March 2022 Update

Short update this month.

Work is wrapping up on the IdP V4.2 and OIDC OP plugin V3.1 feature releases. We expect to freeze within the next couple of weeks and should be shipping in late March / early April. Documentation is available on the new OAuth and client authentication features. The OP update will also include support for token-based dynamic client registration. The tokens issued for this can carry metadata policy claims that allow the OP to control what kinds of settings clients can register (e.g., limiting token Scope or controlling response endpoints). We hope to extend this to allowing pre-creation of non-opaque client IDs and adding end-user authentication, which in theory would allow an organization to authenticate developers pre-authorized to register particular clients.

Documentation is (finally) available on use of Jetty 10, which is largely similar or identical to Jetty 9.4 except in the area of access/request logging, which is a bit simpler to set up. The V4.2 release on Windows will include Jetty 10 and this is the generally suggested container now. The Jetty project indicates that 9.4 will be supported to some degree, but may not receive fixes in a timely fashion after April, so moving to 10 is a good idea. It also fully supports Java 17, as does the IdP, which will be the best preparation later on for moving to IdP V5.0 next year.

Work on the OIDC proxying support continues and will be released as a plugin for IdP V4.2 once complete later this year.

V4.2 includes a new set of view templates and stylesheet to (we hope) improve accessibility of the default HTML and make it easier to work with. Some new documentation on how to adapt the default views for local use exists. Obviously this change does not affect upgrades, but may be noticeable when installing plugins or new modules that add views that have not (yet) been customized.

There’s been no progress as of yet on the planned SP redesign.