to 1.6.30
  • Bump github.com/gofiber/helmet/v2 from 2.2.13 to 2.2.15

Files

oidc-mytoken/server-v0.5.0.zip

Files (2.1 MB)

Name Size Download all
md5:f177903935491c822673b1d26abdd8fb
2.1 MB Preview Download

Additional details

Related works

Is supplement to
https://github.com/oidc-mytoken/server/tree/v0.5.0 (URL)