v0.7.0

Changelog

Features

• 3a9006e: feat: associate OAuth clients with user IDs throughout the system (@appleboy)
• 4bb5ffd: feat: strengthen device code security and switch to hash-based storage (#23) (@appleboy)
• 7d2b293: feat: add pagination and search to session and client listings (@appleboy)
• 3425258: feat: display OAuth client creators and enhance admin client list UI (@appleboy)
• 615d1e6: feat: switch client descriptions from tooltip to collapsible panel (@appleboy)
• e70344f: feat: add configurable, documented rate limiting across OAuth endpoints (#25) (@appleboy)
• 797c182: feat: add Microsoft Entra ID OAuth support and documentation (#26) (@appleboy)
• 747fe75: feat: add environment-based configuration and secure session handling (@appleboy)
• 06a8841: feat: introduce comprehensive audit logging across core services (#27) (@appleboy)
• 67c3145: feat: migrate site rendering to templ components (@appleboy)
• 6a7d1b4: feat: migrate OAuth client pages to typed component-based templates (@appleboy)
• 1578e73: feat: migrate admin clients and sessions pages to Templ components (@appleboy)
• 1451842: feat: migrate HTML templating to type-safe templ templates (@appleboy)
• 5bf8aad: feat: modernize device auth templates with enhanced UI and accessibility (@appleboy)

Bug fixes

• 144e56a: fix: refine HTTP error handling and error classification (@appleboy)
• 9cc7922: fix: improve session management and username retrieval for devices (@appleboy)
• 72e590a: fix: enforce strict redirect URL validation across authentication flows (@appleboy)

Enhancements

• e0e1b3f: chore: update HTTP client dependencies to latest versions (@appleboy)
• 6a76959: chore: adopt improved HTTP retry mechanism and update dependency (@appleboy)

Refactor

• 7c0845a: refactor: refactor HTTP API providers and update dependency versions (#22) (@appleboy)
• 1e62567: refactor: refactor client to support insecure TLS via httpclient options (@appleboy)
• ff1eafb: refactor: refactor retry client logic into reusable internal package (@appleboy)
• 84e7317: refactor: migrate to OAuthApplication model with array redirect URIs (#24) (@appleboy)
• c408205: refactor: redesign UI with unified nav, design system, and improved theming (@appleboy)
• a975962: refactor: use typed constants for audit log event types (@appleboy)
• 58703fd: refactor: simplify batch flush by removing redundant mutex operations (@appleboy)
• 1ae1586: refactor: refactor pagination to use shared partial templates (@appleboy)
• a48a318: refactor: serve static assets from templatesFS under unified file path (@appleboy)
• 48ba93e: refactor: migrate audit logs page to templ component-based rendering (@appleboy)
• 73c3e21: refactor: modularize frontend assets and unify page layouts (@appleboy)

Build process updates

• 3f80acb: build: add generate step as prerequisite for running tests (@appleboy)
• 368d070: build: enforce code generation step for all Linux build targets (@appleboy)
• 650dd60: ci: run code generation as a prerequisite for linting (@appleboy)
• ee5197d: build: add make generate to pre-build automation (@appleboy)

Documentation updates

• 7898be1: docs: refactor architecture docs for clarity and conciseness (@appleboy)

Others

• dd1291e: style: modernize UI templates and styles across account and admin pages (@appleboy)

v0.6.0

Changelog

Features

• ff40396: feat: add third-party OAuth login and extend user authentication (#20) (@appleboy)
• 10c61d6: feat: enforce configurable OAuth auto-registration for new users (@appleboy)

Bug fixes

• 9a34b4e: fix: generalize authentication error messaging (@appleboy)
• fededa7: fix: encode OAuth redirect URLs for safe special character handling (@appleboy)

Enhancements

• d21f3f9: chore: adopt external library for random string generation (@appleboy)
• 1bf3251: chore: update go-httpclient dependency to v0.5.0 (@appleboy)

Refactor

• 6ec3fd2: refactor: make OAuth user creation fully transactional and atomic (@appleboy)
• c85b486: refactor: refactor OAuth client to use go-httpclient library (@appleboy)

v0.5.0

Changelog

Features

• 29048ad: feat: enhance AuthGate CLI configuration and usage documentation (@appleboy)
• e448238: feat: add support for multiple client IDs in token management (#17) (@appleboy)
• 65ff322: feat: handle refresh token expiration with automatic re-authentication (@appleboy)
• e98e806: feat: ensure reliable concurrent token file access with file locking (#18) (@appleboy)
• 1b2fb71: feat: harden HTTP client security and error handling throughout codebase (@appleboy)
• d02f46f: feat: improve OAuth device flow polling reliability and RFC compliance (@appleboy)
• 9749d59: feat: improve OAuth token handling and validation (@appleboy)
• bd527db: feat: implement per-request HTTP retries with exponential backoff (#19) (@appleboy)
• 98a83e3: feat: introduce configurable HTTP client with robust retry support (@appleboy)
• adbf727: feat: add configurable HTTP and Token API retry with backoff (@appleboy)

Bug fixes

• 5e40911: fix: persist refreshed tokens and warn on save failures (@appleboy)

Enhancements

• 8de2120: chore: enforce UUID validation for CLIENT_ID input (@appleboy)
• 68dc96a: chore: update Go version requirement in module configuration (@appleboy)
• a13a1f9: chore: update go-httpretry to v0.3.0 (@appleboy)
• 7fc993c: chore: update HTTP client dependencies to version 0.4.0 (@appleboy)
• 276f810: chore: bump go-httpretry dependency to v0.4.0 (@appleboy)

Refactor

• cbd812d: refactor: refactor token persistence logic after rotation (@appleboy)
• 53955ce: refactor: adopt go-httpretry for HTTP client retries and backoff (@appleboy)
• 439b01d: refactor: improve error handling for retry client initialization (@appleboy)

Build process updates

• 374c04d: build: add build targets for CLI and multi-arch binaries (@appleboy)

Documentation updates

• aca10df: docs: standardize AuthGate Architecture section naming (@appleboy)
• 429e177: docs: document exponential backoff, security, and troubleshooting improvements (@appleboy)
• 72af9dd: docs: revamp and clarify documentation feature sections (@appleboy)

Others

• 3704dc5: test: expand HTTP API authentication test coverage (@appleboy)

v0.4.0

Changelog

Features

• 5ba77ef: feat: add session management UI and endpoints with status badges (@appleboy)
• 36057d3: feat: add configurable service-to-service authentication for APIs (#15) (@appleboy)

Refactor

• 0244514: refactor: simplify scope splitting using strings.Fields (@appleboy)
• 5f298c2: refactor: clean up unused imports and variables in token management (@appleboy)
• d5345c5: refactor: add context support to token service APIs and related tests (@appleboy)
• 3a4a0be: refactor: switch to external go-httpclient for authentication handling (#16) (@appleboy)
• 8b3a871: refactor: refactor session permission checks using a validation helper (@appleboy)

v0.3.0

Changelog

Features

• 1316b1c: feat: add multi-database support with driver factory and new config (#10) (@appleboy)
• 721417a: feat: add hybrid authentication with pluggable providers (#12) (@appleboy)
• dae4d35: feat: introduce pluggable token providers with selectable validation modes (#13) (@appleboy)
• f2acdbe: feat: add robust OAuth2 refresh token support and management (#14) (@appleboy)

Enhancements

• de268c2: chore: update and maintain project dependencies (@appleboy)

Refactor

• 55b5372: refactor: refactor authentication modes and improve token provider tests (@appleboy)

Build process updates

• 4086d6d: ci: refactor Trivy workflow for clarity and enhanced security scanning (@appleboy)

Documentation updates

• 8ef2c8c: docs: improve documentation clarity and security references (@appleboy)
• b32514a: docs: enhance documentation for username conflict errors (@appleboy)

v0.2.0

Changelog

Features

• 6dd95b3: feat: add comprehensive admin panel for OAuth client management (#8) (@appleboy)
• 45a0ee1: feat: switch client admin notifications to session-based flash messages (@appleboy)
• dcd5159: feat: add CSRF protection and enhance session error handling (@appleboy)
• 9a40932: feat: generate and log random admin password at startup (@appleboy)
• 34351ea: feat: standardize contributor workflow and OAuth device code support (@appleboy)
• a0b705a: feat: add user-facing token and session management features (#9) (@appleboy)

Bug fixes

• 99a95c9: fix: improve device code flow error handling and client activity checks (@appleboy)

Enhancements

• 82883ae: chore: no changes detected in this pull request (@appleboy)

Documentation updates

• 6c61b13: docs: document random admin password generation and usage (@appleboy)
• 1c205f7: docs: add RFC 8628 reference for device code grant type (@appleboy)

Others

• b2b721d: test: add comprehensive tests for device authorization and token flows (@appleboy)

v0.1.0

Changelog

Features

• f08d031: feat: require explicit subcommands and update usage documentation (Bo-Yi Wu appleboy.tw@gmail.com)
• 3c8d64c: feat: rename app and add detailed version display functionality (Bo-Yi Wu appleboy.tw@gmail.com)
• 138b463: feat: improve CLI verification UX with direct link and user code tips (Bo-Yi Wu appleboy.tw@gmail.com)
• 96726e9: feat: display OAuth client name during device authorization flow (Bo-Yi Wu appleboy.tw@gmail.com)
• f888967: feat: add graceful shutdown to HTTP server (Bo-Yi Wu appleboy.tw@gmail.com)
• be2e6ba: feat: implement OAuth 2.0 device authorization flow (Bo-Yi Wu appleboy.tw@gmail.com)

Bug fixes

• ddf0622: fix: add HTTP server timeouts to prevent Slowloris attacks (Bo-Yi Wu appleboy.tw@gmail.com)
• 981e140: fix: improve error handling and code readability (Bo-Yi Wu appleboy.tw@gmail.com)

Enhancements

• bd8ac1c: chore: update gitignore to exclude .claude files (Bo-Yi Wu appleboy.tw@gmail.com)

Refactor

• 0fd7f8a: refactor: restructure project to use internal directory and update imports (Bo-Yi Wu appleboy.tw@gmail.com)
• b4210ba: refactor: refactor OAuth device flow using standard oauth2 library (Bo-Yi Wu appleboy.tw@gmail.com)

Build process updates

• 1cf86e4: build: add version tagging and labeling to Docker images and workflow (Bo-Yi Wu appleboy.tw@gmail.com)
• 8593eb5: ci: remove permissions section from Docker workflow (Bo-Yi Wu appleboy.tw@gmail.com)
• 9c5acd9: ci: add security permissions to Docker GitHub workflow (Bo-Yi Wu appleboy.tw@gmail.com)
• 85c2c7e: ci: remove Windows from CI testing matrix (Bo-Yi Wu appleboy.tw@gmail.com)
• 6579891: ci: upgrade GitHub Actions dependencies to latest versions (Bo-Yi Wu appleboy.tw@gmail.com)
• b066f00: ci: update actions/setup-go from v5 to v6 in GitHub workflows (Bo-Yi Wu appleboy.tw@gmail.com)
• 5a70362: ci: upgrade CI tools and Go version requirements (Bo-Yi Wu appleboy.tw@gmail.com)
• f6683b2: ci: set up CI/CD and security workflows for GitHub repository (Bo-Yi Wu appleboy.tw@gmail.com)
• 3a6bd9f: build: containerize AuthGate application with embedded resources (Bo-Yi Wu appleboy.tw@gmail.com)
• bc5a1c8: build: rename project to authgate and update build infrastructure (Bo-Yi Wu appleboy.tw@gmail.com)

Documentation updates

• 05bd59a: docs: clarify and prioritize user authorization instructions (Bo-Yi Wu appleboy.tw@gmail.com)
• 0d5923b: docs: document user interface and authorization flow with visuals (Bo-Yi Wu appleboy.tw@gmail.com)
• c092dcf: docs: revamp and expand documentation for deployment and operations (Bo-Yi Wu appleboy.tw@gmail.com)
• 81de094: docs: revise API documentation and improve endpoint clarity (Bo-Yi Wu appleboy.tw@gmail.com)
• 56e0fa2: docs: expand documentation and add health check endpoint (Bo-Yi Wu appleboy.tw@gmail.com)
• 5562330: docs: update README badges to include security scanning and testing (Bo-Yi Wu appleboy.tw@gmail.com)
• 20e31e6: docs: update README feature list formatting to use bullet points (Bo-Yi Wu appleboy.tw@gmail.com)
• 7b7f1de: docs: add AuthGate documentation with OAuth 2.0 implementation details (Bo-Yi Wu appleboy.tw@gmail.com)
• 78b8221: docs: add project documentation and improve CLI example structure (Bo-Yi Wu appleboy.tw@gmail.com)

Others

• 8a7c304: Initial commit (Bo-Yi Wu appleboy.tw@gmail.com)