Skip to content

v3.0.0-beta

Pre-release
Pre-release
Compare
Choose a tag to compare
@leroxyl leroxyl released this 21 Nov 14:00

Changed:

  • renamed configuration parameter for static authentication token

    • json: registerAuth -> staticAuth
    • envconfig: UBIRCH_REGISTERAUTH -> UBIRCH_STATIC_AUTH
  • setting a static authentication token in the configuration is now optional, but mandatory if at least one of the following endpoints is enabled

  • endpoints that require a static authentication token, i.e. identity registration, CSR creation and key de-/re-activation, must be enabled explicitly via configuration parameters:

    • json: enableRegistrationEndpoint envconfig: UBIRCH_ENABLE_REGISTRATION_ENDPOINT (boolean)
    • json: enableCSRCreationEndpoint envconfig: UBIRCH_ENABLE_CSR_CREATION_ENDPOINT (boolean)
    • json: enableDeactivationEndpoint envconfig: UBIRCH_ENABLE_DEACTIVATION_ENDPOINT (boolean)

Added:

  • SQLite database support

    • database driver selection and DSN setting via configuration
      • config.json:
          "dbDriver": "<postgres | sqlite>",
          "dbDSN": "<data source name for database>",
      • env:
        UBIRCH_DB_DRIVER=<postgres | sqlite>
        UBIRCH_DB_DSN=<data source name for database>
    • context migration from legacy context files to SQLite or postgres database
      • migration can be initiated by passing command-line flag --migrate
      • after successful migration, the process will exit with status 0, otherwise 1.
  • endpoints for offline signing and verification functionality

  • individually configurable HTTP client timeouts for requests to upstream servers

    • json: identityServiceTimeoutMs envconfig: UBIRCH_IDENTITY_SERVICE_TIMEOUT_MS (integer)

    • json: authServiceTimeoutMs envconfig: UBIRCH_AUTH_SERVICE_TIMEOUT_MS (integer)

    • json: verifyServiceTimeoutMs envconfig: UBIRCH_VERIFY_SERVICE_TIMEOUT_MS (integer)

    • json: verificationTimeoutMs envconfig: UBIRCH_VERIFICATION_TIMEOUT_MS (integer)

    • if timeout values are not set in the configuration, the following default values will be used

      defaultIdentityServiceTimeoutMs = 10_000
      defaultAuthServiceTimeoutMs     = 2_000
      defaultVerifyServiceTimeoutMs   = 600
      defaultVerificationTimeoutMs    = 2_000
      
  • added support for persistent storage of external identities in order to verify UPPs in offline mode without need of retrieving public key from UBIRCH identity service

Removed:

  • removed postgresDSN configuration parameter (replaced by dbDSN / UBIRCH_DB_DSN)

    • config.json:
        "postgresDSN": "<data source name for postgres database>",
    • env:
      UBIRCH_POSTGRES_DSN=<data source name for postgres database>
  • deprecated support of database schema migration for postgres