Rev |
Age |
Author |
Path |
Log message |
Diff |
1308 |
2023-06-18 23:44:45 |
daniel-marschall |
/trunk/ |
|
|
1307 |
2023-06-18 22:51:36 |
daniel-marschall |
/trunk/ |
|
|
1306 |
2023-06-18 20:01:33 |
daniel-marschall |
/trunk/ |
Code improvements in re JWT |
|
1305 |
2023-06-18 16:17:39 |
daniel-marschall |
/trunk/ |
Simplified web browser login: Regular "PHP Session login" was removed and replaced by JWT cookie login (previously known as "remember me").
If you had previously disabled JWT_ALLOW_LOGIN_USER or JWT_ALLOW_LOGIN_ADMIN, please enable them again.
JWT tokens now contain registered claims (OIDs). |
|
1303 |
2023-06-13 01:59:05 |
daniel-marschall |
/trunk/ |
|
|
1301 |
2023-06-01 00:04:36 |
daniel-marschall |
/trunk/ |
Simplified OIDplusAuthContentStore* classes |
|
1300 |
2023-05-30 01:04:00 |
daniel-marschall |
/trunk/ |
|
|
1298 |
2023-05-30 00:06:43 |
daniel-marschall |
/trunk/ |
Security Feature: JWT token can now be invalidated by changing the Server Secret (in the base configuration). The update invalidates all JWT once. You need to log-in again. |
|
1283 |
2023-05-18 21:50:11 |
daniel-marschall |
/trunk/ |
makeAuthKey and validateAuthKey can now be used to make temporary keys with limited lifetime.
makeAuthKey and makeSecret now accept array inputs |
|
1282 |
2023-05-18 00:23:38 |
daniel-marschall |
/trunk/ |
Plugins can no longer access the SERVER_SECRET base configuration settings through OIDplusBaseConfig. Instead, makeAuthKey and makeSecret must be used. The bundled plugins are already updated. |
|
1281 |
2023-05-17 21:44:02 |
daniel-marschall |
/trunk/ |
JWT Tokens IAT time is checked against the future |
|
1277 |
2023-05-15 13:45:50 |
daniel-marschall |
/trunk/ |
|
|
1265 |
2023-05-13 01:26:05 |
daniel-marschall |
/trunk/ |
NEW FEATURE: REST API (Framework Beta Stage; endpoints are not implemented yet) |
|
1130 |
2023-03-26 00:38:14 |
daniel-marschall |
/trunk/ |
Another large bunch of type-safety changes |
|
1116 |
2023-03-23 23:09:25 |
daniel-marschall |
/trunk/ |
BIG CHANGE: All methods have received a PHPdoc comment and a lot of parameter and return types have been added (as far as PHP 7.0 allows)
!!! PLEASE NOTE THAT THE NEW VERSION OF OIDPLUS IS NOT COMPATIBLE WITH OLD THIRD PARTY PLUGINS (EXCEPT THE ONES THAT ARE BUNDLED WITH OIDPLUS)
!!! IF YOU HAVE THIRD PARTY PLUGINS INSTALLED (OR WRITTEN YOURSELF), THEN YOU *WILL* RECEIVE ERROR MESSAGES AFTER THE UPDATE
!!! AND NEED TO CHANGE THE METHOD SIGNATURES IN THESE PLUGINS TO MAKE THEM WORK AGAIN. (We can help you with this task if you need help!)
Please note that due to the amount of changes, there could have been a few bugs introduced; please send all bug reports via GitHub or email
and if you have the possibility, it is recommended to test the version of a test system before applying the update on a productive system.
Thank you very much! |
|
1086 |
2023-02-26 01:12:29 |
daniel-marschall |
/trunk/ |
Avoid calling *.class.php files directly to avoid PHP errors (Github Issue #4) |
|
1050 |
2022-12-21 01:13:04 |
daniel-marschall |
/trunk/ |
Huge change in internal code structure!
All OIDplus classes are now in the class namespace "ViaThinkSoft\OIDplus".
!!! WARNING:
!!! All plugins MUST put their classes in a namespace and the constant "INSIDE_OIDPLUS" must not be used anymore.
!!! If you have a third-party plugin installed which is NOT bundled with OIDplus, you MUST update it.
!!! Recommendation: Remove the plugin first, then update OIDplus, then ask the author to change the plugin.
!!! If you have not installed any third-party plugins, then it is safe to update now. |
|
830 |
2022-04-10 23:35:04 |
daniel-marschall |
/trunk/ |
- Security improvement: The private key stored in the database configuration table in the database is now encrypted using a key that will be stored in a file inside userdata ( userdata/privkey_secret.php ).
- !!! ATTENTION: If you have multiple systems access the same database (e.g. you have example.org/oidplus and example.org/oidplus_test ), then the file userdata/privkey_secret.php must kept synchronous between both, otherwise you will lose your private/public key-pair and get a new system-id every time you restart OIDplus !!!
- OIDplus can't connect to databases that are newer than the own program files anymore, avoiding data corruption.
- Changed database version from 205 to 1000. |
|
826 |
2022-04-09 12:03:36 |
daniel-marschall |
/trunk/includes/classes/ |
Fixed wrong hash_pbkdf2 length (has problems with OpenSSL supplement) |
|
699 |
2021-12-17 16:48:07 |
daniel-marschall |
/trunk/ |
The new file edition.ini contains constants which might be useful if somebody wants to fork OIDplus
(However, we would appreciate it if you would try to contribute to the original OIDplus system rather than forking it!) |
|