newCASv21.0.0-alpha

Web Flow Updates, Institution SSO and FE Rework

• Login and logout web flow fixes and improvements
• Fully functional institution SSO, BE and FE
• FE rework and UI / UX improvements
• Institution SSO migration
• Terms of Service consent check
• SonarCube integration

newCASv20.1.0-alpha

OSF CAS second release with FE re-design, BE improvements and DevOps updates

• FE

  • Refactored styles to be consistent with both OSF and oldCAS
  • Rewrote how authentication delegation info is retrieved and used
  • Improved the behavior of inline error messages in login forms
  • Added new / Rewrote existing authentication exception pages
  • Improved UI / UX in responsive mode and on various screen dimensions

• BE

  • Implemented a dedicated OSF CAS login context and a couple of pre-login
    check actions to support ORCiD login and institution SSO
  • Implemented ORCiD sign-up auto-redirect for OSF

• DevOps

  • Updated tomcat server to work with its enclosing Shibboleth server
  • Separated staging / production and local configurations
  • Rewrote cas.properties into a helm charts template
  • Improved build / run / reload for local development

• Other

  • Replaced Apereo branding with COS / OSF in multiple places

newCASv20.0.0-pre-alpha

Basic authentication features for OSF

• Username and password login

• Username and verification key login

• Two-factor authentication

• Long-term authentication

• ORCiD login

Technical details

• JSON service registry

• JPA ticket registry with PostgreSQL

• JPA PostgreSQL authentication backend

• Customized login web flow and authentication including

  • OSF credential and metadata populator
  • OSF non-interactive authentication action
  • OSF PostgreSQL authentication handler
  • Pac4j authentication delegation
  • Two-factor authentication using time-based one-time password
  • Customized authentication exception handling
  • Customized user interface