@mashroom/mashroom-security-provider-ldap
Advanced tools
Changelog
2.2.1 (November 4, 2022)
- Portal: Fixed the MashroomPortalMessageBusInterceptor signature and behaviour: It should be possible to change the event data by just returning a different value; but if the interceptor function returns nothing the data should stay untouched (was set to undefined before)
- Admin Toolbar: Minor style fixes
Changelog
2.2.0 (November 4, 2022)
-
Portal: Fixed the problem that users were kicked out of the Portal when requests to /api/users/authenticated/authExpiration failed (see issue #99)
-
Portal: Added support for server-side rendering of Composite Apps, which use other Portal Apps as their building blocks. It is now possible to define embedded Portal Apps in the SSR bootstrap like so:
const bootstrap: MashroomPortalAppPluginSSRBootstrapFunction = async (portalAppSetup, req) => { // Generate server-side HTML that contains a <div id="unique-host-element-id"></div> const html = renderToString(<App/>); return { html, embeddedApps: [ { pluginName: 'The other App', appConfig: {}, appAreaId: 'unique-host-element-id', } ] }; };In the Composite App make sure you don't call
portalAppService.loadApp()for that already integrated App, instead you can get the appId of the server-side embedded App like this to unload/reload it later:const ssrPreloadedApp = portalAppService.loadedPortalApps.find(({ pluginName, portalAppAreaId }) => pluginName === 'The other App' && portalAppAreaId === 'unique-host-element-id'); let appId; if (!ssrPreloadedApp) { // SSR failed, load client-side const result = await portalAppService.loadApp('host-element-id', 'The other App', null, null, {}); if (!result.error) { appId = result.id; } } else { appId = ssrPreloadedApp.id; }Checkout the mashroom-portal-demo-composite-app package for a working example.
NOTE: You have to make sure the embedded Apps aren't removed by the render framework during hydration, in React you have to add
dangerouslySetInnerHTML={{ __html: '' }}to nodes whose children shall be ignored during hydration -
Kubernetes Remote App Registry:
- Support for multiple Namespace and Service label selectors
- For duplicate Portal Apps the active one is now more deterministic and depends on the namespace lookup (check the README in the mashroom-portal-remote-app-registry-k8s package)
- For multiple Portal Apps per service: if one definition is invalid the other ones will be activated nevertheless
- Support for duplicate service names in different namespaces
- If a service gets removed all Portal Apps are unregistered immediately (without delay)
-
Remote App Registry: For multiple Portal Apps per endpoint, if one definition is invalid the other ones will be activated nevertheless
-
Core: Removed the forcefully stopping of the server after 5sec because this may interrupt pending requests. It also makes in impossible to increase the shutdown period via terminationGracePeriodSeconds on Kubernetes
-
Prometheus Exporter: Added support for Node.js clusters. It is now possible to use prom-client's AggregatorRegistry to gather the metrics in the master process and also to get the worker metrics within a PM2 cluster. Check out the README in the mashroom-monitoring-prometheus-exporter module for details
-
BREAKING CHANGE: Renamed the plugin mashroom-http-proxy-add-id-token to mashroom-http-proxy-add-access-token because access tokens should be used to make API requests on behalf of a user
-
Core: Failing ready and health probes log now the causes. This is helpful on Kubernetes when the Admin UI is not available if the ready probe fails
-
Added a SolidJS demo Portal App (Microfrontend)
-
Portal: BREAKING CHANGE: Themes must set now a CSS variable with the (fontawsome compatible) icon font, like so:
:root { --mashroom-portal-font-icon: 'Font Awesome 6 Free'; } -
Portal: Dropped support for IE11 (and all legacy browsers which don't support ES6)
-
Admin Toolbar: Upgrade to CodeMirror 6 with autocomplete support in the CSS editor
-
Admin Toolbar: Cleanup the DOM properly after a drag ends
Changelog
2.1.3 (July 2, 2022)
- Simple Security Provider, LDAP Security Provider: Prevent a redirect loop if the user has no permission to access the login page
Changelog
2.1.2 (June 14, 2022)
- Sandbox App, Admin Toolbar: Make sure the chunks get new names when the content changes to avoid problems with browser caching
- Error Pages: Don't show an error page if the response has content type application/json
- Core: The health and readiness probes return now a JSON with the actual errors
Changelog
2.1.0 (June 13, 2022)
-
Portal: Re-check authentication expiration at least every 60sec, so, if the session for some reason expires (or gets revoked) the user will get notified faster.
-
Core: Dropped Node.js 12.x support
-
Portal: Prevent a loop if error messages can not be sent to the server
-
MongoDB Session Provider: BREAKING CHANGE: Changed config structure to be able to pass parameters to connect-mongo, such as ttl and autoRemove.
Before:
{ "uri": "mongodb://username:password@localhost:27017/mashroom_session_db?connectTimeoutMS=1000&socketTimeoutMS=2500", "collection": "sessions", "connectionOptions": { "poolSize": 5 } }After:
{ "client": { "uri": "mongodb://username:password@localhost:27017/mashroom_session_db?connectTimeoutMS=1000&socketTimeoutMS=2500", "connectionOptions": { "poolSize": 5 } }, "collectionName": "sessions", "ttl": 86400 } -
Redis Session Provider: BREAKING CHANGE: Changed config structure to be able to pass parameters to connect-redis, such as prefix and ttl. Setting prefix on this level instead of the Redis client level fixed the session count metric, which was broken.
Before:
{ "redisOptions": { "host": "localhost", "port": "6379", "keyPrefix": "mashroom:sess:" }, "cluster": false }After:
{ "client": { "redisOptions": { "host": "localhost", "port": "6379", }, "cluster": false }, "prefix": "mashroom:sess:", "ttl": 86400 } -
Admin Toolbar: Only allow valid characters (according to RFC 3986) in Routes
-
Admin Toolbar: Added checkbox for client-side routing and renamed friendlyUrl to Route because that's more what it is.
-
Portal: Added support for client-side routing. If you enable it everything appended to the page URL is ignored.
-
Portal: Added new property portalAppHost to the log context of Remote Portal Apps
Changelog
2.0.7 (June 2, 2022)
- Portal: Switched to cache-control public for App resources, even for authenticated users
- Portal: Fixed cache busting. The v=xxx query parameter is now constant for a plugin version (if the Portal ist not in dev mode). You should now replace lastThemeReloadTs with themeVersionHash in your themes.
- Security Service: Don't log an error for AJAX requests to restricted resources (just return 403)
Changelog
2.0.6 (June 1, 2022)
- Remote App Registry and K8S Remote App Registry: Fixed registering Apps of type portal-app2 without SSR capability
- HTTP Proxy: Added a retry if the target resets or drops the connection (ECONNRESET) which can happen when:
- keepAlive is activated and a reused connection is broken already (see https://nodejs.org/api/http.html#requestreusedsocket)
- a Pod/instance is no longer/not yet available
- HTTP Proxy: Fixed handling of client connection termination. Among others the misleading error message 'Target endpoint did not send a response within xxxxx' will no longer be logged in the case the client dropped the connection.
- Portal: State encoded in URL via MashroomPortalStateService is encoded/decoded now
Changelog
2.0.5 (Mai 20, 2022)
- Portal: The resource and the proxy target URLs of Remote Apps can now overlap as long as requested resources have an extension.
E.g.: If your plugin definition looks like this:
the Portal will calculate a resource base URL http://yourhost.com/ and a base URL for the bff proxy of http://yourhost.com/, so they overlap. Now you can request a resource /index.js with this setup, previously you couldn't, because the Portal has treated it as an attempt to fetch API data via (potentially less protected) resource request.{ "name": "My Remote App", "type": "portal-app2", "remote": { "resourcesRoot": "/" }, "defaultConfig": { "proxies": { "bff": { "targetUri": "http://localhost:6089" } } } } - Security Service: Start authentication flow (e.g. redirect to the login page) only for GET and non-Ajax requests
Changelog
2.0.4 (Mai 9, 2022)
- Remote App Registry and K8S Remote App Registry: Show Apps with errors on top of the list in the Admin UI
- K8S Remote App Registry: The Admin UI shows now all successfully registered Apps even if scanning some namespaces fails due to missing permissions