Trivore ID 5 changelog (alpha)
Version 5 of Trivore ID is an experimental set of releases. It is not recommended for production use. Use Version 4 for production services.
Version 5 uses new application and user interface frameworks. It has the same features as the Version 4 releases do.
Upgrade instructions
Review Important Upgrade Notes for version specific upgrade instructions.
Release 5.11.0
Released 2024-11-25.
New features
- ONEP-2421 The web dashboard now features enhanced warning notifications for critical configuration issues, addressing previous gaps in awareness. Admin users can view alerts alongside actionable recommendations. This improvement streamlines the monitoring of system health and paves the way for future developments in health management functionalities.
- ONEP-3063 Added the ability to manually verify phone numbers and email addresses for testing purposes.
- ONEP-3442 Added a new UI validation view for the Kafka connection status within the System Preferences / Maintenance section.
- ONEP-3563 Added the manage "nicknamesAllowed" and "allowUserInvite" fields in the Namespace API.
- ONEP-3576 Added support for SMS Eagle messaging gateways, enabling text messages to be routed through the SMS Eagle device. This integration facilitates the use of the SMS Eagle API as a messaging gateway, enhancing messaging capabilities without relying on cloud services.
Bug fixes
- ONEP-3054 Webhook editor's user group selection field now better supports large numbers of groups. Users can now successfully select user accounts from an extensive list of groups without encountering errors.
- ONEP-3325 Improved stability of user search when searching by consent information.
- ONEP-3526 The issue regarding role namespace access in the ID UI has been resolved. Previously, if a namespace that a role had access to was deleted, it caused the namespace access management feature in the UI to break.
- ONEP-3527 Fixed an issue with password expiration handling for users logging in via an external directory. Previously, users were prompted to change their password immediately after login, even if they did not know their initial password, leading to login failures.
- ONEP-3543 Resolved an issue where editing the New namespace default settings resulted in an error.
- ONEP-3556 Addressed the omission of the apartment letter in the streetAddressDisplay field in certain cases.
- ONEP-3583 Removed a detected security issue where it was possible for an user to view a list of all other users in their namespace, even without the required permission.
- ONEP-3603 Fixed an issue where saving a DVV connection profile's log keys would inadvertently erase all log keys associated with that profile.
- ONEP-3607 Fixed an issue that prevented logging of object creator in certain cases.
Improvements
- ONEP-2884 Added the ability to enable and disable OIDC clients, allowing for similar functionality to the management APIs. Users can now easily manage the availability of OIDC clients within the system.
- ONEP-3521 Added validation to ensure that the SAML request ID matches the InResponseTo parameter of the original request. This enhancement helps prevent replay attacks, providing an additional layer of security for SAML transactions.
- ONEP-3535 Added the capability to create custom OIDC Claims based on User's Custom Fields.
- ONEP-3555 Contact addresses are now shown even when Protection Order is active.
- ONEP-3564 Implemented a optional feature to the MFA authentication process, allowing users to receive email or SMS codes automatically without needing to click a confirmation button when only one MFA method is available.
- ONEP-3573 The /dvv/lookup/identity REST API has been updated to include the person's home address in the response.
- ONEP-3584 Update OpenSAML libraries to latest available version
- ONEP-3587 Implemented a REST API for performing mass updates of DVV basic information across all users in a namespace, or for members of a specific DVV group.
Customer specific
- ONEP-3411 Customer specific user-interface feature for blocking subscriptions
- ONEP-3463 Customer specific REST endpoint for creating new users
- ONEP-3508 Customer Specific / Added metrics for OPH Koski lookups, handling error reporting differently
Release 5.10.0
Released 2024-10-28.
New features
- ONEP-2887 ID service setup / initialisation has customisation options + dialog
- ONEP-3294 Metrics collected on webhook activities
- ONEP-3460 Add support for LinkMobility SMS gateway
- ONEP-3533 ID service bootstrap based on bootstrap config file
Bug fixes
- ONEP-3481 Roles view list shows deprecated permissions for roles
- ONEP-3511 Access tokens failed to deactivate under certain conditions during Logout
- ONEP-3540 Scheduled tasks "Delete inactive users" doesn't delete all inactive users
Improvements
- ONEP-3454 Properly handle duplicate key exception when creating new user directory link via REST API
- ONEP-3488 User creation (POST) and update (PUT) APIs return a list of validation errors if multiple validation issues arise during operation
- ONEP-3522 Update dependencies for 5.x
- ONEP-3534 Improve user searchText filtering for multipart firstname or lastname
- ONEP-3568 Update Jersey dependencies
Customer specific
Release 5.9.0
Released 2024-09-30.
New features
- ONEP-3324 Add a tool to find if Custom Role is assigned directly to Users
- ONEP-3509 Implement OP-tunnistuspalvelu test environment
- ONEP-3510 Add Users API support for filtering by 'locked' status
- ONEP-3517 Implement endpoint for signed JWKS keys
- ONEP-3518 Implement Entity Statement for OP tunnistuspalvelu
- ONEP-3519 Implement automatic rotation for OpenID signing and encryption keys
Bug fixes
- ONEP-3258 Handle error logging for certain network issues better
- ONEP-3437 Password change API interface does not work as expected when using access token and returns excess information without requiring the current password for the call
- ONEP-3438 Improve password change API interface responses when current password is missing or invalid
- ONEP-3468 Fixed cache load exception in maintenance settings view
- ONEP-3469 Fixed issue which happens after login in some cases
- ONEP-3483 Management API client view list status needs new filtering and statuses
- ONEP-3486 Include 'minor' field when migrating user between namespaces
- ONEP-3499 User search with pagination returns duplicates on different pages when sorting by a field with common values
- ONEP-3542 Fixed metadata fetching for Azure AD user directories
Improvements
- ONEP-3421 Webhook from "failed" strong identification
- ONEP-3443 Support DVV information types KotimainenYhteysosoite and UlkomainenYhteysosoite
- ONEP-3461 Sentry maintenance UI: Improve Sample rate value readability
- ONEP-3471 DVV Connection Profile Editor: Remove HTTP Header compatibility requirement from Username and Password fields
- ONEP-3480 Use more secure LoginToken 'token' value
- ONEP-3482 New Management API client does not have access-to-namespace field filled automatically
- ONEP-3491 UI: Add a confirmation dialog to Locking and Unlocking account actions
- ONEP-3494 Auto-filled registration form fields read-only is configurable
- ONEP-3497 Disable cache for SAML SP metadata download
- ONEP-3500 Adjust resolution of internal uptime determination to reduce overhead
- ONEP-3501 Document userId field in user directory link REST endpoint
- ONEP-3506 Add filtering by Account Type to the Accounts view
Customer specific
- ONEP-3479 New fields to identifier history objects
Release 5.8.0
Released 2024-09-09.
New features
- ONEP-3329 Import/Export feature to System local translations
- ONEP-3446 Support for dynamically linking accounts with user directory
- ONEP-3462 Support for manually linking single account with user directory from UI
Bug fixes
- ONEP-3449 UserDirectoryResource encrypts link ID when required
- ONEP-3484 Fixed user filtering by mobile number via REST
- ONEP-3487 SMS routes use route specified sender address instead of cached one
- ONEP-3489 External login does not update username if it already matches policy
Improvements
- ONEP-3330 Log user logout action
- ONEP-3451 Strong identification on external login registration
- ONEP-3453 Search user directory links by encrypted authId
- ONEP-3502 Handle password reset for users imported from external user directory
Release 5.7.0
Released 2024-08-19.
New features
- ONEP-3413 Option to schedule activation and deactivation for Management API clients
Bug fixes
- ONEP-3315 DVV Connections profile "event history" EventAux shows password in plain text
- ONEP-3409 Duplicate SSN check not done when using REST for adding SSN to account
- ONEP-3416 Fix typo in "welcome new user" email: "passwordUri"
- ONEP-3440 SMS sender ID not correctly visible in user interface
- ONEP-3441 User EnterpriseInfo: Fails to produce diff when editing user, breaks webhook changed property listing
- ONEP-3444 Removing OIDC client's token fails if it is never-ending
- ONEP-3447 Fixed external login registration form auto-fill
- ONEP-3452 Fix UserDirectory swagger @Schema for namespace field
- ONEP-3455 Fix Kafka record deserialization problem
- ONEP-3478 Running some Unit Tests locally fails at ClusterScheduledTaskManager
Improvements
- ONEP-3317 Namespace REST-rajapintaan lisäyksiä
- ONEP-3319 Password/secret-field editing in UI to require extra step
- ONEP-3420 Improve logging of "failed" strong authentication (Personal ID already in use)
- ONEP-3439 Add possibility not to collect birthdates when asking adult-or-minor status
- ONEP-3457 SAML signature and encryption requirements are configurable
- ONEP-3470 Update Vaadin libraries
Release 5.4.0
Released 2024-03-15.
Improvements
- ONEP-3320 Allow more flexibility with Event Log retaining policy time limits
- ONEP-3323 Support new SSN separators in REST and UI search
Release 5.3.0
Released 2024-02-23.
New features
- ONEP-3289 Show MongoDB version, other useful info in Maintenance view
Bug fixes
- ONEP-3306 Fixed maintenance view system logs for docker installations
Improvements
- ONEP-3316 Add "Copy User ID to Clipboard" button to Accounts view
Customer specific
- ONEP-3298 Sale cancellation change
Release 5.2.0
Released 2024-01-29.
New features
- ONEP-3214 Collect address parts separately for DVV sourced addresses
- ONEP-3230 Ability to restrict signing in through OIDC client only to external directories
- ONEP-3270 Added REST API endpoint for sending password change request email
- ONEP-3276 Show ASN/country info where IP addresses are listed (such as SMS log) + add ip address to sms export
Bug fixes
- ONEP-3275 Used filters remain visible in accounts view on top bar after clearing filters
- ONEP-3278 Manual personal id entry window does not detect new Finnish id codes correctly
- ONEP-3281 Copying SMS routing plan does not work
- ONEP-3290 Fixed error handler servlet usage
Improvements
Customer specific
- ONEP-3283 salePlace field to erase call
Release 5.1.0
Released 2023-12-29.
New features
- ONEP-3221 OIDC Clients: Add option to always include claims in ID Token
Bug fixes
- ONEP-3153 Add performance monitoring to background operations
- ONEP-3241 Domicile visible in UI when protection order active.
Improvements
- ONEP-3188 REST API: Searching with 'co', 'sw', 'ew' filters is now case insensitive
- ONEP-3236 Improve performance of JWT signing process
- ONEP-3237 Move all API docs under
/apidocpath, remove ReDoc - ONEP-3250 DVV/MUTP: Remove "Product code" field from connection profiles
Customer specific
- ONEP-3232 Change to sale endpoint
Release 5.0.0
Released 2023-12-04.
This version uses Spring Boot 2.7 and Trivore Jetty is no longer used. RPM packaging is not supported anymore, only docker installation is supported.
Improvements
ONEP-3146 Spring boot: maven pom.xml changes
ONEP-3174 Remove and replace Spring context.xml files
ONEP-3175 Remove and replace web.xml and oneportal-context.xml
ONEP-3182 Create runnable spring boot jar file
ONEP-3186 Improve jetty access log
ONEP-3190 Removed all rpm packaging related code