May 2023 Update

Created by Scott Cantor
May 09, 2023
2 min read

Work is complete on the next version of the OP plugin and the first version of the RP proxy plugin and the releases are imminent, probably this week. A ton of effort has gone into these releases, with a large amount of code refactoring to polish some rough edges in the original OP code base and to facilitate the necessary overlap between the two by moving code out of the OP and into the OIDC Commons plugin. These versions also depend on a new shared plugin that houses the overlapping system configuration allowing the two plugins to potentially co-exist in the same IdP.

I’m expecting a few bumps along the way, but in testing things have worked together safely, and I suspect the bigger challenge will be the joint evolution of the two plugins in the future and the need to avoid a constant lockstep revision of the two. API stability will be critical in maintaining runtime compatibility. For now, this is a future problem because all of these plugins will require updates to work with IdP V5, so lockstep it is for the time being. Once these releases are done, we’ll be able to fork them to begin the V5 porting process.

On that subject, we’re starting to work through the backlog of V5 issues so we can get to something resembling a stable alpha to start testing in some real world scenarios, testing installs and upgrades, etc. The process of cloning and updating the documentation has also started, though we have not made the new material public yet to limit confusion. We will prepare release notes are open the material to the public soon, certainly before any “stable” prerelease testing begins.

There are a couple of fairly “visible” changes coming to the upgrade process. At the request of various deployers, we are moving essentially all of the installed files that are not currently part of an optional module into a new “core” module that will manage the bulk of the configuration. The installer will enable this module automatically, but for upgrades it will be re-enabled like all installed modules are, creating inactive copies of the new versions of the files alongside the originals. Thus, virtually all files will have new “default” versions alongside them, simplifying the task of comparing things after upgrades. We are also versioning the “.idpnew” files created with a numeric suffix, allowing different upgrades over time to be distinguished if the inactive files are left in place.

At the current pace, I expect it to take most of the summer to wrap up work on this release and update all the plugins so a Q3 release is the most likely guess at this point.