Appearance
ProAuth 2.1.25
This release focuses on strengthening the configuration architecture and enhancing native application support. Key improvements include a standardized configuration hierarchy, advanced Helm chart flexibility for enterprise environments, and support for custom URI schemes in OIDC redirections.
Configuration & Deployment
Advanced Configuration Precedence Infrastructure
Introduced "Safe Nullification" in Helm charts, allowing administrators to explicitly disable environment variables. This enables the application to fall back to settings defined in local JSON configuration files, resolving priority conflicts where Helm defaults previously overrode local overrides. (#2859)
Standardized Configuration Naming Infrastructure
Standardized the optional external configuration filename to appsettings.overrides.json to better align with .NET industry standards and improve the clarity of the configuration hierarchy. (#2859)
Unified Observability Helpers Infrastructure
Refactored observability settings—including OpenTelemetry, Zipkin, and logging levels—into a unified helper system within the Helm charts. This ensures identical environment variable patterns across the identity server, background workers, and database deployment jobs, simplifying cross-cluster monitoring. (#2859)
Enterprise-Grade Secret Management Infrastructure
Enhanced secret generation logic with explicit null-safety checks. If a secret value is set to null, the key is now omitted entirely rather than created as an empty string, preventing potential pod startup failures in Kubernetes. (#2859)
Identity & Access
Custom URI Scheme Support Core
Full support for custom URI schemes (e.g., myapp://, vscode://) in OIDC redirect URIs, facilitating seamless integration with mobile and desktop applications. Fully compliant with RFC 8252, this feature includes a JavaScript-based redirection fallback to bypass browser limitations with non-web protocols. (#2856)
Security
Platform Hardening Security
Updated internal NuGet packages, the .NET SDK, and container base images to the latest patch and minor versions. This routine maintenance incorporates upstream security fixes to ensure the platform remains secure and stable. (#2860)
Action Required
ACTION REQUIRED
Configuration File Renaming
If you are currently using the externalConfig feature to mount a custom JSON settings file, you must update your configuration to avoid fallback issues:
- Rename your file in your ConfigMap to
appsettings.overrides.json. - Alternatively, update your
values.yamlto explicitly map your existing key to the new filename:
yaml
externalConfig:
key: "appsettings.overwrites.json"
fileName: "appsettings.overrides.json"(#2859)
Platform Stability
- Selective Token Revocation: Improved the logout process to ensure that session termination is scoped to the initiating client. Previously, logging out of one application could inadvertently revoke refresh tokens for all other user applications. (#2857)
For more information, please refer to the Technical Documentation.