6.5.0

A bit of everything release. Most notable changes are:

Features and bugfixes

• The logout page was styled #1097
• The IdP SSO endpoint URI used for EngineBlock authentications is now logged #1095
• Translation log-spam issues where resolved #1096
• Translation override issues where addressed #1098
• Accessability improvements have been applied to the WAYF #1099

6.4.7

Features and fixes

• Replaced the SURFnet favicon by the openconext one
• Keep the WAYF operable when syncing cookies.
• Add logging to ValidateMfaAuthnContextClassRef command.
• Tweak NL language.
• Correct display of tooltip for group attributes.
• Avoid double encoding logo url for attribute source.
• Ensure images after search are ok in IE11.
• Prevent logo flicker in FF whenever possible.
• Ensure Idps after sync are deletable.
• Prevent Idp-row logo from overlapping with text.

Security

• Replaced the composer dependency for the security checker (no longer working) with a local one.

6.4.6

Features and fixes

• Fixed disabled button being shown in the remaining section for non-disabled accounts on IE11
• Added a check to see if there is a focused element before the check to see if the focus is on an arrow item.
• Cleaned up forgotton debug code.

6.4.5

Features and fixes

• Repaired search in IE
• Fixed a visual regression with the previously selected section where the edit button was on it's own line.

6.4.4

Features and fixes

• Fixed overflow issue in IE11 for disclaimerlist.
• Updated the text for the PEP page.

6.4.3

Security update

• Bumped socket.io version.

Features and fixes

• Ensured hitting the reset button on the WAYF shows the default IDP
• Ensured that if you click the default idp, it prefills it in the search field, hides all other idps and focuses it.
• Remove weird transition in safari.
• Ensured search works in IE11.
• Amended faulty arrow behaviour.
• Ensured selected idp cookie behaviour works as expected.
• Redesigned the spinner page (form page).
• Added a hover style for disabled accounts.
• Added arrow behaviour on hover as in the old WAYF.
• Coupled cypress tests to the same selectors as the JS.
• Adjusted styling & wording of the PEP page.

6.4.2

Security Update

A bug was present when using trusted proxies. When evaluating the whitelist of the SP behind a trusted proxy, the whitelist of the trusted proxy itself was checked instead of the whitelist of the SP.

In addition to this, some of the translations for the new theme have also been updated

6.3.7

Security Update

A bug was present when using trusted proxies. When evaluating the whitelist of the SP behind a trusted proxy, the whitelist of the trusted proxy itself was checked instead of the whitelist of the SP.

6.4.1

Features and fixes

• The index, debug and cookie pages have been styled to prevent the mixed new and old style that happened. They now all look like the previous OpenConext theme used to look.
• Security and compatibility improvements have been applied.
• The new theme is now the default theme

6.4.0

This release consists of the UI redesign of the WAYF, Consent and other user facing screens.
The complete list of changes is excessive. Details can be found on GitHub under the ui-redesign tag. Some highlights include:

Features

• Complete redesign of the WAYF
  • The WAYF now includes an optional default IdP banner, making advertising a default IdP possible (eduId)
  • The WAYF is optimized for keyboard navigation
• Redesigned the consent screen
  • The previously optional minimal consent screen is now the default
  • Tooltips are now pure HTML/CSS, no eternal JS libraries are used
  • Keyboard navigation was improved greatly
• Both the WAYF and the consent screen are optimized for the optically or visually impaired. The interface is not yet audited, but a WCAG 2.1 AA is to be expected.

Most, if not all important features are included in this release. For now it is targeted for test, so this is considered a pre-release.