BREAKING CHANGES: After battling with [spf13/viper](https://github.com/spf13/viper) for several years we finally found a viable alternative with [knadh/koanf](https://github.com/knadh/koanf). The complete internal configuration infrastructure has changed, with several highlights:
1. Configuration sourcing works from all sources (file, env, cli flags) with validation against the configuration schema, greatly improving developer experience when changing or updating configuration.
2. Configuration reloading has improved significantly and works flawlessly on Kubernetes.
3. Performance increased dramatically, completely removing the need for a cache layer between the configuration system and ORY Hydra.
4. It is now possible to load several config files using the `--config` flag.
5. Configuration values are now sent to the tracer (e.g. Jaeger) if tracing is enabled.
Please be aware that deprecated configuration flags have finally been removed with this change. It is also possible that ORY Hydra might complain about an invalid configuration, because the validation process has improved significantly.
This patch significantly refactors internal configuration and service management with the goal of making configuration changes possible without service restarts. This patch prepares the possibility to configure ORY Hydra from a remote source (etcd, consul) and watch for changes. This patch also introduces the possibility to configure ORY Hydra from a configuration file on top of environment variables.
The following issues have been fixed as well:
- Key rotation of the system secret is now much simpler (closes#1316)
- Database connectivity parameters such as max_conns no longer cause issues with older postgres versions (closes#1327)
- Non-existing routes now return a JSON error instead of `text/plain` when `application/json` was requested (clsoes #1244)
- We now push tags latest, X, X.Y, X.Y.Z to docker hub (closes#1289)
- The quickstart guide no longer builds the source code but instead pulls latest tag (closes#1309)
- We moved to goreleaser and godownloader for release management (closes#1107)
- The quickstart Docker Compose files are now reusable (closes#1196)
The following issues are also resolved:
- Closes#1121
Signed-off-by: aeneasr <aeneas@ory.sh>
This patch makes significant changes to the consent flow. First,
the consent flow is being renamed to "User Login and Consent Flow"
and is split into two redirection flows, the "User Login Redirection Flow"
and the "User Consent Flow".
Conceptually, not a lot has changed but the APIs have been cleaned up
and the new flow is a huge step towards OpenID Connect Certification.
Besides easier implementation on the (previously known as) consent app,
this patch introduces a new set of features which lets ORY Hydra
detect previous logins and previously accepted consent requests. In turn,
the user does not need to login or consent on every OAuth2 Authorize Code
Flow.
This patch additionally lays the foundation for revoking tokens per
user or per user and client.
Awesome.
Closes#771Closes#772
Arne Luenser
Kevin Goslar
hackerman
hackerman
arekkas