v0.5.0

This release contains mandatory database migrations to support per-realm signing keys!

Changelog since v0.4.0

Changes

• /api/verify returns correct error codes now code_expired/code_invalid instead of token_invalid/token_expired (#339, @mikehelmick)
• Accept SMS codes for 2 factor auth (#301, @whaught)
• Add Cloud Identity to Terraform, remove firebase service account (no longer needed) (#315, @sethvargo)
• Add caching layer for users, API keys, and realms (#355, @sethvargo)
• Add formal specification of ens:// Resource Identifier (RI) schema (#259, @mikehelmick)
• Added a signout redirect back to login (#331, @whaught)
• Adds the capability of per-realm signing keys. There is a shared key ring in the backing KMS service for all keys, but each realm can have its own key on that key ring. The keys are entirely managed by the verification server. Upgrade process is built in. Realms can pre-create and distribute their per-realm key before switching to using it. Realm key rotation is built in for changing to a new key, destruction of old key material will be delivered in a subsequent release. (#330, @mikehelmick)
• Allow authorized apps to check code status (#343, @whaught)
• Allow for SMS enrollment (#299, @whaught)
• BUG FIX - check expiration correctly after verification code HMAC upgrade. (#278, @mikehelmick)
• Cache app and user stats (#318, @sethvargo)
• Calculate app and user statistics on save (#287, @sethvargo)
• Changed dependency on exposure-notifications-sever from v0.4.0 to v0.5.0 (#342, @mikehelmick)
• Create a custom create auth page (#302, @whaught)
• Create a new login page without firebaseUI (#270, @whaught)
• Create a phone registration page for 2nd factor auth (#290, @whaught)
• Enhancements to code issue page and flow (#300, @sethvargo)
• Fix data race in cleanup (#328, @sethvargo)
• Fixes the verfication flow chart in README. (#272, @yegle)
• HMAC verification codes in the database - this prevents someone with access to the database from (easily) retrieving the plaintext tokens (#258, @sethvargo)
• Make KMS key ring name configurable in Terraform (#334, @sethvargo)
• Move realm settings under admin menu (#364, @sethvargo)
• Optimized SQL for issuing verification codes. (#360, @mikehelmick)
• Page for email verification (#280, @whaught)
• Potentially breaking: Renamed pkg/signer to pkg/keys and renamed the interface from KeyManager to Manager (#281, @mikehelmick)
• Prompt the user for a 2nd factor (#320, @whaught)
• Proper content-type set on all HTTP responses. (#275, @mikehelmick)
• Remove the firebaseUI based login page (#288, @whaught)
• Require all users have verified email address to log-in (#284, @whaught)
• Sets cloud run request timeout for three main API services to 25s. (#336, @icco)
• Show countdown for code status. Format as list. (#368, @whaught)
• Support up to 10 characters in region code (#316, @sethvargo)
• Switch to JSON encoding for cacher, decouple cacher from database (#329, @sethvargo)
• The terraform module now requires Terraform 0.13 (#285, @icco)
• Turns on debug logging when running the migrate command through terraform (#262, @icco)
• Update login screen layout (#297, @sethvargo)
• Update ratelimiter package, add more logging (#269, @sethvargo)
• Update to firebase 7.14.5 (#279, @sethvargo)
• Upgrade to Go 1.15 (#277, @sethvargo)
• Upgrades dependencies (#271, @icco)

Dependencies

Added

• github.com/gomodule/redigo: v1.8.2
• github.com/jpillora/backoff: v1.0.0
• github.com/sethvargo/go-redisstore: v0.1.0

Changed

• cloud.google.com/go/firestore: v1.2.0 → v1.3.0
• contrib.go.opencensus.io/exporter/stackdriver: v0.13.1 → v0.13.3
• github.com/Azure/go-autorest/autorest/adal: v0.9.1 → v0.9.2
• github.com/Azure/go-autorest/autorest/azure/auth: v0.5.0 → v0.5.1
• github.com/Azure/go-autorest/autorest/mocks: v0.4.0 → v0.4.1
• github.com/Azure/go-autorest/autorest: v0.11.3 → v0.11.4
• github.com/aws/aws-sdk-go: v1.34.0 → v1.34.7
• github.com/census-instrumentation/opencensus-proto: v0.2.1 → v0.3.0
• github.com/google/exposure-notifications-server: ec15526 → v0.5.0
• github.com/google/uuid: v1.0.0 → v1.1.1
• github.com/grpc-ecosystem/grpc-gateway: v1.14.6 → v1.14.7
• github.com/jinzhu/gorm: v1.9.15 → v1.9.16
• github.com/julienschmidt/httprouter: v1.2.0 → v1.3.0
• github.com/mwitkow/go-conntrack: cc309e4 → 2f06839
• github.com/prometheus/common: [v0.10.0 → v0...

v0.4.0

This release contains mandatory database migrations.

This release adds an API to check status of issued codes, introduces dual length codes (short and long codes), and customaizable SMS settings in the UI.

Changelog since v0.3.2

Features

• CheckCodeStatus API allows user to check the status of an OTP code (#219, @whaught)
• Create a new html page to show the claim status of an OTP code (#227, @whaught)
• Include errors in CheckCodeStatusResponse (#235, @whaught)
• Make Firebase TOS and Privacy URLs configurable (#245, @sethvargo)
• Short and long verification codes issued at the same time. Long codes can be valid for up to 24 hours. Option to generate a SMS 'deeplink' to make it so the code doesn't need to be copied / retyped. Settings screen for realm settings. (#247, @mikehelmick)
• Support per-realm config of allowed test types (#241, @sethvargo)
• Support symptom date and test date in the UI (#236, @sethvargo)
• When clients are validating verification codes, they can provide a list of test types that they are willing to accept. The default is to accept all test types. (#254, @mikehelmick)

Fixes

• Fix inconsistency in ErrorReturn JSON structure (#239, @mikehelmick)
• Fix redirect loop when logging in with a non-existent user (#252, @sethvargo)
• Fixes the handler for the checkcodestatus endpoint (#242, @whaught)

Infrastructure

• Adds metrics for request rate limiting (#226, @icco)
• Allow configuring log level (default to INFO) (#246, @sethvargo)
• Allow migrations to succeed in the case a "default" realm already exists (#244, @sethvargo)
• Set encryption keys in initial Terraform migration (#230, @sethvargo)
• Turns on debug logging when running the migrate command through terraform (#262, @icco)
• Update to latest CSS framework version, make current realm more prominent (#251, @sethvargo)
• Use case-insensitive columns on unique fields (#243, @sethvargo)

Other

• Add model-level validations and inline HTML form error messages; new CRUD page for managing users (#233, @sethvargo)

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

v0.3.2

This release includes a fix for rate limiting to rate limit by the correct IP.

Changelog since v0.3.1

Rate limiting

• Rate limit by x-forwarded-for headers to get the real client IP
• The adminapi now uses RATE_LIMIT_TOKENS instead of RATE_LIMIT to define the limits
• IP addresses are hashed before stored in redis for limiting
• Each service has its own key namespace in the rate limiter to avoid clobbering (#221, @sethvargo)

Dependencies

Added

Nothing has changed.

Changed

• github.com/sethvargo/go-limiter: v0.3.0 → v0.3.1

Removed

Nothing has changed.

v0.3.1

This patch includes a critical fix for a migration that can fail if there are
existing verification codes in the database.

Changelog since v0.3.0

Database

• Update migrations to resolve secrets and fix broken migration for UUIDs on verification tokens (#218, @sethvargo

Dependencies

Added

Nothing has changed.

Changed

Nothing has changed.

Removed

Nothing has changed.

v0.3.0

WARNING: This release has a migration that will fail if existing verification codes are present in the database during migration. It also has a bug with rate limiting. You should use tag v0.3.2 (which fixes these issues.

This release introduces v2 API keys and security, logging, and observability
improvements.

Changelog since v0.2.1

Potentially breaking

• Environment variable configurable spelling fixes (#207, @whaught)
  • COLISSION_RETRY_COUNT -> COLLISION_RETRY_COUNT
  • SESSION_DUATION to SESSION_DURATION
• Introduce v2 API keys and switch to rate-limiting by realm instead of by key (#192, @sethvargo)

Infrastructure

• Allow customizing database backup location (defaults unchanged) (#195, @sethvargo)

Security

• Always reset render buffer before use. (#191, @sethvargo)
• Use Key Manager to encrypt SMS configurations (#190, @sethvargo)
  • Support providing a local key as the database encryption key for local development (#203, @sethvargo)

Other

• Adds a /healthz to all server binaries for healthchecking. (#196, @icco)
• Adds default request tracing and http metrics to all four servers. (#183, @icco)
• Allow configuring the rate limiter to succeed on backend connection failures (default unchanged) (#212, @sethvargo)
• Include ID in the issue VerificationCode response (#215, @whaught)
• Migrate to the main verification server's observability package. (#205, @sethvargo)
• Return UUID with verification tokens (#217, @sethvargo)
• Standardize known HTTP response codes on 400, 401, 404, 405, 429, and 5xx. (#214, @sethvargo)
• Use shared logging package, always configure a logger (#210, @sethvargo)
• Verification and certificate APIs have well defined error codes for localization on the client side. (#216, @mikehelmick)

Dependencies

Added

• github.com/PuerkitoBio/goquery: v1.5.1
• github.com/andybalholm/cascadia: v1.1.0
• github.com/nxadm/tail: v1.4.4
• github.com/sclevine/agouti: v3.0.0+incompatible

Changed

• cloud.google.com/go: v0.62.0 → v0.63.0
• github.com/Azure/azure-sdk-for-go: v44.2.0+incompatible → v45.1.0+incompatible
• github.com/Azure/go-autorest/autorest/adal: v0.9.0 → v0.9.1
• github.com/Azure/go-autorest/autorest: v0.11.2 → v0.11.3
• github.com/aws/aws-sdk-go: v1.33.16 → v1.34.0
• github.com/golang/mock: v1.4.3 → v1.4.4
• github.com/google/exposure-notifications-server: a6f48d9 → ec15526
• github.com/hashicorp/go-retryablehttp: v0.6.6 → v0.6.7
• github.com/jinzhu/gorm: v1.9.12 → v1.9.15
• github.com/lstoll/awskms: 9042d2a → a388516
• github.com/mattn/go-sqlite3: v2.0.1+incompatible → v1.14.0
• github.com/onsi/ginkgo: v1.12.0 → v1.13.0
• github.com/onsi/gomega: v1.9.0 → v1.10.1
• github.com/sethvargo/go-envconfig: v0.2.3 → v0.3.0
• github.com/sethvargo/go-limiter: v0.2.2 → v0.3.0
• golang.org/x/sys: 3e129f6 → 1030fc2
• golang.org/x/tools: b5fad4e → c05a0f5
• golang.org/x/xerrors: 9bdfabe → 5ec99f8
• google.golang.org/api: v0.29.0 → v0.30.0
• google.golang.org/genproto: 8145dea → a062522

Removed

Nothing has changed.

v0.2.1

Patch to v0.2 that fixes a bug that would return internal server error on certificate issue.

v0.2.0

Release notes for main

Changelog since

• DB Migrations Required!
• Responsive UX, mobile friendly
• ability to send SMS when generating code
• Verification server is now multi-tenant
• session cookies are not encrypted
• terraform supports ugprading deployments, including setting new envionment variables
• demo end 2 end command line, simulates client device
• improvements to internal rendering pipeline
• rate limiting improvements
• introduced ADMIN API server for integration code issuing w/ exiting systems
• change test date to sypmtom date
• Verification certificate claims now confirm to github.com/google/exposure-notificaitons-server V1 allowed claims. (#179, @mikehelmick)

Dependencies

Added

• bazil.org/fuse: 371fbbd
• github.com/Azure/go-autorest: v14.2.0+incompatible
• github.com/Knetic/govaluate: 9aa4983
• github.com/VividCortex/gohistogram: v1.0.0
• github.com/afex/hystrix-go: fa1af6a
• github.com/aryann/difflib: e206f87
• github.com/aws/aws-lambda-go: v1.13.3
• github.com/aws/aws-sdk-go-v2: v0.18.0
• github.com/casbin/casbin/v2: v2.1.2
• github.com/clbanning/x2j: 8252494
• github.com/codahale/hdrhistogram: 3a0bb77
• github.com/cpuguy83/go-md2man/v2: f79a8a8
• github.com/franela/goblin: c9ffbef
• github.com/franela/goreq: bcd34c9
• github.com/gogo/googleapis: v1.1.0
• github.com/google/mako: v0.2.0
• github.com/google/martian/v3: v3.0.0
• github.com/hudl/fargo: v1.3.0
• github.com/influxdata/influxdb1-client: 8bf82d3
• github.com/lightstep/lightstep-tracer-common/golang/gogo: bc2310a
• github.com/lightstep/lightstep-tracer-go: v0.18.1
• github.com/lyft/protoc-gen-validate: v0.0.13
• github.com/mikehelmick/go-chaff: v0.3.0
• github.com/nats-io/jwt: v0.3.2
• github.com/nats-io/nats-server/v2: v2.1.2
• github.com/nats-io/nats.go: v1.9.1
• github.com/nats-io/nkeys: v0.1.3
• github.com/nats-io/nuid: v1.0.1
• github.com/oklog/oklog: v0.3.2
• github.com/op/go-logging: 970db52
• github.com/opentracing-contrib/go-observer: a52f234
• github.com/opentracing/basictracer-go: v1.0.0
• github.com/opentracing/opentracing-go: v1.1.0
• github.com/openzipkin-contrib/zipkin-go-opentracing: v0.4.5
• github.com/pact-foundation/pact-go: v1.0.4
• github.com/pborman/uuid: v1.2.0
• github.com/performancecopilot/speed: v3.0.0+incompatible
• github.com/pkg/profile: v1.2.1
• github.com/russross/blackfriday/v2: v2.0.1
• github.com/sethvargo/go-limiter: v0.2.2
• github.com/sethvargo/go-retry: v0.1.0
• github.com/sethvargo/go-signalcontext: v0.1.0
• github.com/shurcooL/sanitized_anchor_name: v1.0.0
• github.com/sony/gobreaker: v0.4.1
• github.com/streadway/handy: d5acb31
• gopkg.in/airbrake/gobrake.v2: v2.0.9
• gopkg.in/gcfg.v1: v1.2.3
• gopkg.in/gemnasium/logrus-airbrake-hook.v2: v2.1.2
• gopkg.in/warnings.v0: v0.1.2
• sourcegraph.com/sourcegraph/appdash: ebfcffb

Changed

• cloud.google.com/go/storage: v1.8.0 → v1.10.0
• cloud.google.com/go: v0.58.0 → v0.62.0
• github.com/Azure/azure-sdk-for-go: v43.3.0+incompatible → v44.2.0+incompatible
• github.com/Azure/go-autorest/autorest/adal: v0.8.3 → v0.9.0
• github.com/Azure/go-autorest/autorest/azure/auth: v0.4.2 → v0.5.0
• github.com/Azure/go-autorest/autorest/azure/cli: v0.3.1 → v0.4.0
• github.com/Azure/go-autorest/autorest/date: v0.2.0 → v0.3.0
• github.com/Azure/go-autorest/autorest/mocks: v0.3.0 → v0.4.0
• github.com/Azure/go-autorest/autorest/to: v0.3.0 → v0.4.0
• github.com/Azure/go-autorest/autorest/validation: v0.2.0 → v0.3.0
• github.com/Azure/go-autorest/autorest: v0.10.2 → v0.11.2
• github.com/Azure/go-autorest/logger: v0.1.0 → v0.2.0
• github.com/Azure/go-autorest/tracing: v0.5.0 → v0.6.0
• github.com/Masterminds/semver: v1.4.2 → v1.5.0
• github.com/alecthomas/units: c3de453 → f65c72e
• github.com/apache/thrift: v0.12.0 → v0.13.0
• github.com/aws/aws-sdk-go: v1.32.7 → v1.33.16
• github.com/containerd/continuity: aaeac12 → efbc448
• github.com/denisenkom/go-mssqldb: 06a60b6 → b91950f
• github.com/edsrzf/mmap-go: 0bce6a6 → v1.0.0
• github.com/go-kit/kit: v0.9.0 → v0.10.0
• github.com/go-logfmt/logfmt: v0.4.0 → v0.5.0
• github.com/google/exposure-notifications-server: d2b23e8 → a6f48d9
• github.com/google/go-cmp: v0.5.0 → v0.5.1
• github.com/google/pprof: 427632f → 1a94d86
• github.com/json-iterator/go: v1.1.9 → v1.1.10
• github.com/klauspost/compress: v1.9.6 → v1.4.1
• github.com/klauspost/cpuid: v1.2.1 → v1.2.0
• github.com/lib/pq: v1.5.2 → v1.8.0
• github.com/mattn/go-colorable: v0.1.6 → v0.1.7
• github.com/mitchellh/mapstructure: v1.3.2 → v1.3.3
• github.com/opencontainers/go-digest: v1.0.0-rc1 → v1.0.0
• github.com/openzipkin/zipkin-go: v0.1.6 → v0.2.2
• github.com/prometheus/client_golang: v1.6.0 → v1.7.1
• github.com/prometheus/procfs: v0.0.11 → v0.1.3
• github.com/prometheus/statsd_exporter: v0.15.0 → v0.17.0
• github.com/samuel/go-zookeeper: c4fab1a → 2cc03de
• github.com/sethvargo/go-envconfig: [v0.1.1 → v0.2.3](sethvargo/go-envconfig@v0.1.1...v0....

v0.1

Checkpointing a version that is compatible with v0.1 of the Exposure Notifications Server -> https://github.com/google/exposure-notifications-server/